Linux

Setting up the Debian Kali Linux distro to perform penetration testing of your systems

March 7, 2018 by Simon

This post will show you how to setup the Kali Linux distro to perform penetration testing of your systems

I have a number of guides on moving hasting away form CPanel, Setting up VM’s on AWS, Vultr or Digital Ocean along with installing and managing WordPress from the command line. Securing your systems is very important (don’t stop) and keep learning (securing ubuntu in the cloud, securing checklist, run a Lynis system audit etc)

snip from: https://www.kali.org/about-us/

“Kali Linux is an open source project that is maintained and funded by Offensive Security, a provider of world-class information security training and penetration testing services. In addition to Kali Linux, Offensive Security also maintains the Exploit Database and the free online course, Metasploit Unleashed.”

Download Kali

I downloaded the torrent version (as the HTTP version kept stopping (even on 50/20 NBN).

After the download finished I checked the SHA sum to verify it’a integrity

cd /Users/username/Downloads/kali-linux-2018.1-amd64
shasum -a 256 ./kali-linux-2018.1-amd64.iso 
ed88466834ceeba65f426235ec191fb3580f71d50364ac5131daec1bf976b317  ./kali-linux-2018.1-amd64.iso

cd /Users/username/Downloads/kali-linux-2018.1-amd64

shasum -a 256 ./kali-linux-2018.1-amd64.iso

ed88466834ceeba65f426235ec191fb3580f71d50364ac5131daec1bf976b317 ./kali-linux-2018.1-amd64.iso

A least it matched the known (or hacked) hash here.

Installing Parallels in a VM on OSX

I use Parallels 11 on OSX to set up a VM os Demina Kali, you can use VirtualBox, VMWare etc.

Hardware: 2x CPU, 2048MB Ram, 32MB Graphics, 64GB Disk.

I selected Graphical Install (English, Australia, American English, host: kali, network: hyrule, New South Wales, Partition: Guided – entire disk, Default, Default, Default, Continue, Yes, Network Mirror: Yes, No Proxy, Installed GRUB bootloader on VM HD.

Post Install

Install Parallel Tools

Official Guide: https://kb.parallels.com/en/123968

I opened the VM then selected the Actions then Install Parallels Tools, this mounted /media/cdrom/, I copied all contents to /temp/

As recommended by the Parallels instal bash script I updated headers.

apt install linux-headers-4.14.0-kali1-amd64

1	apt install linux-headers-4.14.0-kali1-amd64

Then the following from https://kb.parallels.com/en/123968

apt-get clean
apt-get update
apt-get upgrade -y
apt-get dist-upgrade -y
apt-get install dkms kpartx printer-driver-postscript-hp

apt-get clean

apt-get update

apt-get upgrade -y

apt-get dist-upgrade -y

apt-get install dkms kpartx printer-driver-postscript-hp

Parallels will not install, I think I need to upgrade to parallel 12 or 12 as the printer driver detection is not detecting (even though it is installed).

Installing Google Chrome

I used the video below

I have to run chrome with

/usr/bin/gogole-chrome-stable %U --no-sandbox --user-data=dir &

1	/usr/bin/gogole-chrome-stable %U --no-sandbox --user-data=dir &

It works.

Running your first remote vulnerability scan in Kali

I found this video useful in helping me scan and check my systems for exploits

Simple exploit search in Armitage (metasploit)

A quick scan of my server revealed three ports open and (22, 80 and 443). Port 80 redirects to 443 and port 22 is firewalled. I have WordPress and exploits I rued failed to work thanks to patching (always stay ahead of patching and updating of software and the OS.

Without knowing what I was doing I was able to check my WordPress against known exploits.

If you open the Check Exploits menu at the end of the Attacks menu you can do a bulk exploit check.

WP Scan

Kali also comes with a WordPress scanner

wpscan --url https://fearby.com

1	wpscan --url https://fearby.com

This will try and output everything from your web server and WordPress plugins.

/xmlrpc.php was found and I was advised to deny access to that file in NGINX. xmlrpc.php is ok but can be used in denial of service attacks.

location = /xmlrpc.php {
	deny all;
	access_log off;
	log_not_found off;
}

location = /xmlrpc.php {

deny all;

access_log off;

log_not_found off;

}

I had a hit for a vulnerability in a Youtube Embed plugin but I had a patched version.

TIP: Check your WordPress often.

More to come (Draft Post).

OWASP scanner
WPSCAN
Ethical Hacker modules
Cybrary training
Sent tips to @FearbySoftware

Tips

Don’t have unwanted ports open, securely installed software, Use unattended security updates in Ubuntu, update WordPress frequently and limit plugins and also consider running more verbose audit tools like Lynis.

More Reading

Read my OWASP Zap guide on application testing and Cloudflare guide.

I hope this guide helps someone.

Ask a question or recommend an article

Revision History

v1.2 added More Reading links.

v1.1 Added bulk exploit check.

v1.0 Initial post

Useful Linux Terminal Commands

August 13, 2017 by Simon

Below are Ubuntu Linux commands I use often to setup, debug maintain servers.

Read this guide for Useful OSX Commands (for setting up Apache, PHP, MySQL, Adminer etc on OSX)

I recently moved my domain from a C-Panel hosted domain (and Email to Google G Suite (my guide here)) to a self-managed Digital Ocean domain (my LetsEncrypt Guide here, my Digital Ocean guide here, my AWS setup guide here, my Vultr setup guide here) and needed to transfer my WordPress site. Setup your own Digital Ocean Ubuntu server form $5 a month (get the first 2 months free by clicking here) or setup your own Vultr Ubuntu server for as low as $2.5/month by clicking here.

How to Reboot (from time to time when prompted with *** system restart required ***” messages appear).

sudo shutdown -r now

1	sudo shutdown -r now

How to set up a bash file (*.sh) as Executable.

chmod +X filename.sh

1	chmod +X filename.sh

The file will now be executable.

