System/Kernel
SHayslett@red:~$ uname -a ; cat /etc/*release
Linux red.initech 4.4.0-21-generic #37-Ubuntu SMP Mon Apr 18 18:34:49 UTC 2016 i686 athlon i686 GNU/Linux
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=16.04
DISTRIB_CODENAME=xenial
DISTRIB_DESCRIPTION="Ubuntu 16.04 LTS"
NAME="Ubuntu"
VERSION="16.04 LTS (Xenial Xerus)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 16.04 LTS"
VERSION_ID="16.04"
HOME_URL="http://www.ubuntu.com/"
SUPPORT_URL="http://help.ubuntu.com/"
BUG_REPORT_URL="http://bugs.launchpad.net/ubuntu/"
UBUNTU_CODENAME=xenial4.4.0-21-generici686Ubuntu 16.04 LTS (Xenial Xerus)
Networks
SHayslett@red:~$ ip route ; arp -a
default via 192.168.239.254 dev ens192 onlink
192.168.239.0/24 dev ens192 proto kernel scope link src 192.168.239.148
? (192.168.239.254) at 00:50:56:9e:0f:31 [ether] on ens192SHayslett@red:~$ netstat -antup4
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:666 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN -
tcp 0 0 192.168.239.148:21 192.168.45.191:34310 TIME_WAIT -
tcp 0 1 127.0.0.1:35488 127.0.0.1:631 SYN_SENT -
tcp 0 0 192.168.239.148:20 192.168.45.191:54819 TIME_WAIT -
tcp 0 604 192.168.239.148:22 192.168.45.191:40118 ESTABLISHED -
udp 0 0 192.168.239.255:137 0.0.0.0:* -
udp 0 0 192.168.239.148:137 0.0.0.0:* -
udp 0 0 0.0.0.0:137 0.0.0.0:* -
udp 0 0 192.168.239.255:138 0.0.0.0:* -
udp 0 0 192.168.239.148:138 0.0.0.0:* -
udp 0 0 0.0.0.0:138 0.0.0.0:* -
udp 0 0 0.0.0.0:53 0.0.0.0:* -
udp 0 0 0.0.0.0:68 0.0.0.0:* -
udp 0 0 0.0.0.0:69 0.0.0.0:* - Users & Groups
SHayslett@red:~$ cat /etc/passwd ; ll /home
root:x:0:0:root:/root:/bin/zsh
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/usr/sbin/nologin
man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
proxy:x:13:13:proxy:/bin:/usr/sbin/nologin
www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
irc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologin
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin
nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
systemd-timesync:x:100:102:systemd Time Synchronization,,,:/run/systemd:/bin/false
systemd-network:x:101:103:systemd Network Management,,,:/run/systemd/netif:/bin/false
systemd-resolve:x:102:104:systemd Resolver,,,:/run/systemd/resolve:/bin/false
systemd-bus-proxy:x:103:105:systemd Bus Proxy,,,:/run/systemd:/bin/false
syslog:x:104:108::/home/syslog:/bin/false
_apt:x:105:65534::/nonexistent:/bin/false
lxd:x:106:65534::/var/lib/lxd/:/bin/false
dnsmasq:x:107:65534:dnsmasq,,,:/var/lib/misc:/bin/false
messagebus:x:108:111::/var/run/dbus:/bin/false
sshd:x:109:65534::/var/run/sshd:/usr/sbin/nologin
peter:x:1000:1000:Peter,,,:/home/peter:/bin/zsh
mysql:x:111:117:MySQL Server,,,:/nonexistent:/bin/false
RNunemaker:x:1001:1001::/home/RNunemaker:/bin/bash
ETollefson:x:1002:1002::/home/ETollefson:/bin/bash
DSwanger:x:1003:1003::/home/DSwanger:/bin/bash
AParnell:x:1004:1004::/home/AParnell:/bin/bash
SHayslett:x:1005:1005::/home/SHayslett:/bin/bash
MBassin:x:1006:1006::/home/MBassin:/bin/bash
JBare:x:1007:1007::/home/JBare:/bin/bash
