Overview
This article provides information on basic troubleshooting commands for Linux. These commands are based on Ubuntu as it is one of the most common distributions.
-
Testing Firewall
- Checking Installed Applications
- Troubleshooting SSH
- Traceroute
-
Testing Permissions with Root
Information
Testing Firewall
There are two ways of testing the firewall. Use both methods to verify that the firewall is configured properly.
Method 1: IPTABLES
Check if the firewall rules have been applied. Almost all the modern Linux firewall solutions use iptables
for firewall. To see the rules in place with the iptables
command, execute the iptables –L
command.
The command returns the current set of rules. A few rules could be displayed even if firewall rules have not been applied. Look for lines that match your given rule sets, which gives you an idea about what rules have been entered into the system.
Method 2: NMAP
The next method consists of using a second computer to test the connections against the host firewall. This can be done with the nmap
command, found in the nmap
package.
To install the nmap
package, run the following command.
sudo apt-get install nmap
Type the nmap-P0 x.x.x.x
command to check the firewall of another computer:
Please see the command details below.
-
x.x.x.x
is the IP of the remote computer. -
-P0
flag prevents the host from being tested with an ICMP echo packet. This is necessary because it is prone to give false positives if blocked by firewall rules.
This command scans for TCP ports that are open and available from the target computer.
To check for UDP ports add the –sU flag:
nmap -P0 -sU x.x.x.x
Checking Installed Applications
Use the dpkg
command to obtain information about the packages installed.
- To show a list of installed programs, execute
dpkg -l
. - To show a list of installed programs displayed in the terminal window, execute
dpkg -l | less
. - To search for a particular program, execute
dpkg -l <pack_name>
.
Example -dpkg -l ufw
- To show the location where the package is installed, execute the following command.
sudo dpkg -S {package_name}
Example -sudo dpkg -S ufw
The-S
part stands for search. - To search, use the
dpkg -l | grep {keywords}
command.
Example -dpkg -l | grep pdf
Troubleshooting SSH
Secure Shell (SSH) is a network protocol that provides administrators with a secure way to access a remote computer with Linux.
- To make sure that SSH is running and is listening on the port 22, execute the following command.
sudo netstat -anp | grep ssh
- To check the SSH service status, use the
sudo service ssh status
command.
- If it is not installed, execute the following command.
sudo apt-get install openssh-client openssh-server
- If the service is stopped, execute the following command.
sudo service ssh start
- Check
iptables
to ensure that the port 22 is not blocked. To do so, execute thesudo iptables -L
command. - To add a rule to accept incoming connection on the port 22, execute the following command.
sudo iptables -A INPUT -p tcp --dport ssh -j ACCEPT
Traceroute
traceroute
is a utility that records the route through the Internet between your computer and a specified destination computer.
To install the traceroute
package via Terminal, execute the following command.
sudo apt-get install traceroute
To run traceroute
, execute the following command.
traceroute IP_DESTINATION
Testing Permissions with Root
Enabling Root Account
- Open Terminal and run the
sudo passwd root
command. - Type a password twice, then execute the
sudo passwd -u root
command.
Reverting Back
When the testing is completed, lock the root account again by executing the sudo passwd -l root
command.
sudo
.