Viewing your crontab (Windows Task Scheduler equiv)

crontab -e

1	crontab -e

Ping a port

nmap -p 80 google.com

1	nmap -p 80 google.com

Rename a folder

mv /www/oldname /www/newname

1	mv /www/oldname /www/newname

Set the owner of a folder

sudo chown -R www-data:www-data /wwwfolder/wp-content/uploads/2017/11/

1	sudo chown -R www-data:www-data /wwwfolder/wp-content/uploads/2017/11/

Check the rsync port

nmap -p 873 theserver.com

Starting Nmap 7.01 ( https://nmap.org ) at 2017-08-19 10:34 AEST
Nmap scan report for theserver.com (xxx.xxx.xxx.xxx)
Host is up (0.00012s latency).
Other addresses for theserver.com (not scanned): xxxx:xxxx:xxxx:xxxx:xxxx:xxxx
rDNS record for xxx.xxx.xxx.xxx: theserver.com
PORT    STATE SERVICE
873/tcp open  rsync

nmap -p 873 theserver.com

Starting Nmap 7.01 ( https://nmap.org ) at 2017-08-19 10:34 AEST

Nmap scan report for theserver.com (xxx.xxx.xxx.xxx)

Host is up (0.00012s latency).

Other addresses for theserver.com (not scanned): xxxx:xxxx:xxxx:xxxx:xxxx:xxxx

rDNS record for xxx.xxx.xxx.xxx: theserver.com

PORT STATE SERVICE

873/tcp open rsync

Run a file every 1 minute

*/1 * * * * /scripts/script1.sh

1	/1 * * * /scripts/script1.sh

Show server name

hostname

hostname

How to verify patch status for Meltdown and Spectre

Read my guide here to install the patch here.

Verify Spectre and Meltdown patch status

dmesg | grep isolation && echo "patched :)" || echo "unpatched :("
[ 0.000000] Kernel/User page tables isolation: enabled
patched :)

dmesg | grep isolation && echo "patched :)" || echo "unpatched :("

[ 0.000000] Kernel/User page tables isolation: enabled

patched :)

sudo grep "cpu_insecure\|cpu_meltdown\|kaiser" /proc/cpuinfo && echo "patched :)" || echo "unpatched :("
flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 syscall nx rdtscp lm constant_tsc rep_good nopl xtopology eagerfpu pni pclmulqdq ssse3 fma cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm invpcid_single kaiser fsgsbase bmi1 avx2 smep bmi2 erms invpcid xsaveopt arat
patched :)

sudo grep "cpu_insecure\|cpu_meltdown\|kaiser" /proc/cpuinfo && echo "patched :)" || echo "unpatched :("

flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 syscall nx rdtscp lm constant_tsc rep_good nopl xtopology eagerfpu pni pclmulqdq ssse3 fma cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm invpcid_single kaiser fsgsbase bmi1 avx2 smep bmi2 erms invpcid xsaveopt arat

patched :)

Restart network

sudo /etc/init.d/networking restart

1	sudo /etc/init.d/networking restart

More here.

Show Operating System Name

hostnamectl ! grep "Operating System"
 Operating System: Ubuntu 10.04.3 LTS

1 2	hostnamectl ! grep "Operating System" Operating System: Ubuntu 10.04.3 LTS

Show installed Packages

sudo apt-get install apt-show-versions

1	sudo apt-get install apt-show-versions

Show all packages with “PHP” in the name.

sudo apt-show-versions | grep php | more
 
libapache2-mod-php7.0:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
libapache2-mod-php7.0:i386 not installed
php-common:all/xenial 1:55+ubuntu16.04.1+deb.sury.org+1 uptodate
php-xdebug:amd64/xenial 2.5.5-3+ubuntu16.04.1+deb.sury.org+1 uptodate
php-xdebug:i386 not installed
php7.0:all/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-cli:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-cli:i386 not installed
php7.0-common:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-common:i386 not installed
php7.0-curl:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-curl:i386 not installed
php7.0-dev:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-dev:i386 not installed
php7.0-fpm:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-fpm:i386 not installed
php7.0-gd:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-gd:i386 not installed
php7.0-imap:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-imap:i386 not installed
php7.0-intl:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-intl:i386 not installed
php7.0-json:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-json:i386 not installed
php7.0-ldap:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-ldap:i386 not installed
php7.0-mbstring:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-mbstring:i386 not installed
php7.0-mysql:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-mysql:i386 not installed
php7.0-opcache:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-opcache:i386 not installed
php7.0-pgsql:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-pgsql:i386 not installed
php7.0-phpdbg:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-phpdbg:i386 not installed
php7.0-pspell:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-pspell:i386 not installed
php7.0-readline:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-readline:i386 not installed
php7.0-recode:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-recode:i386 not installed
php7.0-snmp:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-snmp:i386 not installed
php7.0-tidy:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-tidy:i386 not installed
php7.0-xml:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-xml:i386 not installed
php7.0-zip:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-zip:i386 not installed

sudo apt-show-versions | grep php | more

libapache2-mod-php7.0:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate

libapache2-mod-php7.0:i386 not installed

php-common:all/xenial 1:55+ubuntu16.04.1+deb.sury.org+1 uptodate

php-xdebug:amd64/xenial 2.5.5-3+ubuntu16.04.1+deb.sury.org+1 uptodate

php-xdebug:i386 not installed

php7.0:all/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate

php7.0-cli:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate

php7.0-cli:i386 not installed

php7.0-common:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate

php7.0-common:i386 not installed

php7.0-curl:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate

php7.0-curl:i386 not installed

php7.0-dev:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate

php7.0-dev:i386 not installed

php7.0-fpm:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate

php7.0-fpm:i386 not installed

php7.0-gd:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate

php7.0-gd:i386 not installed

php7.0-imap:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate

php7.0-imap:i386 not installed

php7.0-intl:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate

php7.0-intl:i386 not installed

php7.0-json:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate

php7.0-json:i386 not installed

php7.0-ldap:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate

php7.0-ldap:i386 not installed

php7.0-mbstring:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate

php7.0-mbstring:i386 not installed

php7.0-mysql:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate

php7.0-mysql:i386 not installed

php7.0-opcache:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate

php7.0-opcache:i386 not installed

php7.0-pgsql:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate

php7.0-pgsql:i386 not installed

php7.0-phpdbg:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate

php7.0-phpdbg:i386 not installed

php7.0-pspell:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate

php7.0-pspell:i386 not installed

php7.0-readline:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate

php7.0-readline:i386 not installed

php7.0-recode:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate

php7.0-recode:i386 not installed

php7.0-snmp:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate

php7.0-snmp:i386 not installed

php7.0-tidy:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate

php7.0-tidy:i386 not installed

php7.0-xml:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate

php7.0-xml:i386 not installed

php7.0-zip:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate

php7.0-zip:i386 not installed

Send Messages Other Logged In Users (CLI)

