PRO-207 리눅스 명령어 30개 실습

by Master Seo

Jun 29. 2025

모의 문제 99개 확인

네트워크 생성

10.0.0.0/16

10.0.1.0/24

리눅스 서버 생성

UUID는 "Universally Unique Identifier"의 약자로, 전 세계적으로 유일한 식별자를 만들기 위한 표준 규약주로 분산 환경에서 중복되지 않는 ID를 생성해야 할 때 사용됩니다.

UUID 변경 명령어 = tune2fs

[root@oneday2 ~]# man tune2fs

TUNE2FS(8) System Manager's Manual TUNE2FS(8)

NAME

tune2fs - adjust tunable file system parameters on ext2/ext3/ext4 file systems

SYNOPSIS

tune2fs [ -l ] [ -c max-mount-counts ] [ -e errors-behavior ] [ -f ] [ -i interval-between-checks ] [ -I new_inode_size ] [ -j ] [ -J

journal-options ] [ -m reserved-blocks-percentage ] [ -o [^]mount-options[,...] ] [ -r reserved-blocks-count ] [ -u user ] [ -g group ]

[ -C mount-count ] [ -E extended-options ] [ -L volume-label ] [ -M last-mounted-directory ] [ -O [^]feature[,...] ] [ -Q quota-options

] [ -T time-last-checked ] [ -U UUID ] [ -z undo_file ] device

일반적인 시스템 로그 저장 파일 = /var/log/messages

[root@oneday2 log]# cd /var/log/

[root@oneday2 log]# more messages

Jun 29 00:00:00 oneday2 systemd[1]: Starting system activity accounting tool...

Jun 29 00:00:00 oneday2 systemd[1]: Starting Rotate log files...

Jun 29 00:00:00 oneday2 systemd[1]: sysstat-collect.service: Deactivated successfully.

Jun 29 00:00:00 oneday2 systemd[1]: Finished system activity accounting tool.

Jun 29 00:00:00 oneday2 systemd[1]: Reloading The Apache HTTP Server...

Jun 29 00:00:00 oneday2 httpd[194135]: AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 10.0.2.8. Set the 'ServerName'

directive globally to suppress this message

Jun 29 00:00:00 oneday2 systemd[1]: Reloaded The Apache HTTP Server.

Jun 29 00:00:00 oneday2 httpd[9882]: Server configured, listening on: port 80

Jun 29 00:00:00 oneday2 systemd[1]: rsyslog.service: Sent signal SIGHUP to main process 675 (rsyslogd) on client request.

Jun 29 00:00:00 oneday2 rsyslogd[675]: [origin software="rsyslogd" swVersion="8.2310.0-4.el9" x-pid="675" x-info="https://www.rsyslog.com"] rsyslogd was HUPed

Jun 29 00:00:00 oneday2 systemd[1]: logrotate.service: Deactivated successfully.

Jun 29 00:00:00 oneday2 systemd[1]: Finished Rotate log files.

