vpnwall-services/FORENSICS-101.md

## FORENSICS-101.md

      
    Raw
  

              FORENSICS-101.md
            
          
    FORENSICS 101

Find number of established connections on system :

netstat -an|grep ESTABLISHED|awk '{print $5}'|awk -F: '{print $1}'|sort|uniq -c|awk '{ printf("%s\t%s\t",$2,$1); for (i = 0; i < $1; i++) {printf("*")}; print ""}'
Trigger OOM killer without rebooting :

echo 1 > /proc/sys/kernel/sysrq;echo f > /proc/sysrq-trigger;echo 0 > /proc/sys/kernel/sysrq
Grep date, IP, page, and status code in apache2 logs

grep -R '25/Apr/2020:00' | cut -d " " -f1,4,7,8,9