Show all user logged in

w
 20:11:51 up 1 day, 10:25,  2 users,  load average: 0.00, 0.04, 0.01
USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
root     tty1                      20:03   31.00s  0.24s  0.20s -bash
user1    pts/0    123.123.123.123  20:09    0.00s  0.08s  0.01s w

20:11:51 up 1 day, 10:25, 2 users, load average: 0.00, 0.04, 0.01

USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT

root tty1 20:03 31.00s 0.24s 0.20s -bash

user1 pts/0 123.123.123.123 20:09 0.00s 0.08s 0.01s w

Sent a message to usr1

echo "Hello User1" > /dev/pts/0

1	echo "Hello User1" > /dev/pts/0

Sent a message to the root console

echo "Hello Admin" > /dev/tty1

1	echo "Hello Admin" > /dev/tty1

Messages will appear at the bottom of the user’s console.

Processor

List processes in a tree view (… = removed)

ps -e --forest
  PID TTY          TIME CMD
    2 ?        00:00:00 kthreadd
    3 ?        00:00:00  \_ ksoftirqd/0
    5 ?        00:00:00  \_ kworker/0:0H
    7 ?        00:01:56  \_ rcu_sched
    8 ?        00:00:00  \_ rcu_bh
    9 ?        00:00:00  \_ migration/0
   35 ?        00:00:00  \_ vmstat
   37 ?        00:00:00  \_ ecryptfs-kthrea
   54 ?        00:00:00  \_ acpi_thermal_pm
   55 ?        00:00:00  \_ vballoon
   65 ?        00:00:00  \_ scsi_eh_0
   66 ?        00:00:00  \_ scsi_tmf_0
   67 ?        00:00:00  \_ scsi_eh_1
   68 ?        00:00:00  \_ scsi_tmf_1
   74 ?        00:00:00  \_ ipv6_addrconf
   36 ?        00:00:00  \_ kpsmoused
  456 ?        00:00:00  \_ iscsi_eh
...
    1 ?        00:00:02 init
...
  452 ?        00:00:00 upstart-file-br
  453 ?        00:00:00 dbus-daemon
...
 1489 ?        00:00:00 cron
 1514 ?        00:00:06 irqbalance
 1518 ?        00:00:00 sshd
11855 ?        00:00:00  \_ sshd
11914 pts/4    00:00:00      \_ bash
12008 pts/4    00:00:00          \_ ps
 1523 ?        00:00:09 php-fpm7.0
 1785 ?        00:00:03  \_ php-fpm7.0
 1786 ?        00:00:02  \_ php-fpm7.0
...
 1692 ?        00:01:52 mysqld
 ...
 1891 ?        00:00:53 fail2ban-server
...
 1956 ?        00:00:00 nginx
 1957 ?        00:00:02  \_ nginx
 1958 ?        00:00:03  \_ nginx
 1959 ?        00:00:01  \_ nginx
 1978 ?        00:00:24 ntpd
 2000 ?        00:00:00 systemd-logind
 2011 ?        00:03:24 redis-server
 ...

ps -e --forest

PID TTY TIME CMD

2 ? 00:00:00 kthreadd

3 ? 00:00:00 \_ ksoftirqd/0

5 ? 00:00:00 \_ kworker/0:0H

7 ? 00:01:56 \_ rcu_sched

8 ? 00:00:00 \_ rcu_bh

9 ? 00:00:00 \_ migration/0

35 ? 00:00:00 \_ vmstat

37 ? 00:00:00 \_ ecryptfs-kthrea

54 ? 00:00:00 \_ acpi_thermal_pm

55 ? 00:00:00 \_ vballoon

65 ? 00:00:00 \_ scsi_eh_0

66 ? 00:00:00 \_ scsi_tmf_0

67 ? 00:00:00 \_ scsi_eh_1

68 ? 00:00:00 \_ scsi_tmf_1

74 ? 00:00:00 \_ ipv6_addrconf

36 ? 00:00:00 \_ kpsmoused

456 ? 00:00:00 \_ iscsi_eh

...

1 ? 00:00:02 init

...

452 ? 00:00:00 upstart-file-br

453 ? 00:00:00 dbus-daemon

...

1489 ? 00:00:00 cron

1514 ? 00:00:06 irqbalance

1518 ? 00:00:00 sshd

11855 ? 00:00:00 \_ sshd

11914 pts/4 00:00:00 \_ bash

12008 pts/4 00:00:00 \_ ps

1523 ? 00:00:09 php-fpm7.0

1785 ? 00:00:03 \_ php-fpm7.0

1786 ? 00:00:02 \_ php-fpm7.0

...

1692 ? 00:01:52 mysqld

...

1891 ? 00:00:53 fail2ban-server

...

1956 ? 00:00:00 nginx

1957 ? 00:00:02 \_ nginx

1958 ? 00:00:03 \_ nginx

1959 ? 00:00:01 \_ nginx

1978 ? 00:00:24 ntpd

2000 ? 00:00:00 systemd-logind

2011 ? 00:03:24 redis-server

...

View major processes by usage/memory

ps -eo pid,ppid,cmd,%mem,%cpu --sort=-%mem | head                                    Sat Sep 16 18:51:17 2017

  PID  PPID CMD                         %MEM %CPU
 1692     1 /usr/sbin/mysqld             5.0  0.0
 1523     1 php-fpm: master process (/e  1.0  0.0
 1662     1 /usr/bin/lxd --group lxd --  0.4  0.0
 1785  1523 php-fpm: pool www            0.4  0.0
 1786  1523 php-fpm: pool www            0.3  0.0
 1891     1 /usr/bin/python3 /usr/bin/f  0.3  0.0
 1957  1956 nginx: worker process        0.2  0.0
 1958  1956 nginx: worker process        0.2  0.0
11855  1518 sshd: root@pts/4             0.1  0.0

ps -eo pid,ppid,cmd,%mem,%cpu --sort=-%mem | head Sat Sep 16 18:51:17 2017

PID PPID CMD %MEM %CPU

1692 1 /usr/sbin/mysqld 5.0 0.0

1523 1 php-fpm: master process (/e 1.0 0.0

1662 1 /usr/bin/lxd --group lxd -- 0.4 0.0

1785 1523 php-fpm: pool www 0.4 0.0

1786 1523 php-fpm: pool www 0.3 0.0

1891 1 /usr/bin/python3 /usr/bin/f 0.3 0.0

1957 1956 nginx: worker process 0.2 0.0

1958 1956 nginx: worker process 0.2 0.0

11855 1518 sshd: root@pts/4 0.1 0.0

Read more on ps here.