# Too many open files 에러 조치

vi /etc/ sysctl.conf

[root@oneday2 log]# cd /etc

[root@oneday2 etc]# more sysctl.conf

# sysctl settings are defined through files in

# /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.

# Vendors settings live in /usr/lib/sysctl.d/.

# To override a whole file, create a new file with the same in

# /etc/sysctl.d/ and put new settings there. To override

# only specific settings, add a file with a lexically later

# name in /etc/sysctl.d/ and put new settings there.

# For more information, see sysctl.conf(5) and sysctl.d(5).

#NCP Sec

net.ipv4.icmp_echo_ignore_broadcasts = 1

net.ipv4.tcp_syncookies = 1

net.ipv4.icmp_ignore_bogus_error_responses = 1

net.ipv4.conf.all.rp_filter = 1

net.ipv4.conf.all.log_martians = 1

net.ipv4.conf.all.accept_redirects = 0

net.ipv4.conf.all.accept_source_route = 0

#IPv6 Disable

net.ipv6.conf.all.disable_ipv6 = 1

net.ipv6.conf.default.disable_ipv6 = 1

net.ipv6.conf.lo.disable_ipv6 = 1

[root@oneday2 etc]# ulimit -a

real-time non-blocking time (microseconds, -R) unlimited

core file size (blocks, -c) 0

data seg size (kbytes, -d) unlimited

scheduling priority (-e) 0

file size (blocks, -f) unlimited

pending signals (-i) 14469

max locked memory (kbytes, -l) 8192

max memory size (kbytes, -m) unlimited

open files (-n) 1024

pipe size (512 bytes, -p) 8

POSIX message queues (bytes, -q) 819200

real-time priority (-r) 0

stack size (kbytes, -s) 8192

cpu time (seconds, -t) unlimited

max user processes (-u) 14469

virtual memory (kbytes, -v) unlimited

file locks (-x) unlimited

[root@oneday2 etc]#

# 설정 변경 파일

cat /etc/security/limits.conf

36956

# 프로세스가 오픈한 파일 확인하는 명령어 = lsof

[root@oneday2 ssh]# lsof

COMMAND PID TID TASKCMD USER FD TYPE DEVICE SIZE/OFF NODE NAME

systemd 1 root cwd DIR 253,2 268 128 /

systemd 1 root rtd DIR 253,2 268 128 /

systemd 1 root txt REG 253,2 98224 9478975 /usr/lib/systemd/systemd

# 열린 파일 개수 확인 = lsof | wc -l

lsof | wc -l

36956

# 시스템 전체의 파일 디스크립터 제한을 늘리려면 vi /etc/sysctl.conf

fs.file-max = 2097152

sysctl -p

# 시스템 부팅 메시지 = dmesg

[root@oneday2 log]# dmesg

[ 0.000000] Linux version 5.14.0-503.16.1.el9_5.x86_64 (mockbuild@iad1-prod-build001.bld.equ.rockylinux.org) (gcc (GCC) 11.5.0 20240719 (Red Hat 11.5.0-2), GNU ld version 2.35.2-54.el9) #1 SMP PREEMPT_DYNAMIC Wed Dec 11 19:09:50 UTC 2024

[ 0.000000] The list of certified hardware and cloud instances for Enterprise Linux 9 can be viewed at the Red Hat Ecosystem Catalog, https://catalog.redhat.com.

[ 0.000000] Command line: BOOT_IMAGE=(hd0,msdos1)/vmlinuz-5.14.0-503.16.1.el9_5.x86_64 root=UUID=10e4de67-504e-4881-969f-efc70eede0e0 ro net.ifnames=0 biosdevname=0 console=ttyS0,115200n8 console=tty0 crashkernel=1G-4G:192M,4G-64G:256M,64G-:512M

[ 0.000000] BIOS-provided physical RAM map:

[ 0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009fbff] usable

[ 0.000000] BIOS-e820: [mem 0x000000000009fc00-0x000000000009ffff] reserved

[ 0.000000] BIOS-e820: [mem 0x00000000000f0000-0x00000000000fffff] reserved

[ 0.000000] BIOS-e820: [mem 0x0000000000100000-0x000000007ffdcfff] usable

[ 0.000000] BIOS-e820: [mem 0x000000007ffdd000-0x000000007fffffff] reserved

[ 0.000000] BIOS-e820: [mem 0x00000000b0000000-0x00000000bfffffff] reserved

[ 0.000000] BIOS-e820: [mem 0x00000000fed1c000-0x00000000fed1ffff] reserved

[ 0.000000] BIOS-e820: [mem 0x00000000feffc000-0x00000000feffffff] reserved

[ 0.000000] BIOS-e820: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved

[ 0.000000] BIOS-e820: [mem 0x0000000100000000-0x000000017fffffff] usable

[ 0.000000] BIOS-e820: [mem 0x000000fd00000000-0x000000ffffffffff] reserved

[ 0.000000] NX (Execute Disable) protection: active

[ 0.000000] APIC: Static calls initialized

[ 0.000000] SMBIOS 2.8 present.

[ 0.000000] DMI: NAVERCloud c2-g3a;HIGH_CPU/c2-g3a;HIGH_CPU, BIOS GEN3;HIGH_CPU

[ 0.000000] Hypervisor detected: KVM

[ 0.000000] kvm-clock: Using msrs 4b564d01 and 4b564d00

[ 0.000000] kvm-clock: using sched offset of 11383009007 cycles

# 외부에서 접근 시도 로그 = /var/log/secure

[root@oneday2 log]# pwd

/var/log

리눅스 보안 로그

[root@oneday2 log]# more secure

Jun 29 00:02:26 oneday2 sshd[194377]: Invalid user user from 111.70.23.246 port 59161

Jun 29 00:02:26 oneday2 sshd[194377]: pam_unix(sshd:auth): check pass; user unknown

Jun 29 00:02:26 oneday2 sshd[194377]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruse

r= rhost=111.70.23.246

Jun 29 00:02:28 oneday2 sshd[194377]: Failed password for invalid user user from 111.70.23.246 port 59161 ssh2

Jun 29 00:02:29 oneday2 sshd[194377]: Connection closed by invalid user user 111.70.23.246 port 59161 [preauth]

Jun 29 00:06:43 oneday2 sshd[194462]: Invalid user ubnt from 65.20.191.12 port 60022

Jun 29 00:06:43 oneday2 sshd[194462]: pam_unix(sshd:auth): che

init script log 는 ? = /var/log/ncloud-init.log

[root@oneday2 log]# cd /var/log/

[root@oneday2 log]# more ncloud-init.log

--2025-06-22 15:55:09-- http://init.ncloud.com/server/linux/repo/rocky8/Rocky-Extras.repo

Resolving init.ncloud.com (init.ncloud.com)... 169.254.80.160, 169.254.1.5

Connecting to init.ncloud.com (init.ncloud.com)|169.254.80.160|:80... connected.