LSolum:x:1008:1008::/home/LSolum:/bin/bash
IChadwick:x:1009:1009::/home/IChadwick:/bin/false
MFrei:x:1010:1010::/home/MFrei:/bin/bash
SStroud:x:1011:1011::/home/SStroud:/bin/bash
CCeaser:x:1012:1012::/home/CCeaser:/bin/dash
JKanode:x:1013:1013::/home/JKanode:/bin/bash
CJoo:x:1014:1014::/home/CJoo:/bin/bash
Eeth:x:1015:1015::/home/Eeth:/usr/sbin/nologin
LSolum2:x:1016:1016::/home/LSolum2:/usr/sbin/nologin
JLipps:x:1017:1017::/home/JLipps:/bin/sh
jamie:x:1018:1018::/home/jamie:/bin/sh
Sam:x:1019:1019::/home/Sam:/bin/zsh
Drew:x:1020:1020::/home/Drew:/bin/bash
jess:x:1021:1021::/home/jess:/bin/bash
SHAY:x:1022:1022::/home/SHAY:/bin/bash
Taylor:x:1023:1023::/home/Taylor:/bin/sh
mel:x:1024:1024::/home/mel:/bin/bash
kai:x:1025:1025::/home/kai:/bin/sh
zoe:x:1026:1026::/home/zoe:/bin/bash
NATHAN:x:1027:1027::/home/NATHAN:/bin/bash
www:x:1028:1028::/home/www:
postfix:x:112:118::/var/spool/postfix:/bin/false
ftp:x:110:116:ftp daemon,,,:/var/ftp:/bin/false
elly:x:1029:1029::/home/elly:/bin/bash
total 132
drwxr-xr-x 32 root root 4096 Jun 9 2021 ./
drwxr-xr-x 22 root root 4096 Jun 7 2016 ../
drwxr-xr-x 2 AParnell AParnell 4096 May 5 2021 AParnell/
drwxr-xr-x 2 CCeaser CCeaser 4096 Jun 5 2016 CCeaser/
drwxr-xr-x 2 CJoo CJoo 4096 May 5 2021 CJoo/
drwxr-xr-x 2 Drew Drew 4096 May 5 2021 Drew/
drwxr-xr-x 2 DSwanger DSwanger 4096 May 5 2021 DSwanger/
drwxr-xr-x 2 Eeth Eeth 4096 Jun 5 2016 Eeth/
drwxr-xr-x 2 elly elly 4096 May 5 2021 elly/
drwxr-xr-x 2 ETollefson ETollefson 4096 May 5 2021 ETollefson/
drwxr-xr-x 2 IChadwick IChadwick 4096 Jun 5 2016 IChadwick/
drwxr-xr-x 2 jamie jamie 4096 May 5 2021 jamie/
drwxr-xr-x 2 JBare JBare 4096 May 5 2021 JBare/
drwxr-xr-x 2 jess jess 4096 May 5 2021 jess/
drwxr-xr-x 2 JKanode JKanode 4096 Jun 9 2021 JKanode/
drwxr-xr-x 2 JLipps JLipps 4096 May 5 2021 JLipps/
drwxr-xr-x 2 kai kai 4096 May 5 2021 kai/
-r--r--r-- 1 www-data www-data 33 Apr 28 19:39 local.txt
drwxr-xr-x 2 LSolum LSolum 4096 May 5 2021 LSolum/
drwxr-xr-x 2 LSolum2 LSolum2 4096 Jun 5 2016 LSolum2/
drwxr-xr-x 2 MBassin MBassin 4096 May 5 2021 MBassin/
drwxr-xr-x 2 mel mel 4096 May 5 2021 mel/
drwxr-xr-x 2 MFrei MFrei 4096 May 5 2021 MFrei/
drwxr-xr-x 2 NATHAN NATHAN 4096 May 5 2021 NATHAN/
drwxr-xr-x 3 peter peter 4096 Jun 9 2021 peter/
drwxr-xr-x 2 RNunemaker RNunemaker 4096 May 5 2021 RNunemaker/
drwxr-xr-x 2 Sam Sam 4096 Jun 5 2016 Sam/
drwxr-xr-x 2 SHAY SHAY 4096 May 5 2021 SHAY/
drwxr-xr-x 3 SHayslett SHayslett 4096 Apr 28 21:17 SHayslett/
drwxr-xr-x 2 SStroud SStroud 4096 May 5 2021 SStroud/
drwxr-xr-x 2 Taylor Taylor 4096 May 5 2021 Taylor/
drwxrwxrwx 2 www www 4096 Jun 5 2016 www/
drwxr-xr-x 3 zoe zoe 4096 May 5 2021 zoe/SHayslett@red:~$ cut -d: -f1 /etc/passwd | xargs -n1 id
uid=0(root) gid=0(root) groups=0(root)
uid=1(daemon) gid=1(daemon) groups=1(daemon)
uid=2(bin) gid=2(bin) groups=2(bin)
uid=3(sys) gid=3(sys) groups=3(sys)
uid=4(sync) gid=65534(nogroup) groups=65534(nogroup)
uid=5(games) gid=60(games) groups=60(games)
uid=6(man) gid=12(man) groups=12(man)
uid=7(lp) gid=7(lp) groups=7(lp)