How big is a folder

du -hs ./foldername
412MB    ./foldername

1 2	du -hs ./foldername 412MB ./foldername

Change FIle Create/Modify time’s

Change File Creation Date

SetFile -d '11/25/2019 23:00:00' ./file.doc

1	SetFile -d '11/25/2019 23:00:00' ./file.doc

Change file modify/accessed time

touch -mt 201911282300 ./filename.doc

1	touch -mt 201911282300 ./filename.doc

Tree

Tree needs to be installed first

sudo apt-get install tree

1	sudo apt-get install tree

Show an ASCII representation of a folder structure

tree

tree

Show files in a structure

tree -a -h -v
.
├── [4.0K]  folder
├── [3.0K]  logfile.log
└── [1.7M]  zipfile.tgz

tree -a -h -v

├── [4.0K] folder

├── [3.0K] logfile.log

└── [1.7M] zipfile.tgz

Show directories

tree -d
.
└── [4.0K]  subfolder

tree -d

└── [4.0K] subfolder

List all files and folders in a structure

tree -a -f -p -h  -l -R

1	tree -a -f -p -h -l -R

Backup a www folder

cp -rTv /www/ /backup/www

1	cp -rTv /www/ /backup/www

Common (Digital Ocean) Debugging commands

cat /etc/network/interfaces.d/50-cloud-init.cfg
cat /etc/network/interfaces
ip addr
ip route
uname -a
iptables -nvL --line-numbers
ls -l /lib/modules
cat /etc/udev/rules.d/70-persistent-net.rules

cat /etc/network/interfaces.d/50-cloud-init.cfg

cat /etc/network/interfaces

ip addr

ip route

uname -a

iptables -nvL --line-numbers

ls -l /lib/modules

cat /etc/udev/rules.d/70-persistent-net.rules

Networking

Display all TCP connections

netstat -at

1	netstat -at

Display all UDP connections

netstat -au

1	netstat -au

List all Listening Connections

netstat -l

1	netstat -l

Show all Network stats

netstat -s

1	netstat -s

Show all UDP Network stats

netstat -st

1	netstat -st

Show all TCP Network stats

netstat -su

1	netstat -su

Show network packets

netstat -i

1	netstat -i

Displaying raw info

netstat --statistics --raw

1	netstat --statistics --raw

Show open ports

netstat -a | grep "LISTEN "

1	netstat -a \| grep "LISTEN "

Upload a file to a remote server over ssh

scp /local/folder/local-file.zip account@www.server.com:/remote/server/destination-folder/

1	scp /local/folder/local-file.zip account@www.server.com:/remote/server/destination-folder/

Zip files

Install zip

sudo apt-get install zip

1	sudo apt-get install zip

Zip a whole directory (with high compression)

zip -r -9 /folder/zipfile.zip /directory-to-zip

1	zip -r -9 /folder/zipfile.zip /directory-to-zip

Zip a whole directory (excluding *.tmp, *temp, *.bak and *.zip file types)

zip -r -9 /folder/zipfile.zip /directory-to-zip -x "*.tmp" -x "*.temp" -x"./backup/*.bak"-x "./backup/*.zip" -x "*promo*.mp4""

1	zip -r -9 /folder/zipfile.zip /directory-to-zip -x ".tmp" -x ".temp" -x"./backup/.bak"-x "./backup/.zip" -x "promo.mp4""

Zip Help

zip
Copyright (c) 1990-2008 Info-ZIP - Type 'zip "-L"' for software license.
Zip 3.0 (July 5th 2008). Usage:
zip [-options] [-b path] [-t mmddyyyy] [-n suffixes] [zipfile list] [-xi list]
  The default action is to add or replace zipfile entries from list, which
  can include the special name - to compress standard input.
  If zipfile and list are omitted, zip compresses stdin to stdout.
  -f   freshen: only changed files  -u   update: only changed or new files
  -d   delete entries in zipfile    -m   move into zipfile (delete OS files)
  -r   recurse into directories     -j   junk (don't record) directory names
  -0   store only                   -l   convert LF to CR LF (-ll CR LF to LF)
  -1   compress faster              -9   compress better
  -q   quiet operation              -v   verbose operation/print version info
  -c   add one-line comments        -z   add zipfile comment
  -@   read names from stdin        -o   make zipfile as old as latest entry
  -x   exclude the following names  -i   include only the following names
  -F   fix zipfile (-FF try harder) -D   do not add directory entries
  -A   adjust self-extracting exe   -J   junk zipfile prefix (unzipsfx)
  -T   test zipfile integrity       -X   eXclude eXtra file attributes
  -y   store symbolic links as the link instead of the referenced file
  -e   encrypt                      -n   don't compress these suffixes
  -h2  show more help

zip

Zip 3.0 (July 5th 2008). Usage:

zip [-options] [-b path] [-t mmddyyyy] [-n suffixes] [zipfile list] [-xi list]

The default action is to add or replace zipfile entries from list, which

can include the special name - to compress standard input.

If zipfile and list are omitted, zip compresses stdin to stdout.

-f freshen: only changed files -u update: only changed or new files

-d delete entries in zipfile -m move into zipfile (delete OS files)

-r recurse into directories -j junk (don't record) directory names

-0 store only -l convert LF to CR LF (-ll CR LF to LF)

-1 compress faster -9 compress better

-q quiet operation -v verbose operation/print version info

-c add one-line comments -z add zipfile comment

-@ read names from stdin -o make zipfile as old as latest entry

-x exclude the following names -i include only the following names

-F fix zipfile (-FF try harder) -D do not add directory entries

-A adjust self-extracting exe -J junk zipfile prefix (unzipsfx)

-T test zipfile integrity -X eXclude eXtra file attributes

-y store symbolic links as the link instead of the referenced file

-e encrypt -n don't compress these suffixes

-h2 show more help

Backup NGINX

zip -r -9 /backup/nginx.zip /etc/nginx/ -x "*.tmp" -x "*.temp" -x"./backup/*.bak" -x "./backup/*.zip"

1	zip -r -9 /backup/nginx.zip /etc/nginx/ -x ".tmp" -x ".temp" -x"./backup/.bak" -x "./backup/.zip"

Unzip

Installing Unzip

sudo apt-get install unzip

1	sudo apt-get install unzip

Unzip a file

unzip filename.zip

1	unzip filename.zip

Updates

Setup Unattended Ubuntu Security updates

sudo apt-get install unattended-upgrades
sudo unattended-upgrades -d

1 2	sudo apt-get install unattended-upgrades sudo unattended-upgrades -d

At login, you should receive

0 updates are security updates.