HTTP request sent, awaiting response... 200 OK

Length: 687

Saving to: ‘/etc/yum.repos.d/Rocky-Extras.repo’

0K 100% 168M=0s

2025-06-22 15:55:09 (168 MB/s) - ‘/etc/yum.repos.d/Rocky-Extras.repo’ saved [687/687]

Repository extras is listed more than once in the configuration

0 files removed

Repository extras is listed more than once in the configuration

Rocky Linux 9 - Extras 768 kB/s | 16 kB 00:00

Rocky Linux 9 - BaseOS 46 MB/s | 2.5 MB 00:00

Rocky Linux 9 - AppStream 15 MB/s | 9.6 MB 00:00

Dependencies resolved.

su - root = 환경 변수 가져오며 ROOT로 변경

[root@oneday2 log]# su root

[root@oneday2 log]# su - root

네트워크 트래픽 확인 명령어 = netstat -i , ifconfig

[root@oneday2 ~]# netstat -i

Kernel Interface table

Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg

eth0 1500 770146 0 0 0 627736 0 0 0 BMRU

lo 65536 0 0 0 0 0 0 0 0 LRU

[root@oneday2 ~]# ifconfig

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500

inet 10.0.2.8 netmask 255.255.255.0 broadcast 10.0.2.255

ether f2:20:af:8a:67:79 txqueuelen 1000 (Ethernet)

RX packets 770176 bytes 380883458 (363.2 MiB)

RX errors 0 dropped 0 overruns 0 frame 0

TX packets 627760 bytes 146940190 (140.1 MiB)

TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536

inet 127.0.0.1 netmask 255.0.0.0

loop txqueuelen 1000 (Local Loopback)

RX packets 0 bytes 0 (0.0 B)

RX errors 0 dropped 0 overruns 0 frame 0

TX packets 0 bytes 0 (0.0 B)

TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

[root@oneday2 ~]# netconfig

-bash: netconfig: command not found

[root@oneday2 ~]# nework

-bash: nework: command not found

리눅스에서 5번 ping 하기? = ping -c 5

[root@oneday2 ~]# ping 1.1.1.1 -c 5

PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data.

64 bytes from 1.1.1.1: icmp_seq=1 ttl=58 time=2.86 ms

64 bytes from 1.1.1.1: icmp_seq=2 ttl=58 time=2.39 ms

64 bytes from 1.1.1.1: icmp_seq=3 ttl=58 time=2.35 ms

64 bytes from 1.1.1.1: icmp_seq=4 ttl=58 time=2.31 ms

64 bytes from 1.1.1.1: icmp_seq=5 ttl=58 time=2.35 ms

--- 1.1.1.1 ping statistics ---

5 packets transmitted, 5 received, 0% packet loss, time 4006ms

rtt min/avg/max/mdev = 2.311/2.451/2.863/0.207 ms

[root@oneday2 ~]# ping 1.1.1.1 -n 5

PING 5 (0.0.0.5) 56(124) bytes of data.

disk io = sar -b

[root@oneday2 ~]# sar -b

Linux 5.14.0-503.16.1.el9_5.x86_64 (oneday2) 06/29/2025 _x86_64_ (2 CPU)