uid=8(mail) gid=8(mail) groups=8(mail)
uid=9(news) gid=9(news) groups=9(news)
uid=10(uucp) gid=10(uucp) groups=10(uucp)
uid=13(proxy) gid=13(proxy) groups=13(proxy)
uid=33(www-data) gid=33(www-data) groups=33(www-data)
uid=34(backup) gid=34(backup) groups=34(backup)
uid=38(list) gid=38(list) groups=38(list)
uid=39(irc) gid=39(irc) groups=39(irc)
uid=41(gnats) gid=41(gnats) groups=41(gnats)
uid=65534(nobody) gid=65534(nogroup) groups=65534(nogroup)
uid=100(systemd-timesync) gid=102(systemd-timesync) groups=102(systemd-timesync)
uid=101(systemd-network) gid=103(systemd-network) groups=103(systemd-network)
uid=102(systemd-resolve) gid=104(systemd-resolve) groups=104(systemd-resolve)
uid=103(systemd-bus-proxy) gid=105(systemd-bus-proxy) groups=105(systemd-bus-proxy)
uid=104(syslog) gid=108(syslog) groups=108(syslog),4(adm)
uid=105(_apt) gid=65534(nogroup) groups=65534(nogroup)
uid=106(lxd) gid=65534(nogroup) groups=65534(nogroup)
uid=107(dnsmasq) gid=65534(nogroup) groups=65534(nogroup)
uid=108(messagebus) gid=111(messagebus) groups=111(messagebus)
uid=109(sshd) gid=65534(nogroup) groups=65534(nogroup)
uid=1000(peter) gid=1000(peter) groups=1000(peter),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),110(lxd),113(lpadmin),114(sambashare)
uid=111(mysql) gid=117(mysql) groups=117(mysql)
uid=1001(RNunemaker) gid=1001(RNunemaker) groups=1001(RNunemaker)
uid=1002(ETollefson) gid=1002(ETollefson) groups=1002(ETollefson)
uid=1003(DSwanger) gid=1003(DSwanger) groups=1003(DSwanger)
uid=1004(AParnell) gid=1004(AParnell) groups=1004(AParnell)
uid=1005(SHayslett) gid=1005(SHayslett) groups=1005(SHayslett)
uid=1006(MBassin) gid=1006(MBassin) groups=1006(MBassin)
uid=1007(JBare) gid=1007(JBare) groups=1007(JBare)
uid=1008(LSolum) gid=1008(LSolum) groups=1008(LSolum)
uid=1009(IChadwick) gid=1009(IChadwick) groups=1009(IChadwick)
uid=1010(MFrei) gid=1010(MFrei) groups=1010(MFrei)
uid=1011(SStroud) gid=1011(SStroud) groups=1011(SStroud)
uid=1012(CCeaser) gid=1012(CCeaser) groups=1012(CCeaser)
uid=1013(JKanode) gid=1013(JKanode) groups=1013(JKanode)
uid=1014(CJoo) gid=1014(CJoo) groups=1014(CJoo)
uid=1015(Eeth) gid=1015(Eeth) groups=1015(Eeth)
uid=1016(LSolum2) gid=1016(LSolum2) groups=1016(LSolum2)
uid=1017(JLipps) gid=1017(JLipps) groups=1017(JLipps)
uid=1018(jamie) gid=1018(jamie) groups=1018(jamie)
uid=1019(Sam) gid=1019(Sam) groups=1019(Sam)
uid=1020(Drew) gid=1020(Drew) groups=1020(Drew)
uid=1021(jess) gid=1021(jess) groups=1021(jess)
uid=1022(SHAY) gid=1022(SHAY) groups=1022(SHAY)
uid=1023(Taylor) gid=1023(Taylor) groups=1023(Taylor)
uid=1024(mel) gid=1024(mel) groups=1024(mel)
uid=1025(kai) gid=1025(kai) groups=1025(kai)
uid=1026(zoe) gid=1026(zoe) groups=1026(zoe)
uid=1027(NATHAN) gid=1027(NATHAN) groups=1027(NATHAN)
uid=1028(www) gid=1028(www) groups=1028(www)
uid=112(postfix) gid=118(postfix) groups=118(postfix)
uid=110(ftp) gid=116(ftp) groups=116(ftp)