1	0 updates are security updates.

Show Configured NGINX server names

grep "server_name" /etc/nginx/sites-available/default
server_name www.servername.com myservername.com localhost;

1 2	grep "server_name" /etc/nginx/sites-available/default server_name www.servername.com myservername.com localhost;

Services

Reload daemon services

systemctl daemon-reload

1	systemctl daemon-reload

Verify the MongoDB service file exists

ls /etc/systemd/system | grep servivename

1	ls /etc/systemd/system \| grep servivename

View the status of services

systemctl list-unit-files --type=service
UNIT FILE                                  STATE
accounts-daemon.service                    enabled
acpid.service                              disabled
apport-forward@.service                    static
apt-daily-upgrade.service                  static
apt-daily.service                          static
...

systemctl list-unit-files --type=service

UNIT FILE STATE

accounts-daemon.service enabled

acpid.service disabled

apport-forward@.service static

apt-daily-upgrade.service static

apt-daily.service static

...

Local Dump

locale -a
C
C.UTF-8
en_AG
en_AG.utf8
en_AU.utf8
en_BW.utf8
en_CA.utf8
en_DK.utf8
en_GB.utf8
en_HK.utf8
en_IE.utf8
en_IN
en_IN.utf8
en_NG
en_NG.utf8
en_NZ.utf8
en_PH.utf8
en_SG.utf8
en_US
en_US.iso88591
en_US.utf8
en_ZA.utf8
en_ZM
en_ZM.utf8
en_ZW.utf8
POSIX

locale -a

C.UTF-8

en_AG

en_AG.utf8

en_AU.utf8

en_BW.utf8

en_CA.utf8

en_DK.utf8

en_GB.utf8

en_HK.utf8

en_IE.utf8

en_IN

en_IN.utf8

en_NG

en_NG.utf8

en_NZ.utf8

en_PH.utf8

en_SG.utf8

en_US

en_US.iso88591

en_US.utf8

en_ZA.utf8

en_ZM

en_ZM.utf8

en_ZW.utf8

POSIX

Show All Defined Ports

cat /etc/services

1	cat /etc/services

Show defined rsync ports

cat /etc/services | grep rsync

1	cat /etc/services \| grep rsync

Show listening ports (active connections)

netstat -plntu
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      1707/mysqld
tcp        0      0 127.0.0.1:6379          0.0.0.0:*               LISTEN      2023/redis-server 1
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      1968/nginx
tcp        0      0 0.0.0.0:21              0.0.0.0:*               LISTEN      2097/pure-ftpd (SER
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1525/sshd
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      1968/nginx
tcp6       0      0 fe80::1:13128           :::*                    LISTEN      1708/lxd-bridge-pro
tcp6       0      0 :::80                   :::*                    LISTEN      1968/nginx
tcp6       0      0 :::21                   :::*                    LISTEN      2097/pure-ftpd (SER
tcp6       0      0 :::22                   :::*                    LISTEN      1525/sshd
udp        0      0 10.99.0.10:123          0.0.0.0:*                           1990/ntpd
udp        0      0 45.77.48.141:123        0.0.0.0:*                           1990/ntpd
udp        0      0 127.0.0.1:123           0.0.0.0:*                           1990/ntpd
udp        0      0 0.0.0.0:123             0.0.0.0:*                           1990/ntpd
udp6       0      0 fe80::1:123             :::*                                1990/ntpd
udp6       0      0 ::1:123                 :::*                                1990/ntpd
udp6       0      0 :::123                  :::*                                1990/ntpd

netstat -plntu

Active Internet connections (only servers)

Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name

tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 1707/mysqld

tcp 0 0 127.0.0.1:6379 0.0.0.0:* LISTEN 2023/redis-server 1

tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1968/nginx

tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 2097/pure-ftpd (SER

tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1525/sshd

tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 1968/nginx

tcp6 0 0 fe80::1:13128 :::* LISTEN 1708/lxd-bridge-pro

tcp6 0 0 :::80 :::* LISTEN 1968/nginx

tcp6 0 0 :::21 :::* LISTEN 2097/pure-ftpd (SER

tcp6 0 0 :::22 :::* LISTEN 1525/sshd

udp 0 0 10.99.0.10:123 0.0.0.0:* 1990/ntpd

udp 0 0 45.77.48.141:123 0.0.0.0:* 1990/ntpd

udp 0 0 127.0.0.1:123 0.0.0.0:* 1990/ntpd

udp 0 0 0.0.0.0:123 0.0.0.0:* 1990/ntpd

udp6 0 0 fe80::1:123 :::* 1990/ntpd

udp6 0 0 ::1:123 :::* 1990/ntpd

udp6 0 0 :::123 :::* 1990/ntpd

Show service status

service --status-all

1	service --status-all

View your bash history for a past command (e.g “openssl”).

grep "openssl" ~/.bash_history
openssl req -new -newkey rsa:4096 -nodes -keyout fearby.key -out fearby.csr

1 2	grep "openssl" ~/.bash_history openssl req -new -newkey rsa:4096 -nodes -keyout fearby.key -out fearby.csr

View last 1 line of a file.

tail -n 1 index.html
</body></html>

1 2	tail -n 1 index.html </body></html>

Ping a server

ping -c 2 fearby.com

1	ping -c 2 fearby.com

How to check system uptime (and load average)

uptime
> 12:18:48 up 1 min,  1 user,  load average: 0.30, 0.18, 0.17

1 2	uptime > 12:18:48 up 1 min, 1 user, load average: 0.30, 0.18, 0.17

Uptime in friendly format

uptime -p
up 23 hours, 42 minutes

1 2	uptime -p up 23 hours, 42 minutes

The load averages at the end are the last 1, 5 min and 15 minutes.