12:00:00 AM tps rtps wtps dtps bread/s bwrtn/s bdscd/s

12:10:00 AM 0.44 0.00 0.44 0.00 0.11 8.73 0.00

12:20:07 AM 0.28 0.00 0.28 0.00 0.00 3.58 0.00

12:30:07 AM 0.36 0.00 0.36 0.00 0.00 4.44 0.00

12:40:00 AM 0.32 0.00 0.32 0.00 0.00 4.13 0.00

12:50:08 AM 0.32 0.00 0.32 0.00 0.00 4.20 0.00

01:00:09 AM 0.28 0.00 0.28 0.00 0.00 3.65 0.00

01:10:00 AM 0.30 0.00 0.30 0.00 0.00 3.98 0.00

01:20:00 AM 0.36 0.00 0.36 0.00 0.00 4.29 0.00

01:30:01 AM 0.36 0.00 0.36 0.00 0.00 4.57 0.00

01:40:00 AM 0.30 0.00 0.30 0.00 0.00 4.09 0.00

01:50:00 AM 0.29 0.00 0.29 0.00 0.00 3.76 0.00

02:00:00 AM 0.28 0.00 0.28 0.00 0.00 3.83 0.00

02:10:00 AM 0.32 0.00 0.32 0.00 0.00 4.19 0.00

02:20:00 AM 0.29 0.00 0.29 0.00 0.00 3.79 0.00

02:30:00 AM 0.26 0.00 0.26 0.00 0.00 3.40 0.00

02:40:00 AM 0.20 0.00 0.20 0.00 0.00 2.91 0.00

UUID 확인 = blkid

[root@oneday2 ~]# blkid

/dev/vda2: UUID="10e4de67-504e-4881-969f-efc70eede0e0" TYPE="xfs" PARTUUID="b1544ca3-02"

/dev/vda1: UUID="e503f8a0-763c-4643-b682-2db3e798f0ab" TYPE="xfs" PARTUUID="b1544ca3-01"

메모리 사용량 = top , sar , free

[root@oneday2 ~]# top

top - 12:14:38 up 6 days, 20:19, 1 user, load average: 0.00, 0.00, 0.00

Tasks: 143 total, 1 running, 142 sleeping, 0 stopped, 0 zombie

%Cpu(s): 0.0 us, 0.0 sy, 0.0 ni,100.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st

MiB Mem : 3656.6 total, 2300.3 free, 727.6 used, 959.4 buff/cache

MiB Swap: 0.0 total, 0.0 free, 0.0 used. 2929.1 avail Mem

PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND

1 root 20 0 171116 14336 9856 S 0.0 0.4 0:31.90 systemd

2 root 20 0 0 0 0 S 0.0 0.0 0:00.06 kthreadd

3 root 20 0 0 0 0 S 0.0 0.0 0:00.00 pool_workqueue_

4 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 kworker/R-rcu_g

5 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 kworker/R-rcu_p

[root@oneday2 ~]# sar

Linux 5.14.0-503.16.1.el9_5.x86_64 (oneday2) 06/29/2025 _x86_64_ (2 CPU)

12:00:00 AM CPU %user %nice %system %iowait %steal %idle

12:10:00 AM all 0.10 0.00 0.08 0.00 0.00 99.81

12:20:07 AM all 0.10 0.00 0.07 0.00 0.00 99.82

12:30:07 AM all 0.10 0.00 0.08 0.00 0.00 99.82

[root@oneday2 ~]# free

total used free shared buff/cache available

Mem: 3744388 745024 2355548 60360 982388 2999364

Swap: 0 0 0

[root@oneday2 ~]# meminfo

-bash: meminfo: command not found

새로운 UUID 생성 = uuidgen

[root@oneday2 ~]# uuidgen

97258a81-5df1-461a-b4d8-3a6bfe22f690

리소스 관련 모든 정보 확인, CPU, MEM , DISK IO 확인 = sar -A

[root@oneday2 ~]# sar -A

Linux 5.14.0-503.16.1.el9_5.x86_64 (oneday2) 06/29/2025 _x86_64_ (2 CPU)

12:00:00 AM CPU %usr %nice %sys %iowait %steal %irq %soft %guest %gnice %idle

12:10:00 AM all 0.10 0.00 0.08 0.00 0.00 0.00 0.00 0.00 0.00 99.81

12:10:00 AM 0 0.10 0.00 0.08 0.00 0.00 0.00 0.00 0.00 0.00 99.82

12:10:00 AM 1 0.10 0.00 0.09 0.00 0.00 0.00 0.00 0.00 0.00 99.81

12:20:07 AM all 0.10 0.00 0.07 0.00 0.00 0.00 0.00 0.00 0.00 99.82

12:20:07 AM 0 0.09 0.00 0.07 0.00 0.00 0.00 0.00 0.00 0.00 99.84

12:20:07 AM 1 0.11 0.00 0.08 0.00 0.00 0.00 0.00 0.00 0.00 99.81

12:30:07 AM all 0.10 0.00 0.08 0.00 0.00 0.00 0.00 0.00 0.00 99.82

12:30:07 AM 0 0.10 0.00 0.07 0.00 0.00 0.00 0.00 0.00 0.00 99.83

12:30:07 AM 1 0.11 0.00 0.08 0.00 0.00 0.00 0.00 0.00 0.00 99.81

12:40:00 AM all 0.10 0.00 0.07 0.00 0.00 0.00 0.00 0.00 0.00 99.83

어느 CPU가 100% 사용. 어떤 파일 사용인지 확인 = top

[root@oneday2 ~]# top

top - 12:19:08 up 6 days, 20:24, 1 user, load average: 0.00, 0.00, 0.00

Tasks: 142 total, 1 running, 141 sleeping, 0 stopped, 0 zombie

%Cpu(s): 0.2 us, 0.0 sy, 0.0 ni, 99.8 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st