uid=1029(elly) gid=1029(elly) groups=1029(elly)uid=1000(peter) gid=1000(peter) groups=1000(peter),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),110(lxd),113(lpadmin),114(sambashare)uid=1001(RNunemaker) gid=1001(RNunemaker) groups=1001(RNunemaker)uid=1002(ETollefson) gid=1002(ETollefson) groups=1002(ETollefson)uid=1003(DSwanger) gid=1003(DSwanger) groups=1003(DSwanger)uid=1004(AParnell) gid=1004(AParnell) groups=1004(AParnell)uid=1005(SHayslett) gid=1005(SHayslett) groups=1005(SHayslett)uid=1006(MBassin) gid=1006(MBassin) groups=1006(MBassin)uid=1007(JBare) gid=1007(JBare) groups=1007(JBare)uid=1008(LSolum) gid=1008(LSolum) groups=1008(LSolum)uid=1009(IChadwick) gid=1009(IChadwick) groups=1009(IChadwick)uid=1010(MFrei) gid=1010(MFrei) groups=1010(MFrei)uid=1011(SStroud) gid=1011(SStroud) groups=1011(SStroud)uid=1012(CCeaser) gid=1012(CCeaser) groups=1012(CCeaser)uid=1013(JKanode) gid=1013(JKanode) groups=1013(JKanode)uid=1014(CJoo) gid=1014(CJoo) groups=1014(CJoo)uid=1015(Eeth) gid=1015(Eeth) groups=1015(Eeth)uid=1016(LSolum2) gid=1016(LSolum2) groups=1016(LSolum2)uid=1017(JLipps) gid=1017(JLipps) groups=1017(JLipps)uid=1018(jamie) gid=1018(jamie) groups=1018(jamie)uid=1019(Sam) gid=1019(Sam) groups=1019(Sam)uid=1020(Drew) gid=1020(Drew) groups=1020(Drew)uid=1021(jess) gid=1021(jess) groups=1021(jess)uid=1022(SHAY) gid=1022(SHAY) groups=1022(SHAY)uid=1023(Taylor) gid=1023(Taylor) groups=1023(Taylor)uid=1024(mel) gid=1024(mel) groups=1024(mel)uid=1025(kai) gid=1025(kai) groups=1025(kai)uid=1026(zoe) gid=1026(zoe) groups=1026(zoe)uid=1027(NATHAN) gid=1027(NATHAN) groups=1027(NATHAN)uid=1028(www) gid=1028(www) groups=1028(www)
SUIDs
SHayslett@red:~$ find / -perm -04000 -ls -type f 2>/dev/null | grep -v '/snap'
45812 36 -rwsr-xr-x 1 root root 36288 Mar 29 2016 /usr/bin/newuidmap
34553 40 -rwsr-xr-x 1 root root 39560 Mar 29 2016 /usr/bin/chsh
34773 160 -rwsr-xr-x 1 root root 159852 Mar 30 2016 /usr/bin/sudo
34551 48 -rwsr-xr-x 1 root root 48264 Mar 29 2016 /usr/bin/chfn
46655 20 -rwsr-xr-x 1 root root 18216 Jan 17 2016 /usr/bin/pkexec
45811 36 -rwsr-xr-x 1 root root 36288 Mar 29 2016 /usr/bin/newgidmap
46451 52 -rwsr-sr-x 1 daemon daemon 50748 Jan 14 2016 /usr/bin/at
34689 52 -rwsr-xr-x 1 root root 53128 Mar 29 2016 /usr/bin/passwd
34678 36 -rwsr-xr-x 1 root root 34680 Mar 29 2016 /usr/bin/newgrp
34614 80 -rwsr-xr-x 1 root root 78012 Mar 29 2016 /usr/bin/gpasswd
46612 24 -rwsr-xr-x 1 root root 22268 Apr 29 2016 /usr/bin/ubuntu-core-launcher
46290 504 -rwsr-xr-x 1 root root 513528 Apr 16 2016 /usr/lib/openssh/ssh-keysign
34873 8 -rwsr-xr-x 1 root root 5480 Feb 25 2014 /usr/lib/eject/dmcrypt-get-device
46646 16 -rwsr-xr-x 1 root root 13960 Jan 17 2016 /usr/lib/policykit-1/polkit-agent-helper-1
45798 40 -rwsr-xr-x 1 root root 38300 Apr 19 2016 /usr/lib/i386-linux-gnu/lxc/lxc-user-nic
46112 48 -rwsr-xr-- 1 root messagebus 46436 Apr 1 2016 /usr/lib/dbus-1.0/dbus-daemon-launch-helper
48330 12 -rwsr-xr-x 1 root root 9760 Jul 26 2015 /usr/lib/authbind/helper
34451 36 -rwsr-xr-x 1 root root 34812 Apr 13 2016 /bin/mount
34500 28 -rwsr-xr-x 1 root root 26492 Apr 13 2016 /bin/umount
34465 40 -rwsr-xr-x 1 root root 38932 May 7 2014 /bin/ping
46116 32 -rwsr-xr-x 1 root root 30112 Mar 11 2016 /bin/fusermount
34466 44 -rwsr-xr-x 1 root root 43316 May 7 2014 /bin/ping6
34482 40 -rwsr-xr-x 1 root root 38900 Mar 29 2016 /bin/suSGIDs
SHayslett@red:~$ find / -perm -02000 -ls -type f 2>/dev/null | grep -v '/snap'
29914 4 drwxrwsr-x 2 root mail 4096 Jun 5 2016 /var/mail
32154 4 drwx--s--- 2 postfix postdrop 4096 Aug 3 2024 /var/spool/postfix/public
29899 4 drwxrwsr-x 2 root staff 4096 Apr 12 2016 /var/local
34599 24 -rwxr-sr-x 1 root shadow 22000 Mar 29 2016 /usr/bin/expiry
46451 52 -rwsr-sr-x 1 daemon daemon 50748 Jan 14 2016 /usr/bin/at
46282 420 -rwxr-sr-x 1 root ssh 427536 Apr 16 2016 /usr/bin/ssh-agent
34548 60 -rwxr-sr-x 1 root shadow 61276 Mar 29 2016 /usr/bin/chage
34826 28 -rwxr-sr-x 1 root tty 26356 Apr 13 2016 /usr/bin/wall
34562 40 -rwxr-sr-x 1 root crontab 38996 Apr 5 2016 /usr/bin/crontab
46503 456 -rwxr-sr-x 1 root utmp 464152 Feb 7 2016 /usr/bin/screen
47462 4 drwxrwsr-x 2 root staff 4096 Jun 3 2016 /usr/local/share/fonts
97860 4 drwxrwsr-x 2 root staff 4096 Jun 3 2016 /usr/local/share/zsh/site-functions
46834 4 drwxrwsr-x 7 root staff 4096 Jun 3 2016 /usr/local/share/sgml
96591 4 drwxrwsr-x 2 root staff 4096 Jun 3 2016 /usr/local/share/sgml/dtd
96589 4 drwxrwsr-x 2 root staff 4096 Jun 3 2016 /usr/local/share/sgml/entities
96590 4 drwxrwsr-x 2 root staff 4096 Jun 3 2016 /usr/local/share/sgml/misc
46835 4 drwxrwsr-x 2 root staff 4096 Jun 3 2016 /usr/local/share/sgml/declaration
96588 4 drwxrwsr-x 2 root staff 4096 Jun 3 2016 /usr/local/share/sgml/stylesheet
6637 4 drwxrwsr-x 6 root staff 4096 Jun 6 2016 /usr/local/share/xml
6641 4 drwxrwsr-x 2 root staff 4096 Jun 3 2016 /usr/local/share/xml/schema
6640 4 drwxrwsr-x 2 root staff 4096 Jun 3 2016 /usr/local/share/xml/entities
6638 4 drwxrwsr-x 2 root staff 4096 Jun 3 2016 /usr/local/share/xml/misc
6639 4 drwxrwsr-x 2 root staff 4096 Jun 3 2016 /usr/local/share/xml/declaration
37517 4 drwxrwsr-x 3 root staff 4096 Jun 3 2016 /usr/local/lib/python3.5
37518 4 drwxrwsr-x 2 root staff 4096 Apr 20 2016 /usr/local/lib/python3.5/dist-packages
70929 4 drwxrwsr-x 4 root staff 4096 Jun 3 2016 /usr/local/lib/python2.7
70930 4 drwxrwsr-x 2 root staff 4096 Jun 3 2016 /usr/local/lib/python2.7/dist-packages
85848 4 drwxrwsr-x 2 root staff 4096 Jun 3 2016 /usr/local/lib/python2.7/site-packages
46499 8 -rwxr-sr-x 1 root utmp 5480 Mar 11 2016 /usr/lib/i386-linux-gnu/utempter/utempter
49266 20 -r-xr-sr-x 1 root postdrop 17716 Apr 13 2016 /usr/sbin/postqueue
49278 16 -r-xr-sr-x 1 root postdrop 13636 Apr 13 2016 /usr/sbin/postdrop
7418 40 -rwxr-sr-x 1 root shadow 38664 Mar 16 2016 /sbin/unix_chkpwd
7382 40 -rwxr-sr-x 1 root shadow 38684 Mar 16 2016 /sbin/pam_extrausers_chkpwd
325 0 drwxr-sr-x 3 root systemd-journal 60 Aug 3 2024 /run/log/journal
326 0 drwxr-s--- 2 root systemd-journal 180 Apr 28 22:10 /run/log/journal/6bcd20ace5721b4ec51742d557517d58Capabilities
SHayslett@red:~$ getcap -r / 2>/dev/null
/usr/bin/systemd-detect-virt = cap_dac_override,cap_sys_ptrace+ep/usr/bin/systemd-detect-virt
Processes
SHayslett@red:~$ ps -auxwww
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.5 6876 5160 ? Ss 19:32 0:01 /sbin/init
root 526 0.0 0.3 5748 3140 ? Ss 19:32 0:00 /lib/systemd/systemd-journald
root 550 0.0 0.1 13284 1436 ? Ss 19:32 0:00 /sbin/lvmetad -f
root 555 0.0 0.3 13884 3392 ? Ss 19:32 0:00 /lib/systemd/systemd-udevd
root 724 0.0 0.9 52556 9312 ? Ssl 19:32 0:05 /usr/bin/vmtoolsd
root 767 0.0 0.7 39328 7520 ? Ss 19:32 0:00 /usr/bin/VGAuthService
root 771 0.0 0.2 5576 2512 ? Ss 19:32 0:00 /usr/sbin/cron -f
syslog 772 0.0 0.2 30728 2772 ? Ssl 19:32 0:00 /usr/sbin/rsyslogd -n
message+ 773 0.0 0.3 5932 3460 ? Ss 19:32 0:00 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation
root 801 0.0 0.2 105400 2436 ? Ssl 19:32 0:00 /usr/bin/lxcfs /var/lib/lxcfs/
root 803 0.0 0.2 4076 2692 ? Ss 19:32 0:00 /lib/systemd/systemd-logind
root 806 0.0 0.1 2244 1104 ? Ss 19:32 0:00 /usr/sbin/acpid
daemon 808 0.0 0.1 3480 1940 ? Ss 19:32 0:00 /usr/sbin/atd -f
root 840 0.0 0.0 3132 124 ? Ss 19:32 0:00 /sbin/mdadm --monitor --pid-file /run/mdadm/monitor.pid --daemonise --scan --syslog
dnsmasq 861 0.0 0.2 9116 2664 ? S 19:32 0:00 /usr/sbin/dnsmasq -x /var/run/dnsmasq/dnsmasq.pid -u dnsmasq -7 /etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new --local-service --trust-anchor=.,19036,8,2,49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5
root 1081 0.0 0.5 10104 5600 ? Ss 19:37 0:00 /usr/sbin/sshd -D
root 1100 0.0 0.3 5308 3180 ? Ss 19:37 0:00 /usr/sbin/vsftpd /etc/vsftpd.conf
mysql 1116 0.0 29.5 1227264 302264 ? Ssl 19:37 0:03 /usr/sbin/mysqld
root 1119 0.0 0.0 2984 120 ? Ss 19:37 0:00 /sbin/iscsid
root 1120 0.0 0.2 3444 2772 ? S<Ls 19:37 0:00 /sbin/iscsid
root 1203 0.0 0.1 2540 1544 ? S 19:37 0:00 /usr/sbin/inetutils-inetd
root 1259 0.0 2.4 127044 25016 ? Ss 19:37 0:00 php-fpm: master process (/etc/php/7.0/fpm/php-fpm.conf)
www-data 1287 0.0 0.5 127044 5932 ? S 19:37 0:00 php-fpm: pool www
www-data 1288 0.0 0.5 127044 5932 ? S 19:37 0:00 php-fpm: pool www
root 1310 0.0 0.6 26332 6524 ? Ss 19:37 0:00 /usr/sbin/nmbd -D
root 1321 0.0 2.5 127368 26164 ? Ss 19:37 0:00 /usr/sbin/apache2 -k start
root 1346 0.0 1.0 42336 11220 ? Ss 19:37 0:00 /usr/sbin/smbd -D
root 1347 0.0 0.4 40568 4192 ? S 19:37 0:00 /usr/sbin/smbd -D
root 1349 0.0 0.5 42336 5380 ? S 19:37 0:00 /usr/sbin/smbd -D
root 1444 0.0 0.3 34088 3144 ? Ss 19:37 0:00 /usr/lib/postfix/sbin/master
root 1865 0.0 0.2 6008 2468 ? Ss 19:39 0:00 dhclient ens192
postfix 1905 0.0 0.3 34168 3316 ? S 19:39 0:00 qmgr -l -t unix -u
root 1938 0.0 0.2 5724 2724 ? S 19:39 0:00 /bin/bash /usr/local/src/nc.sh
root 1940 0.0 0.3 6472 3116 ? S 19:39 0:00 su -c authbind php -S 0.0.0.0:80 -t /home/www/ &>/dev/null www
root 1946 0.0 0.1 4748 1372 tty1 Ss+ 19:39 0:00 /sbin/agetty --noclear tty1 linux
www 1955 0.0 0.4 6372 4168 ? Ss 19:39 0:00 /lib/systemd/systemd --user
www 1958 0.0 0.1 7840 1544 ? S 19:39 0:00 (sd-pam)
www 1963 0.0 0.2 5432 2656 ? Ss 19:39 0:00 bash -c authbind php -S 0.0.0.0:80 -t /home/www/ &>/dev/null
www 1964 0.1 2.4 126132 24680 ? S 19:39 0:16 php -S 0.0.0.0:80 -t /home/www/
www-data 3385 0.0 0.9 127452 10120 ? S 20:45 0:02 /usr/sbin/apache2 -k start
root 3415 0.0 0.0 2692 712 ? S 20:48 0:00 nc -nlvp 666
postfix 4142 0.0 0.3 34116 3752 ? S 21:18 0:00 pickup -l -t unix -u -c
www-data 4472 0.0 0.9 127452 10196 ? S 21:48 0:01 /usr/sbin/apache2 -k start
www-data 5386 0.0 0.9 127452 10196 ? S 22:37 0:00 /usr/sbin/apache2 -k start
root 5500 0.0 0.6 13484 6456 ? Ss 22:44 0:00 sshd: SHayslett [priv]
SHaysle+ 5502 0.0 0.4 6372 4220 ? Ss 22:45 0:00 /lib/systemd/systemd --user
SHaysle+ 5503 0.0 0.1 7840 1544 ? S 22:45 0:00 (sd-pam)
SHaysle+ 5513 0.0 0.3 13484 3340 ? S 22:45 0:00 sshd: SHayslett@pts/0
SHaysle+ 5514 0.0 0.3 5860 3520 pts/0 Ss 22:45 0:00 -bash
SHaysle+ 5698 0.0 0.3 7760 3152 pts/0 R+ 22:50 0:00 ps -auxwwwroot 771 0.0 0.2 5576 2512 ? Ss 19:32 0:00 /usr/sbin/cron -froot 801 0.0 0.2 105400 2436 ? Ssl 19:32 0:00 /usr/bin/lxcfs /var/lib/lxcfs/dnsmasq 861 0.0 0.2 9116 2664 ? S 19:32 0:00 /usr/sbin/dnsmasq -x /var/run/dnsmasq/dnsmasq.pid -u dnsmasq -7 /etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new --local-service --trust-anchor=.,19036,8,2,49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5root 1081 0.0 0.5 10104 5600 ? Ss 19:37 0:00 /usr/sbin/sshd -Droot 1100 0.0 0.3 5308 3180 ? Ss 19:37 0:00 /usr/sbin/vsftpd /etc/vsftpd.confmysql 1116 0.0 29.5 1227264 302264 ? Ssl 19:37 0:03 /usr/sbin/mysqldroot 1119 0.0 0.0 2984 120 ? Ss 19:37 0:00 /sbin/iscsidroot 1310 0.0 0.6 26332 6524 ? Ss 19:37 0:00 /usr/sbin/nmbd -Droot 1321 0.0 2.5 127368 26164 ? Ss 19:37 0:00 /usr/sbin/apache2 -k startroot 1346 0.0 1.0 42336 11220 ? Ss 19:37 0:00 /usr/sbin/smbd -Droot 1444 0.0 0.3 34088 3144 ? Ss 19:37 0:00 /usr/lib/postfix/sbin/masterpostfix 1905 0.0 0.3 34168 3316 ? S 19:39 0:00 qmgr -l -t unix -uroot 1938 0.0 0.2 5724 2724 ? S 19:39 0:00 /bin/bash /usr/local/src/nc.shroot 1940 0.0 0.3 6472 3116 ? S 19:39 0:00 su -c authbind php -S 0.0.0.0:80 -t /home/www/ &>/dev/null wwwpostfix 4142 0.0 0.3 34116 3752 ? S 21:18 0:00 pickup -l -t unix -u -c
Cron & Systemd
SHayslett@red:~$ crontab -l ; cat /etc/crontab ; systemctl list-timers
no crontab for SHayslett
# /etc/crontab: system-wide crontab
# Unlike any other crontab you don't have to run the `crontab'
# command to install the new version when you edit this file
# and files in /etc/cron.d. These files also have username fields,
# that none of the other crontabs do.
SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
# m h dom mon dow user command
17 * * * * root cd / && run-parts --report /etc/cron.hourly
25 6 * * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
47 6 * * 7 root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
52 6 1 * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )
#
NEXT LEFT LAST PASSED UNIT ACTIVATES
Tue 2025-04-29 14:44:10 BST 15h left Mon 2025-04-28 19:39:01 BST 3h 15min ago apt-daily.timer apt-daily.service
Tue 2025-04-29 19:47:55 BST 20h left Mon 2025-04-28 19:47:55 BST 3h 6min ago systemd-tmpfiles-clean.timer systemd-tmpfiles-clean.serv
2 timers listed.
Pass --all to see loaded but inactive timers, too.Services
SHayslett@red:~$ systemctl list-units --state=running
UNIT LOAD ACTIVE SUB DESCRIPTION
proc-sys-fs-binfmt_misc.automount loaded active running Arbitrary Executable File Formats File System Automount Point
acpid.path loaded active running ACPI Events Check
init.scope loaded active running System and Service Manager
session-51.scope loaded active running Session 51 of user SHayslett
session-c1.scope loaded active running Session c1 of user www
acpid.service loaded active running ACPI event daemon
apache2.service loaded active running LSB: Apache2 web server
atd.service loaded active running Deferred execution scheduler
cron.service loaded active running Regular background program processing daemon
dbus.service loaded active running D-Bus System Message Bus
dnsmasq.service loaded active running dnsmasq - A lightweight DHCP and caching DNS server
getty@tty1.service loaded active running Getty on tty1
inetutils-inetd.service loaded active running LSB: inetd sysv init script
iscsid.service loaded active running iSCSI initiator daemon (iscsid)
lvm2-lvmetad.service loaded active running LVM2 metadata daemon
lxcfs.service loaded active running FUSE filesystem for LXC
mdadm.service loaded active running LSB: MD monitoring daemon
mysql.service loaded active running MySQL Community Server
nmbd.service loaded active running LSB: start Samba NetBIOS nameserver (nmbd)
open-vm-tools.service loaded active running Service for virtual machines hosted on VMware
php7.0-fpm.service loaded active running The PHP 7.0 FastCGI Process Manager
postfix.service loaded active running LSB: Postfix Mail Transport Agent
rc-local.service loaded active running /etc/rc.local Compatibility
rsyslog.service loaded active running System Logging Service
smbd.service loaded active running LSB: start Samba SMB/CIFS daemon (smbd)
ssh.service loaded active running OpenBSD Secure Shell server
systemd-journald.service loaded active running Journal Service
systemd-logind.service loaded active running Login Service
systemd-udevd.service loaded active running udev Kernel Device Manager
user@1005.service loaded active running User Manager for UID 1005
user@1028.service loaded active running User Manager for UID 1028
vgauth.service loaded active running Authentication service for virtual machines hosted on VMware
vsftpd.service loaded active running vsftpd FTP server
acpid.socket loaded active running ACPID Listen Socket
dbus.socket loaded active running D-Bus System Message Bus Socket
lvm2-lvmetad.socket loaded active running LVM2 metadata daemon socket
syslog.socket loaded active running Syslog Socket
systemd-journald-audit.socket loaded active running Journal Audit Socket
systemd-journald-dev-log.socket loaded active running Journal Socket (/dev/log)
systemd-journald.socket loaded active running Journal Socket
systemd-udevd-control.socket loaded active running udev Control Socket
systemd-udevd-kernel.socket loaded active running udev Kernel Socket
LOAD = Reflects whether the unit definition was properly loaded.
ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
SUB = The low-level unit activation state, values depend on unit type.
42 loaded units listed. Pass --all to see loaded but inactive units, too.
To show all installed unit files use 'systemctl list-unit-files'.apache2.servicednsmasq.serviceiscsid.servicelvm2-lvmetad.servicelxcfs.servicemysql.servicenmbd.serviceopen-vm-tools.servicephp7.0-fpm.servicepostfix.servicerc-local.servicesmbd.servicevsftpd.service
Sudo Version
SHayslett@red:~$ sudo --version
Sudo version 1.8.16
Sudoers policy plugin version 1.8.16
Sudoers file grammar version 45
Sudoers I/O plugin version 1.8.16Sudo version 1.8.16
Glibc Version
SHayslett@red:~$ ldd --version
ldd (Ubuntu GLIBC 2.23-0ubuntu3) 2.23
Copyright (C) 2016 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Written by Roland McGrath and Ulrich Drepper.ldd (Ubuntu GLIBC 2.23-0ubuntu3) 2.23