The w command is handy for showing uptime information as-well as logged in users (The ‘w -i’ parameter -i is handy for seeing what IP people are logged in from).

w -i
> 12:22:41 up 5 min,  1 user,  load average: 0.00, 0.07, 0.05
USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
root     pts/0    123.123.123.123    12:18    1.00s  0.07s  0.00s w

w -i

> 12:22:41 up 5 min, 1 user, load average: 0.00, 0.07, 0.05

USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT

root pts/0 123.123.123.123 12:18 1.00s 0.07s 0.00s w

How to download a file

curl -o localfile.zip http://www.serverwhereiuploadedthefile.com/remotefile.zip

1	curl -o localfile.zip http://www.serverwhereiuploadedthefile.com/remotefile.zip

How to edit NGINX configuration

sudo nano /etc/nginx/nginx.conf

1	sudo nano /etc/nginx/nginx.conf

and

sudo nano /etc/nginx/sites-available/default

1	sudo nano /etc/nginx/sites-available/default

How to find a file

find / -name filename.ext

1	find / -name filename.ext

also

locate php.ini

1	locate php.ini

Find contents in files (recursive)

grep -r "ahref" *

1	grep -r "ahref" *

Find files by name and run a command on each

find -iname "index.html" -exec md5sum {} \;

1	find -iname "index.html" -exec md5sum {} \;

Show differences in files

diff index.html index2.html
< <body>Loading <a href="http://simon.fearby.com/blog/">http://simon.fearby.com/blog/</a></body></html>
---
> <body>Loading <a href="https://www.fearby.com/blog/">https://www.fearby.com/blog/</a></body></html>

diff index.html index2.html

< <body>Loading <a href="http://simon.fearby.com/blog/">http://simon.fearby.com/blog/</a></body></html>

---

> <body>Loading <a href="https://www.fearby.com/blog/">https://www.fearby.com/blog/</a></body></html>

Show contents of file (e.g urls.txt)

cat urls.txt
http://www.server1.com
http://www.server2.com
http://www.server3.com
http://www.server4.com
http://www.server5.com

cat urls.txt

http://www.server1.com

http://www.server2.com

http://www.server3.com

http://www.server4.com

http://www.server5.com

Download all files mentioned in a text file.

cat urls.txt | xargs wget –c
.. download 4 files ...
cat urls.txt | xargs wget –c

cat urls.txt | xargs wget –c

.. download 4 files ...

cat urls.txt | xargs wget –c

View all packages with updates

sudo /usr/lib/update-notifier/apt-check -p

1	sudo /usr/lib/update-notifier/apt-check -p

Output:

cryptsetup-bin
libdns-export162
libisccfg140
mongodb-org-mongos
linux-libc-dev
libgdk-pixbuf2.0-0
tcpdump
bind9-host
dnsutils
nodejs
libpython3.5
python3.5
python3.5-minimal
libisc160
grub-legacy-ec2
libapparmor1
libplymouth4
mongodb-org-shell
ntp
libtidy5
libapparmor-perl
libisc-export160
liblwres141
libcryptsetup4
libgdk-pixbuf2.0-common
libdns162
apache2-bin
apparmor
libisccc140
mongodb-org
libpython3.5-stdlib
libbind9-140
libpython3.5-minimal
cryptsetup
mongodb-org-server

cryptsetup-bin

libdns-export162

libisccfg140

mongodb-org-mongos

linux-libc-dev

libgdk-pixbuf2.0-0

tcpdump

bind9-host

dnsutils

nodejs

libpython3.5

python3.5

python3.5-minimal

libisc160

grub-legacy-ec2

libapparmor1

libplymouth4

mongodb-org-shell

ntp

libtidy5

libapparmor-perl

libisc-export160

liblwres141

libcryptsetup4

libgdk-pixbuf2.0-common

libdns162

apache2-bin

apparmor

libisccc140

mongodb-org

libpython3.5-stdlib

libbind9-140

libpython3.5-minimal

cryptsetup

mongodb-org-server

or (on ubuntu 16.04)

apt list --upgradable

1	apt list --upgradable

Updates

Always backup your server’s configuration before updating.

Backup MySQL

mysqldump --all-databases > /backup/dump-$( date '+%Y-%m-%d_%H-%M-%S' ).sql -u root -p

1	mysqldump --all-databases > /backup/dump-$( date '+%Y-%m-%d_%H-%M-%S' ).sql -u root -p

Crontab

Add this to crontab -e to backup at 1 am every day

0 1 * * * /usr/bin/mysqldump --all-databases > /backup/mysql/dump-$( date '+%Y-%m-%d_%H-%M-%S' ).sql -u root -pmysqlpassword

1	0 1 * * * /usr/bin/mysqldump --all-databases > /backup/mysql/dump-$( date '+%Y-%m-%d_%H-%M-%S' ).sql -u root -pmysqlpassword

/scripts/shrinkmysql.sh script to shrink SQL files

sudo nano /scripts/shrinkmysql.sh
#!/bin/bash

tar -zcf /backup/mysql-$( date '+%Y-%m-%d_%H-%M-%S' ).tgz /backup/mysql/
rm /backup/mysql/*.sql

sudo nano /scripts/shrinkmysql.sh

#!/bin/bash

tar -zcf /backup/mysql-$( date '+%Y-%m-%d_%H-%M-%S' ).tgz /backup/mysql/

rm /backup/mysql/*.sql

I had to add this to crontab

SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin/:/sbin:/usr/sbin:/scripts/:

1 2	SHELL=/bin/sh PATH=/usr/local/sbin:/usr/local/bin/:/sbin:/usr/sbin:/scripts/:

Cron job to shrink SQL dumps at 2am every day

0 2 * * * /bin/bash /scripts/shrinkmysql.sh > /dev/null 2>&1

1	0 2 * * * /bin/bash /scripts/shrinkmysql.sh > /dev/null 2>&1

Write to a single log file from the crontab at 2 am every day.

todo

Query a package (e.g. siege package)

sudo dpkg-query -l | grep siege *

1	sudo dpkg-query -l \| grep siege *

How to set up a free SSL certificate (see my guide here).