MiB Mem : 3656.6 total, 2309.2 free, 718.7 used, 959.4 buff/cache

MiB Swap: 0.0 total, 0.0 free, 0.0 used. 2938.0 avail Mem

PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND

1 root 20 0 171116 14336 9856 S 0.0 0.4 0:31.92 systemd

2 root 20 0 0 0 0 S 0.0 0.0 0:00.06 kthreadd

3 root 20 0 0 0 0 S 0.0 0.0 0:00.00 pool_workqueue_

4 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 kworker/R-rcu_g

5 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 kworker/R-rcu_p

6 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 kworker/R-slub_

7 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 kworker/R-netns

9 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 kworker/0:0H-events_highpri

사용중인 파일 리소스 확인, 옵션값에 대한 확인 = lsof -h

[root@oneday2 ~]# lsof -h

lsof 4.94.0

latest revision: https://github.com/lsof-org/lsof

latest FAQ: https://github.com/lsof-org/lsof/blob/master/00FAQ

latest (non-formatted) man page: https://github.com/lsof-org/lsof/blob/master/Lsof.8

usage: [-?abhKlnNoOPRtUvVX] [+|-c c] [+|-d s] [+D D] [+|-E] [+|-e s] [+|-f[gG]]

[-F [f]] [-g [s]] [-i [i]] [+|-L [l]] [+m [m]] [+|-M] [-o [o]] [-p s]

[+|-r [t]] [-s [p:s]] [-S [t]] [-T [t]] [-u s] [+|-w] [-x [fl]] [--] [names]

Defaults in parentheses; comma-separated set (s) items; dash-separated ranges.

-?|-h list help -a AND selections (OR) -b avoid kernel blocks

-c c cmd c ^c /c/[bix] +c w COMMAND width (9) +d s dir s files

-d s select by FD set +D D dir D tree *SLOW?* +|-e s exempt s *RISKY*

-i select IPv[46] files -K [i] list|(i)gn tasKs -l list UID numbers

-n no host names -N select NFS files -o list file offset

-O no overhead *RISKY* -P no port names -R list paRent PID

-s list file size -t terse listing -T disable TCP/TPI info

-U select Unix socket -v list version info -V verbose search

+|-w Warnings (+) -X skip TCP&UDP* files -Z Z context [Z]

-- end option scan

-E display endpoint info +E display endpoint info and files

+f|-f +filesystem or -file names +|-f[gG] flaGs

-F [f] select fields; -F? for help

+|-L [l] list (+) suppress (-) link counts < l (0 = all; default = 0)

+m [m] use|create mount supplement

+|-M portMap registration (-) -o o o 0t offset digits (8)

-p s exclude(^)|select PIDs -S [t] t second stat timeout (15)

-T fqs TCP/TPI Fl,Q,St (s) info

-g [s] exclude(^)|select and print process group IDs

-i i select by IPv[46] address: [46][proto][@host|addr][:svc_list|port_list]

+|-r [t[m<fmt>]] repeat every t seconds (15); + until no files, - forever.

An optional suffix to t is m<fmt>; m must separate t from <fmt> and

<fmt> is an strftime(3) format for the marker line.

-s p:s exclude(^)|select protocol (p = TCP|UDP) states by name(s).

-u s exclude(^)|select login|UID set s

-x [fl] cross over +d|+D File systems or symbolic Links

names select named files or files on named file systems

Anyone can list all files; /dev warnings disabled; kernel ID check disabled.

[root@oneday2 ~]# lsof

COMMAND PID TID TASKCMD USER FD TYPE DEVICE SIZE/OFF NODE NAME

systemd 1 root cwd DIR 253,2 268 128 /

systemd 1 root rtd DIR 253,2 268 128 /

systemd 1 root txt REG 253,2 98224 9478975 /usr/lib/systemd/systemd

systemd 1 root mem REG 253,2 44784 8568501 /usr/lib64/libffi.so.8.1.0

systemd 1 root mem REG 253,2 153600 8568505 /usr/lib64/libgpg-error.so.0.32.0

systemd 1 root mem REG 253,2 636848 8568432 /usr/lib64/libpcre2-8.so.0.11.0

systemd 1 root mem REG 253,2 102552 8568273 /usr/lib64/libz.so.1.2.11

systemd 1 root mem REG 253,2 914360 8567668 /usr/lib64/libm.so.6

systemd 1 root mem REG 253,2 882384 8568397

패킷 덤프 = tcpdump

[root@oneday2 ~]# tcpdump

dropped privs to tcpdump

tcpdump: verbose output suppressed, use -v[v]... for full protocol decode

listening on eth0, link-type EN10MB (Ethernet), snapshot length 262144 bytes

12:24:21.349201 IP oneday2.ssh > 1.232.59.160.7211: Flags [P.], seq 3789586233:3789586313, ack 4210520303, win 1413, length 80

