Master Linux: Quick Commands to Spot Rogue Processes, Backup, and Harden Your System
This guide walks you through essential Linux shell tricks—from listing non‑owned processes and the top CPU hogs, to using rsync for selective backups, finding the largest files, filtering today's files, transferring data with netcat, backing up the boot sector, and securing log files with immutable attributes.
Identify Processes Not Run by You
Difficulty: Advanced Application: bash (UNIX/Linux shell)
List all processes that are not owned by your user: ps aux | grep -v `whoami` Or show the top ten CPU‑intensive processes (run as root for best results):
ps aux --sort=-%cpu | grep -m 11 -v `whoami`Simple Website Backup with rsync
Difficulty: Easy Application: Backups
Copy only changed files from a remote directory to a local backup using rsync over SSH:
rsync -avere ssh [email protected]:/home/jono/importantfiles/* /home/jono/backup/Find the Largest File
Difficulty: Easy Application: Shell
List files in the current directory sorted by size, largest last, with human‑readable output: ls -lSrh Search for the largest MP3/MPEG files: ls -lSrh *.mp* Find the largest directories:
du -kx | egrep -v "\./.+/" | sort -nList Only Today’s Files
Difficulty: Easy Application: Various
Show files created today using a combination of ls and grep with the current date:
ls -al --time-style=+%D | grep `date +%D`Transfer Files Without FTP or SCP (netcat)
Difficulty: Easy Application: netcat
On the destination machine, listen and extract the incoming archive: nc -l -p 1234 | uncompress -c | tar xvfp - On the source machine, compress and send the directory:
tar cfp - /some/dir | compress -c | nc -w 3 [destination] 1234Backup Your Boot Sector
Difficulty: Advanced Application: Shell
Create a backup of the first 512 bytes of the boot device: dd if=/dev/hda of=bootsector.img bs=512 count=1 Restore it later:
dd if=bootsector.img of=/dev/hdaProtect Log Files
Difficulty: Advanced Application: Various
Set the immutable “append‑only” attribute so logs cannot be deleted and can only be appended to: chattr +a /var/log/logfile Demonstration:
touch /var/log/logfileecho "append‑only not set" > /var/log/logfilechattr +a /var/log/logfileecho "append‑only set" > /var/log/logfileAttempting to overwrite now fails, but appending works: echo "appending to file" >> /var/log/logfile To prevent even root from removing the attribute, disable the CAP_LINUX_IMMUTABLE capability using the lcap tool: tar xvfj lcap-0.0.3.tar.bz2 && cd lcap-0.0.3 && make Then run:
./lcap CAP_LINUX_IMMUTABLE./lcap CAP_SYS_RAWIOAdding these commands to your boot scripts (e.g., /etc/rc.local) ensures the protection persists across reboots.
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
MaGe Linux Operations
Founded in 2009, MaGe Education is a top Chinese high‑end IT training brand. Its graduates earn 12K+ RMB salaries, and the school has trained tens of thousands of students. It offers high‑pay courses in Linux cloud operations, Python full‑stack, automation, data analysis, AI, and Go high‑concurrency architecture. Thanks to quality courses and a solid reputation, it has talent partnerships with numerous internet firms.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.