How to set your timezone.

dpkg-reconfigure tzdata

1	dpkg-reconfigure tzdata

How to restart PHP

sudo systemctl restart php7.0-fpm

1	sudo systemctl restart php7.0-fpm

How to show the time on the server

sudo hwclock --show

1	sudo hwclock --show

Reload and restart the NGINX configuration and web server.

sudo nginx -t
sudo nginx -s reload
sudo /etc/init.d/nginx restart

sudo nginx -t

sudo nginx -s reload

sudo /etc/init.d/nginx restart

JSON viewing program

Installing

sudo apt-get install jq

1	sudo apt-get install jq

Using

wget wget https://downloads.wordpress.org/plugin/genesis-enews-extended.2.0.2.zip

1	wget wget https://downloads.wordpress.org/plugin/genesis-enews-extended.2.0.2.zip

curl 'https://api.github.com/repos/stedolan/jq/commits?per_page=5' | jq .

1	curl 'https://api.github.com/repos/stedolan/jq/commits?per_page=5' \| jq .

Below are utilities I use a lot.

ncdu file size utility

Installing

sudo apt-get install ncdu

1	sudo apt-get install ncdu

Using

sudo ncdu /

1	sudo ncdu /

pydf disk checking utility

Installing

sudo apt-get install pydf

1	sudo apt-get install pydf

Using

pydf

pydf

ntp timezone service

Installing

sudo apt-get install ntp

1	sudo apt-get install ntp

Using

ntp

ntp

Displaying startup processes

Installing

sudo apt-get install rcconf

1	sudo apt-get install rcconf

Using

sudo rcconf

1	sudo rcconf

htop process manager.

Installing

sudo apt-get install htop

1	sudo apt-get install htop

Using

htop

htop

Network Benchmarking (between two servers)

I use iperf to measure total bandwidth between two servers. You will need to allow port 5001 (TCP IPV4 and TCP IPV6 in and out) in any local firewalls and hosts GUIs.

Allow port 5001 on an ufw firewall (IN and OUT)

sudo ufw allow 5001

#I Set port 5001 firewall on my hosts (Digital  Ocean and Vultr GUI)

sudo ufw allow 5001

#I Set port 5001 firewall on my hosts (Digital Ocean and Vultr GUI)

Deny IP

sudo ufw deny from 123.123.123.123

1	sudo ufw deny from 123.123.123.123

Allow port 22 access to known IP

sudo ufw allow from 123.123.123.123/24  to any port 22

1	sudo ufw allow from 123.123.123.123/24 to any port 22

Deny Outgoing Port

sudo ufw deny out 22

1	sudo ufw deny out 22

Allow out on port to known IP

sudo ufw allow out from 123.123.123.123 to any port 22

1	sudo ufw allow out from 123.123.123.123 to any port 22

More securing Ubuntu in the cloud here.

Install iperf on the target and source Ubuntu server.

sudo apt-get install iperf

1	sudo apt-get install iperf

Run this on the listening server.

iperf -s

iperf -s

Run this on benchmarking server (and add the IP of the listening server).

iperf -c 123.123.123.123

1	iperf -c 123.123.123.123

Results

Screen dump of ipref -c ip — iperf benchmarking output

Testing concurrent connections to a web server with siege.

Install siege

sudo apt-get install siege

1	sudo apt-get install siege

Benchmarking a HTTP server

./siege -t1m c10 'https://fearby.com'

#10 Concurent users

./siege -t1m c10 'https://fearby.com'

#10 Concurent users

Benchmarking HTTPS sites

Install siege 4.0.2 ( steps here ).

Verify siege 4.0.2 is installed by running

siege -v

siege -v

Now can benchmark https sites

./siege -t1m c10 'https:/thedomain.com'

1	./siege -t1m c10 'https:/thedomain.com'

View incoming connections on the target server

sudo netstat -tupn

1	sudo netstat -tupn

I always increase my history size and tell it not to store duplicates.

Viewing your typed terminal history

history

history

Increasing your history size

HISTSIZE=10000
HISTCONTROL=ignoredups

1 2	HISTSIZE=10000 HISTCONTROL=ignoredups

How to Update Ubuntu

sudo apt-get update
sudo apt-get dist-upgrade

1 2	sudo apt-get update sudo apt-get dist-upgrade

sudo apt-get update && sudo apt-get upgrade

1	sudo apt-get update && sudo apt-get upgrade

Edit SSH authorized keys

sudo nano ~/.ssh/authorized_keys

1	sudo nano ~/.ssh/authorized_keys

Search file and show lines where text matches

grep -i "href" index.html
> <body>Loading <a href="http://simon.fearby.com/blog/">http://simon.fearby.com/blog/</a></body></html>

1 2	grep -i "href" index.html > <body>Loading <a href="http://simon.fearby.com/blog/">http://simon.fearby.com/blog/</a></body></html>

View packages with updates

/usr/lib/update-notifier/apt-check --human-readable
35 packages can be updated.
15 updates are security updates.

/usr/lib/update-notifier/apt-check --human-readable

35 packages can be updated.

15 updates are security updates.

View Boot Text

dmesg

dmesg

Automatic Monitoring (ever 1 second)

Active network connections

watch -n 1 'netstat -at'

1	watch -n 1 'netstat -at'

Network Packets

watch -n 1 'netstat -i'

1	watch -n 1 'netstat -i'

Free memory

watch -n 1 'free -m'

1	watch -n 1 'free -m'

Memory breakdown

watch -n 1 'cat /proc/meminfo'

1	watch -n 1 'cat /proc/meminfo'

watch -n 1 'vmstat -s'

1	watch -n 1 'vmstat -s'

Monitor NGINX memory

watch -n 1 'ps axu |grep nginx'

1	watch -n 1 'ps axu \|grep nginx'

more soon…

Read this guide for Useful OSX Commands (for setting up Apache, PHP, MySQL, Adminer etc on OSX)

50 most useful Linux commands (view here).

View other Linux command informing sites here, here and here.

Donate and make this blog better

Ask a question or recommend an article

v1.8 Show users and senda messages to other users

v.71 Show Operating System Name

v1.7 added Meltdown and Spectre patch information

v1.6 Removed -x fom zip directory

V1.5 Restart Network

v1.4 added Useful OSX Commands

Setting up a Raspberry Pi Zero W

June 28, 2017 by Simon

fyi: Here is my guide that I created while I set up a Raspberry Pi Zero W. My previous Raspberry PI 2 Setup Guide here and I wanted to try the single core Raspberry Pi Zero W. Eventually, want to run my Raspberry Pi from batteries (my older guide here).