12:24:21.349240 IP oneday2.ssh > 1.232.59.160.7211: Flags [P.], seq 80:144, ack 1, win 1413, length 64

12:24:21.349311 IP oneday2.ssh > 1.232.59.160.7211: Flags [P.], seq 144:272, ack 1, win 1413, length 128

12:24:21.349334 IP oneday2.ssh > 1.232.59.160.7211: Flags [P.], seq 272:336, ack 1, win 1413, length 64

12:24:21.349358 IP oneday2.ssh > 1.232.59.160.7211: Flags [P.], seq 336:416, ack 1, win 1413, length 80

12:24:21.349379 IP oneday2.ssh > 1.232.59.160.7211: Flags [P.], seq 416:496, ack 1, win 1413, length 80

12:24:21.349401 IP oneday2.ssh > 1.232.59.160.7211: Flags [P.], seq 496:576, ack 1, win 1413, length 80

12:24:21.349420 IP oneday2.ssh > 1.232.59.160.7211: Flags [P.], seq 576:640, ack 1, win 1413, length 64

12:24:21.356629 IP 1.232.59.160.7211 > oneday2.ssh: Flags [.], ack 144, win 65533, length 0

12:24:21.356677 IP 1.232.59.160.7211 > oneday2.ssh: Flags [.], ack 336, win 65532, length 0

12:24:21.356677 IP 1.232.59.160.7211 > oneday2.ssh: Flags [.], ack 576, win 65531, length 0

12:24:21.356678 IP 1.232.59.160.7211 > oneday2.ssh: Flags [.], ack 640, win 65531, length 0

12:24:21.442436 IP oneday2.44216 > 169.254.169.53.domain: 17394+ PTR? 160.59.232.1.in-addr.arpa. (43)

12:24:21.444388 IP 169.254.169.53.domain > oneday2.44216: 17394 NXDomain 0/1/0 (122)

12:24:21.444749 IP oneday2.38266 > 169.254.169.53.domain: 5301+ PTR? 8.2.0.10.in-addr.arpa. (39)

12:24:21.445147 IP 169.254.169.53.domain > oneday2.38266: 5301 NXDomain* 0/1/0 (89)

12:24:21.445378 IP oneday2.ssh > 1.232.59.160.7211: Flags [P.], seq 640:1936, ack 1, win 1413, length 1296

12:24:21.510650 IP 1.232.59.160.7211 > oneday2.ssh: Flags [.], ack 1936, win 65535, length 0

12:24:21.546287 IP oneday2.54226 > 169.254.169.53.domain: 2489+ PTR? 53.169.254.169.in-addr.arpa. (45)

12:24:21.546670 IP 169.254.169.53.domain > oneday2.54226: 2489 NXDomain* 0/1/0 (100)

12:24:21.546890 IP oneday2.ssh > 1.232.59.160.7211: Flags [P.], seq 1936:2176, ack 1, win 1413, length 240

12:24:21.546902 IP oneday2.ssh > 1.232.59.160.7211: Flags [P.], seq 2176:2624, ack 1, win 1413, length 448

DNS 캐시 데몬 = nscd

"Name Service Cache Daemon"

리눅스 서버의 보안 테이블 = iptables

보안 테이블 보기 = iptables -L

[root@oneday2 etc]# iptables -L

Chain INPUT (policy ACCEPT)

target prot opt source destination

Chain FORWARD (policy ACCEPT)

target prot opt source destination

Chain OUTPUT (policy ACCEPT)

target prot opt source destination

보안 테이블 삭제하기 = iptables -F

[root@oneday2 etc]# iptables -h

iptables v1.8.10 (nf_tables)

Usage: iptables -[ACD] chain rule-specification [options]

iptables -I chain [rulenum] rule-specification [options]

iptables -R chain rulenum rule-specification [options]

iptables -D chain rulenum [options]

iptables -[LS] [chain [rulenum]] [options]

iptables -[FZ] [chain] [options]

iptables -[NX] chain

iptables -E old-chain-name new-chain-name

iptables -P chain target [options]

iptables -h (print this help information)

Commands:

Either long or short options are allowed.

--append -A chain Append to chain

--check -C chain Check for the existence of a rule

--delete -D chain Delete matching rule from chain

--delete -D chain rulenum

Delete rule rulenum (1 = first) from chain

--insert -I chain [rulenum]

Insert in chain as rulenum (default 1=first)

--replace -R chain rulenum

Replace rule rulenum (1 = first) in chain

--list -L [chain [rulenum]]

List the rules in a chain or all chains

--list-rules -S [chain [rulenum]]

Print the rules in a chain or all chains

--flush -F [chain] Delete all rules in chain or all chains

로그에 대해 삭제, 관리해주는 유틸 = logrotate

[root@oneday2 etc]# logrotate

/usr/sbin/logrotate

[root@oneday2 etc]# /usr/sbin/logrotate

This may be freely redistributed under the terms of the GNU General Public License

[root@oneday2 etc]# more /etc/logrotate.conf

# see "man logrotate" for details

# global options do not affect preceding include directives

# rotate log files weekly

weekly

# keep 4 weeks worth of backlogs

rotate 4

# create new (empty) log files after rotating old ones

create

로그를 수입하는 데몬 = syslog 514/udp

cd /etc

[root@oneday2 etc]# more services |grep syslog

syslog 514/udp

아파치 웹서버 성능 테스트 툴 Ab = 프록시 사용 옵션은 -x

[root@oneday2 etc]# ab

ab: wrong number of arguments

Usage: ab [options] [http[s]://]hostname[:port]/path

Options are:

-n requests Number of requests to perform

-c concurrency Number of multiple requests to make at a time

-t timelimit Seconds to max. to spend on benchmarking

This implies -n 50000

-s timeout Seconds to max. wait for each response

Default is 30 seconds

-b windowsize Size of TCP send/receive buffer, in bytes

-B address Address to bind to when making outgoing connections

-p postfile File containing data to POST. Remember also to set -T

-u putfile File containing data to PUT. Remember also to set -T

-T content-type Content-type header to use for POST/PUT data, eg.

'application/x-www-form-urlencoded'

Default is 'text/plain'

-v verbosity How much troubleshooting info to print

-w Print out results in HTML tables

-i Use HEAD instead of GET

-x attributes String to insert as table attributes

-y attributes String to insert as tr attributes

-z attributes String to insert as td or th attributes

-C attribute Add cookie, eg. 'Apache=1234'. (repeatable)

-H attribute Add Arbitrary header line, eg. 'Accept-Encoding: gzip'

Inserted after all normal header lines. (repeatable)

-A attribute Add Basic WWW Authentication, the attributes

are a colon separated username and password.

-P attribute Add Basic Proxy Authentication, the attributes

are a colon separated username and password.

-X proxy:port Proxyserver and port number to use

리눅스 경로 확인 프로그램 = traceroute

[root@oneday2 etc]# traceroute 1.1.1.1

traceroute to 1.1.1.1 (1.1.1.1), 30 hops max, 60 byte packets

1 * * *

2 10.217.21.145 (10.217.21.145) 1.884 ms 10.217.11.81 (10.217.11.81) 1.968 ms 10.217.11.145 (10.217.11.145) 2.022 ms

3 * 10.217.1.90 (10.217.1.90) 1.406 ms 10.217.1.154 (10.217.1.154) 2.812 ms

4 10.22.80.85 (10.22.80.85) 2.266 ms 10.22.80.81 (10.22.80.81) 1.969 ms 10.22.80.85 (10.22.80.85) 2.280 ms

5 128.134.40.181 (128.134.40.181) 1.787 ms * 2.029 ms

6 * * 218.145.42.210 (218.145.42.210) 2.037 ms

7 * * *

8 218.145.42.174 (218.145.42.17

포트 스캔하는 툴 = nmap

[root@oneday2 etc]# yum install -y nmap

[root@oneday2 etc]# nmap

Nmap 7.92 ( https://nmap.org )

Usage: nmap [Scan Type(s)] [Options] {target specification}

TARGET SPECIFICATION:

Can pass hostnames, IP addresses, networks, etc.

Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0-255.1-254

-iL <inputfilename>: Input from list of hosts/networks

-iR <num hosts>: Choose random targets

--exclude <host1[,host2][,host3],...>: Exclude hosts/networks

--excludefile <exclude_file>: Exclude list from file

HOST DISCOVERY:

-sL: List Scan - simply list targets to scan

-sn: Ping Scan - disable port scan

-Pn: Treat all hosts as online -- skip host discovery

-PS/PA/PU/PY[portlist]: TCP SYN/ACK, UDP or SCTP discovery to given ports

-PE/PP/PM: ICMP echo, timestamp, and netmask request discovery probes

-PO[protocol list]: IP Protocol Ping

-n/-R: Never do DNS resolution/Always resolve [default: sometimes]

root로 전환하는 명령여 = su - root

[root@oneday2 etc]# sudo - root

sudo: -: command not found

[root@oneday2 etc]# su - root

[root@oneday2 ~]#

리눅스 서버 에 연결 커넥트 개수 확인 = netstat

[root@oneday2 ~]# netstat -tnl

Active Internet connections (only servers)

Proto Recv-Q Send-Q Local Address Foreign Address State

tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN

tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN

tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN

tcp6 0 0 :::3306 :::* LISTEN

tcp6 0 0 :::111 :::* LISTEN

tcp6 0 0 :::22 :::* LISTEN

[root@oneday2 ~]#

ssh root 계정 로그인 제한 = PermitRootLogin

[root@oneday2 ssh]# cd /etc/ssh

[root@oneday2 ssh]# more sshd_config

# $OpenBSD: sshd_config,v 1.104 2021/07/02 05:11:21 dtucker Exp $

# This is the sshd server system-wide configuration file. See

# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin

# The strategy used for options in the default sshd_config shipped with

# OpenSSH is to specify options with their default value where

# possible, but leave them commented. Uncommented options override the

# default value.

# To modify the system-wide sshd configuration, create a *.conf file under

# /etc/ssh/sshd_config.d/ which will be automatically included below

Include /etc/ssh/sshd_config.d/*.conf

# If you want to change the port on a SELinux system, you have to tell

# SELinux about this change.

# semanage port -a -t ssh_port_t -p tcp #PORTNUMBER

#Port 22

#AddressFamily any

#ListenAddress 0.0.0.0

#ListenAddress ::

#HostKey /etc/ssh/ssh_host_rsa_key

#HostKey /etc/ssh/ssh_host_ecdsa_key

#HostKey /etc/ssh/ssh_host_ed25519_key

# Ciphers and keying

#RekeyLimit default none

# Logging

#SyslogFacility AUTH

#LogLevel INFO

# Authentication:

#LoginGraceTime 2m

#PermitRootLogin prohibit-password

#StrictModes yes

#MaxAuthTries 6

#MaxSessions 10

# 프로세스가 오픈한 파일 확인하는 명령어 = lsof

[root@oneday2 ssh]# lsof

COMMAND PID TID TASKCMD USER FD TYPE DEVICE SIZE/OFF NODE NAME

systemd 1 root cwd DIR 253,2 268 128 /

systemd 1 root rtd DIR 253,2 268 128 /

systemd 1 root txt REG 253,2 98224 9478975 /usr/lib/systemd/systemd

서버에 로그온한 기록 확인 하는 명령어 = last

last login 이라고 함

[root@oneday2 ssh]# last

root pts/0 1.232.59.160 Sun Jun 29 08:55 still logged in

root pts/1 210.99.111.21 Mon Jun 23 15:59 - 15:59 (00:00)

root pts/0 210.99.111.21 Mon Jun 23 15:16 - 15:59 (00:43)

root pts/0 1.232.59.160 Sun Jun 22 16:07 - 21:10 (05:03)

reboot system boot 5.14.0-503.16.1. Sun Jun 22 15:54 still running

wtmp begins Thu Dec 26 13:58:12 2024

[root@oneday2 ssh]#

도메인에 매칭된 ip 확인하는 명령어 = nslookup

[root@oneday2 ssh]# nslookup

> www.korea.com

Server: 169.254.169.53

Address: 169.254.169.53#53

https://brunch.co.kr/@topasvga/4693

PRO-207 Windows 명령어 실습

1 ping -n 5 -i 2 1.1.1.1 의미 = 5번 ping 하고, TTL 은 2로 1.1.1.1 로 보내라. C:\Users\User>ping 사용법: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS] [-r count] [-s count] [[-j host-list]

https://brunch.co.kr/@topasvga/4693

감사합니다.

keyword

Master Seo 소속 클라우드전문가카페 직업 엔지니어

전) 네이버 엔지니어 7년, 네이버 클라우드 공인강사,마스터, PRO , AWS아키프로, Google프로아키, Azure어드민, CCNP, 맛집,여행 전문가, 좋은 기운을 주는사람

구독자 2,546

매거진의 이전글19.네이버 클라우드 리소스 삭제(PRO) 네이버 클라우드 NCP Pro-2022매거진의 다음글