I plugged in a 2Amp 5v micro USB powder pack, micro HDMI cable, micro USB keyboard and expected to see a light but nothing. This guide says the Raspberry Pi has no power LED. Unfortunately, I thought the power pack was faulty and I plugged it in a few times and corrupted the installed SD-card.

Failed Setup

After reading this guide I remembered I forgot to switch the monitor to the HDMI input (oops).

Yep, I realized I corrupted the OS on the SD Card.

Old Noobs Operating System

I checked the SD-Card (that I purchased from eBay) I noticed the SD-Card had an older NOOBS 2.0.0 installation in an in an invalid subfolder (that’s why it would not boot).

I plugged the Micro SD card into an SD-Card adapter and plugged it into my Mac (time to install a newer OS).

Downloading the latest Raspian Operating System

I visited https://www.raspberrypi.org/downloads/raspbian/ and download raspbian

I downloaded a 1.66GB Zip File.

The file took 30 mins to download.

I expanded the zip file to a 4.66 img file.

Formatting the SD-Card

I formatted my SD Card with the SD Card Associations SD formatting tool from https://www.sdcard.org/downloads/formatter_4/ here.

Setting up the SD-Card

The Raspberry Pi Foundation has a great guide on how to install the Raspberry Pi Raspian image onto an SD-Card here.

I downloaded the free 64MB Etcher program for Mac OS here https://etcher.io/ in order to copy (flash) Raspian onto the SD-Card.

I opened Etcher and selected the Raspian Jesse image file and clicked flash.

The flash will take between 5-10 minutes.

SD Card Contents

The Raspian image is now ready for reinsertion back into the Raspberry Pi to setup

1st Raspberry Pi (Raspian) boot.

The raspberry pi does, in fact, have a power/activity led with the latest operating system 🙂

The desktop loaded quite swiftly too. My Bay special keyboard detected just fine. You can manually connect to your wifi by entering the following command in the terminal (thanks to this guide).

sudo nano /etc/network/interfaces

1	sudo nano /etc/network/interfaces

Generic Config

sudo rasps-config

# > I changed the password.
# > I chnaged the hostname.
# > Configured the pi to book to console (logged in) and not the desktop
# > Configured the pi to wait for the network on boot
# > Configured the splash screen not to show at boot
# > Configured the local to be "en_AU.UTF-8 UTF-8" ("en_AU.UTF-8")
# > Configured timezone to be Australia/Sydney
# > Configured the keyboard to be a "Generic 104 Key PC" (Englist (US)
# > Configured Wifi Country to be AU
# > Configured the (Interface) Camera = ON
# > Configured the (Interface) SSH = ON
# > Configured the (Interface) SPI = ON
# > Configured the (Interface) I2C = ON
# > Configured the (Interface) Serial = ON
# > Configured the (Interface) 1-Wire = ON
# > Configured the (Interface) Remote GPIO = OFF
# > Configured the (Interface) SPI = ON
# > Configured the (Advanced) GPU Memory = 16
# Finish and Reboot

sudo rasps-config

# > I changed the password.

# > I chnaged the hostname.

# > Configured the pi to book to console (logged in) and not the desktop

# > Configured the pi to wait for the network on boot

# > Configured the splash screen not to show at boot

# > Configured the local to be "en_AU.UTF-8 UTF-8" ("en_AU.UTF-8")

# > Configured timezone to be Australia/Sydney

# > Configured the keyboard to be a "Generic 104 Key PC" (Englist (US)

# > Configured Wifi Country to be AU

# > Configured the (Interface) Camera = ON

# > Configured the (Interface) SSH = ON

# > Configured the (Interface) SPI = ON

# > Configured the (Interface) I2C = ON

# > Configured the (Interface) Serial = ON

# > Configured the (Interface) 1-Wire = ON

# > Configured the (Interface) Remote GPIO = OFF

# > Configured the (Interface) SPI = ON

# > Configured the (Advanced) GPU Memory = 16

# Finish and Reboot

I am not using the desktop much so I am happy setting 16MB for the video card.

Get the Mac Address and set a static IP Address (to allow remote SSH management)

After a reboot, I was logged into a shell and was able to bring up the devices network details (including mac address).

ifconfig

ifconfig

Test the network connection

I was successful;y able to ping a remote server via wifi.

ping www.fearby.com

1	ping www.fearby.com

Static IP Address

Todo: I set up my local ADSL router to give the Raspberry Pi a Static (known) IP every time it boots.

Update the Pi Software (after the network is up)

Now that I knew the network is working I was able to update the Pi software.

sudo apt-get update
sudo apt-get upgrade
sudo rpi-update
sudo reboot

sudo apt-get update

sudo apt-get upgrade

sudo rpi-update

sudo reboot

I re-ran the update just in case. Now my Pi is all up to date.

Installed Misc Software

sudo apt-get install image-magick
sudo apt-get install nginx
sudo /etc/init.d/nginx start
sudo apt-get install php5-fpm

sudo apt-get install image-magick

sudo apt-get install nginx

sudo /etc/init.d/nginx start

sudo apt-get install php5-fpm

More on setting up a NGINX web server here.

Set the Pi Mouse (regular sized USB devices)

I had small micro USB to larger USB adapters (from eBay) but could only use a keyboard or mouse at any one time. I Also had a micro USB to multiple micro USB and Ethernet adapter (from eBay) (SN: YS-LAN38) but it failed to work with NOOBS 2.0.0 (maybe it will work with Raspian latest)

I wanted to test regular devices in the case of an emergency.

And the mouse works (*and the X* desktop worked with 16MB assigned)

Help

40 Useful Raspberry Pi Commands.

Todo

Add information on adding and using a 5MP Raspberry Pi camera and setting this up as a https://fearby.com/article/raspberry-pi-2b-security-webcam/secuerity webcam.

Donate and make this blog better

Ask a question or recommend an article

v1.2 DRAFT: Added more images

Personal Development Blog...

Coding for fun since 1996, Learn by doing and sharing.

Buy a domain name, then create your own server (get $25 free credit)

"If you're not still learning, you're already dying."
- Ryan Holiday - Ego is the Enemy

Follow me on Twitter: @FearbySoftware

View All Posts.

Linux

Setting up the Debian Kali Linux distro to perform penetration testing of your systems

Useful Linux Terminal Commands

Setting up a Raspberry Pi Zero W

Popular

Security

Code

Tech

Wordpress

General

Advertisement:

Linux

Footer

Popular

Security

Code

Tech

Wordpress

General

Advertisement: