Tarea 01#

Saavedra Escalona Braulio Rubén#

Primera captura de la información del sistema Debian
Segunda captura de la información del sistema Debian

uname -a#

Linux debian 5.10.0-11-amd64 #1 SMP Debian 5.10.92-1 (2022-01-18) x86_64 GNU/Linux

cat /etc/os-release#

PRETTY_NAME="Debian GNU/Linux 11 (bullseye)" NAME="Debian GNU/Linux" VERSION_ID="11" VERSION="11 (bullseye)" VERSION_CODENAME=bullseye ID=debian HOME_URL="https://www.debian.org/" SUPPORT_URL="https://www.debian.org/support" BUG_REPORT_URL="https://bugs.debian.org/"

lsmod#

Module Size Used by vboxsf 90112 1 vboxvideo 49152 0 rfkill 28672 3 snd_intel8x0 49152 2 snd_ac97_codec 180224 1 snd_intel8x0 ghash_clmulni_intel 16384 0 aesni_intel 368640 0 ac97_bus 16384 1 snd_ac97_codec snd_pcm 135168 2 snd_intel8x0,snd_ac97_codec snd_timer 49152 1 snd_pcm libaes 16384 1 aesni_intel crypto_simd 16384 1 aesni_intel joydev 28672 0 cryptd 24576 2 crypto_simd,ghash_clmulni_intel glue_helper 16384 1 aesni_intel snd 110592 8 snd_intel8x0,snd_timer,snd_ac97_codec,snd_pcm sg 36864 0 evdev 28672 10 soundcore 16384 1 snd serio_raw 20480 0 pcspkr 16384 0 vboxguest 413696 6 vboxsf ac 16384 0 nfnetlink 16384 0 msr 16384 0 fuse 167936 3 configfs 57344 1 ip_tables 32768 0 x_tables 53248 1 ip_tables autofs4 53248 2 ext4 921600 1 crc16 16384 1 ext4 mbcache 16384 1 ext4 jbd2 151552 1 ext4 crc32c_generic 16384 0 hid_generic 16384 0 usbhid 65536 0 hid 147456 2 usbhid,hid_generic sd_mod 61440 3 t10_pi 16384 1 sd_mod crc_t10dif 20480 1 t10_pi sr_mod 28672 0 cdrom 73728 1 sr_mod crct10dif_generic 16384 0 ata_generic 16384 0 vmwgfx 376832 2 ttm 114688 2 vmwgfx,vboxvideo drm_kms_helper 278528 2 vmwgfx,vboxvideo ohci_pci 20480 0 cec 61440 1 drm_kms_helper ehci_pci 20480 0 ohci_hcd 61440 1 ohci_pci ehci_hcd 98304 1 ehci_pci ata_piix 36864 0 crct10dif_pclmul 16384 1 crct10dif_common 16384 3 crct10dif_generic,crc_t10dif,crct10dif_pclmul drm 618496 6 vmwgfx,drm_kms_helper,vboxvideo,ttm ahci 40960 2 libahci 45056 1 ahci usbcore 323584 5 ohci_hcd,ehci_pci,usbhid,ehci_hcd,ohci_pci crc32_pclmul 16384 0 psmouse 184320 0 crc32c_intel 24576 2 libata 290816 4 ata_piix,libahci,ahci,ata_generic scsi_mod 262144 4 sd_mod,libata,sg,sr_mod i2c_piix4 28672 0 e1000 155648 0 usb_common 16384 3 ohci_hcd,usbcore,ehci_hcd battery 20480 0 video 53248 0 button 24576 0

ps afx#

PID TTY      STAT   TIME COMMAND
  2 ?        S      0:00 [kthreadd]
  3 ?        I<     0:00  \_ [rcu_gp]
  4 ?        I<     0:00  \_ [rcu_par_gp]
  6 ?        I<     0:00  \_ [kworker/0:0H-events_highpri]
  9 ?        I<     0:00  \_ [mm_percpu_wq]
 10 ?        S      0:00  \_ [rcu_tasks_rude_]
 11 ?        S      0:00  \_ [rcu_tasks_trace]
 12 ?        S      0:00  \_ [ksoftirqd/0]
 13 ?        I      0:00  \_ [rcu_sched]
 14 ?        S      0:00  \_ [migration/0]
 15 ?        S      0:00  \_ [cpuhp/0]
 17 ?        S      0:00  \_ [kdevtmpfs]
 18 ?        I<     0:00  \_ [netns]
 19 ?        S      0:00  \_ [kauditd]
 20 ?        S      0:00  \_ [khungtaskd]
 21 ?        S      0:00  \_ [oom_reaper]
 22 ?        I<     0:00  \_ [writeback]
 23 ?        S      0:00  \_ [kcompactd0]
 24 ?        SN     0:00  \_ [ksmd]
 25 ?        SN     0:00  \_ [khugepaged]
 43 ?        I<     0:00  \_ [kintegrityd]
 44 ?        I<     0:00  \_ [kblockd]
 45 ?        I<     0:00  \_ [blkcg_punt_bio]
 46 ?        I<     0:00  \_ [edac-poller]
 47 ?        I<     0:00  \_ [devfreq_wq]
 48 ?        I<     0:00  \_ [kworker/0:1H-kblockd]
 49 ?        S      0:00  \_ [kswapd0]
 50 ?        I<     0:00  \_ [kthrotld]
 51 ?        I<     0:00  \_ [acpi_thermal_pm]
 52 ?        I<     0:00  \_ [ipv6_addrconf]
 62 ?        I<     0:00  \_ [kstrp]
 65 ?        I<     0:00  \_ [zswap-shrink]
 66 ?        I<     0:00  \_ [kworker/u3:0]
107 ?        I<     0:00  \_ [ata_sff]
110 ?        S      0:00  \_ [scsi_eh_0]
111 ?        I<     0:00  \_ [scsi_tmf_0]
112 ?        S      0:00  \_ [scsi_eh_1]
113 ?        S      0:00  \_ [scsi_eh_2]
114 ?        I<     0:00  \_ [scsi_tmf_1]
115 ?        I<     0:00  \_ [scsi_tmf_2]
119 ?        S      0:00  \_ [irq/18-vmwgfx]
120 ?        I<     0:00  \_ [ttm_swap]
121 ?        S      0:00  \_ [card0-crtc0]
122 ?        S      0:00  \_ [card0-crtc1]
123 ?        S      0:00  \_ [card0-crtc2]
124 ?        S      0:00  \_ [card0-crtc3]
125 ?        S      0:00  \_ [card0-crtc4]
126 ?        S      0:00  \_ [card0-crtc5]
127 ?        S      0:00  \_ [card0-crtc6]
128 ?        S      0:00  \_ [card0-crtc7]
169 ?        S      0:00  \_ [jbd2/sda1-8]
170 ?        I<     0:00  \_ [ext4-rsv-conver]
289 ?        I<     0:00  \_ [iprt-VBoxWQueue]
308 ?        I<     0:00  \_ [cryptd]

2484 ? I 0:00 _ [kworker/u2:3-ext4-rsv-conversion] 2605 ? I 0:01 _ [kworker/0:2-events] 2682 ? I 0:00 _ [kworker/u2:0-ext4-rsv-conversion] 2702 ? I 0:00 _ [kworker/u2:1-flush-8:0] 2704 ? I 0:00 _ [kworker/0:1-ata_sff] 2718 ? I 0:00 _ [kworker/0:0-mm_percpu_wq] 2727 ? I 0:00 _ [kworker/u2:2-events_unbound] 2728 ? I 0:00 _ [kworker/0:3] 1 ? Ss 0:01 /sbin/init 207 ? Ss 0:00 /lib/systemd/systemd-journald 239 ? Ss 0:00 /lib/systemd/systemd-udevd 408 ? Ssl 0:00 /usr/libexec/accounts-daemon 410 ? Ss 0:00 avahi-daemon: running [debian.local] 428 ? S 0:00 _ avahi-daemon: chroot helper 412 ? Ss 0:00 /usr/sbin/cron -f 413 ? Ss 0:00 /usr/bin/dbus-daemon --system --address=systemd: -- 414 ? Ssl 0:00 /usr/sbin/NetworkManager --no-daemon 416 ? Ssl 0:00 /usr/libexec/polkitd --no-debug 417 ? Ssl 0:00 /usr/sbin/rsyslogd -n -iNONE 418 ? Ssl 0:00 /usr/libexec/switcheroo-control 419 ? Ss 0:00 /lib/systemd/systemd-logind 420 ? Ssl 0:00 /usr/libexec/udisks2/udisksd 422 ? Ss 0:00 /sbin/wpa_supplicant -u -s -O /run/wpa_supplicant 503 ? Ssl 0:00 /sbin/dhclient -4 -v -i -pf /run/dhclient.enp0s8.pi 506 ? Ssl 0:00 /usr/sbin/ModemManager 571 ? Ssl 0:00 /usr/bin/python3 /usr/share/unattended-upgrades/una 582 ? Ss 0:00 sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 star 685 ? SLsl 0:00 /usr/sbin/lightdm 705 tty7 Ssl+ 0:31 _ /usr/lib/xorg/Xorg :0 -seat seat0 -auth /var/ru 884 ? Sl 0:00 _ lightdm --session-child 12 21 944 ? Ssl 0:00 _ /usr/libexec/gnome-session-binary --systemd 1087 ? Ss 0:00 _ /usr/bin/ssh-agent /usr/bin/im-launch / 704 ? Sl 0:00 /usr/sbin/VBoxService --pidfile /var/run/vboxadd-se 706 tty1 Ss+ 0:00 /sbin/agetty -o -p -- \u --noclear tty1 linux 759 ? SNsl 0:00 /usr/libexec/rtkit-daemon 856 ? Ssl 0:00 /usr/libexec/upowerd 889 ? Ss 0:00 /lib/systemd/systemd --user 890 ? S 0:00 _ (sd-pam) 909 ? S<sl 0:00 _ /usr/bin/pipewire 916 ? S<l 0:00 | _ /usr/bin/pipewire-media-session 911 ? S<sl 0:00 _ /usr/bin/pulseaudio --daemonize=no --log-target 913 ? SNsl 0:00 _ /usr/libexec/tracker-miner-fs 915 ? Ss 0:00 _ /usr/bin/dbus-daemon --session --address=system 940 ? Ssl 0:00 _ /usr/libexec/gvfsd 2365 ? Sl 0:00 | _ /usr/libexec/gvfsd-trash --spawner :1.6 /or 2376 ? Sl 0:00 | _ /usr/libexec/gvfsd-burn --spawner :1.6 /org 2442 ? Sl 0:00 | _ /usr/libexec/gvfsd-network --spawner :1.6 / 2454 ? Sl 0:00 | _ /usr/libexec/gvfsd-dnssd --spawner :1.6 /or 2609 ? S 0:00 | _ /bin/sh -c pkexec /usr/libexec/gvfsd-admin 2610 ? Sl 0:00 | _ /usr/libexec/gvfsd-admin --spawner :1.6 946 ? Sl 0:00 _ /usr/libexec/gvfsd-fuse /run/user/1000/gvfs -f 954 ? Ssl 0:00 _ /usr/libexec/gvfs-udisks2-volume-monitor 964 ? Ssl 0:00 _ /usr/libexec/gvfs-gphoto2-volume-monitor 968 ? Ssl 0:00 _ /usr/libexec/gvfs-afc-volume-monitor 974 ? Ssl 0:00 _ /usr/libexec/gvfs-goa-volume-monitor 979 ? Sl 0:00 _ /usr/libexec/goa-daemon 988 ? Sl 0:00 _ /usr/libexec/goa-identity-service 997 ? Ssl 0:00 _ /usr/libexec/gvfs-mtp-volume-monitor 1107 ? Ssl 0:00 _ /usr/libexec/at-spi-bus-launcher 1112 ? S 0:00 | _ /usr/bin/dbus-daemon --config-file=/usr/sha 1121 ? Ssl 0:00 _ /usr/libexec/gvfsd-metadata 1131 ? Ssl 0:00 _ /usr/libexec/gnome-session-ctl --monitor 1133 ? Ssl 0:00 _ /usr/libexec/gnome-session-binary --systemd-ser 1254 ? Sl 0:00 | _ /usr/libexec/gsd-disk-utility-notify 1277 ? Sl 0:06 | _ /usr/bin/gnome-software --gapplication-serv 1281 ? Sl 0:00 | _ /usr/libexec/evolution-data-server/evolutio 1154 ? Ssl 0:58 _ /usr/bin/gnome-shell 1179 ? Sl 0:00 | _ ibus-daemon --panel disable --xim 1183 ? Sl 0:00 | _ /usr/libexec/ibus-dconf 1184 ? Sl 0:01 | _ /usr/libexec/ibus-extension-gtk3 1473 ? Sl 0:00 | _ /usr/libexec/ibus-engine-simple 1188 ? Sl 0:00 _ /usr/libexec/ibus-x11 --kill-daemon 1194 ? Sl 0:00 _ /usr/libexec/ibus-portal 1198 ? Sl 0:00 _ /usr/libexec/at-spi2-registryd --use-gnome-sess 1206 ? Ssl 0:00 _ /usr/libexec/xdg-permission-store 1208 ? Sl 0:00 _ /usr/libexec/gnome-shell-calendar-server 1219 ? Ssl 0:00 _ /usr/libexec/evolution-source-registry 1235 ? Ssl 0:00 _ /usr/libexec/evolution-calendar-factory 1240 ? Sl 0:00 _ /usr/bin/gjs /usr/share/gnome-shell/org.gnome.S 1243 ? Ssl 0:00 _ /usr/libexec/gsd-a11y-settings 1245 ? Ssl 0:00 _ /usr/libexec/gsd-color 1246 ? Ssl 0:00 _ /usr/libexec/gsd-datetime 1248 ? Ssl 0:00 _ /usr/libexec/gsd-housekeeping 1249 ? Ssl 0:00 _ /usr/libexec/gsd-keyboard 1252 ? Ssl 0:00 _ /usr/libexec/gsd-media-keys 1258 ? Ssl 0:00 _ /usr/libexec/gsd-power 1262 ? Ssl 0:00 _ /usr/libexec/gsd-print-notifications 1263 ? Ssl 0:00 _ /usr/libexec/gsd-rfkill 1270 ? Ssl 0:00 _ /usr/libexec/gsd-screensaver-proxy 1274 ? Ssl 0:00 _ /usr/libexec/gsd-sharing 1279 ? Ssl 0:00 _ /usr/libexec/gsd-smartcard 1282 ? Ssl 0:00 _ /usr/libexec/gsd-sound 1287 ? Ssl 0:00 _ /usr/libexec/gsd-usb-protection 1292 ? Ssl 0:00 _ /usr/libexec/gsd-wacom 1300 ? Ssl 0:00 _ /usr/libexec/gsd-xsettings 1348 ? Sl 0:00 _ /usr/libexec/dconf-service 1383 ? Sl 0:00 _ /usr/libexec/gsd-printer 1453 ? Ssl 0:00 _ /usr/libexec/evolution-addressbook-factory 2475 ? Ssl 0:03 _ /usr/libexec/gnome-terminal-server 2482 pts/0 Ss 0:00 _ bash 2730 pts/0 R+ 0:00 | _ ps afx 2503 pts/1 Ss 0:00 _ bash 2525 pts/1 S 0:00 _ su - 2526 pts/1 S+ 0:00 _ -bash 923 ? Sl 0:00 /usr/bin/gnome-keyring-daemon --daemonize --login 1057 ? S 0:00 /usr/bin/VBoxClient --clipboard 1058 ? Sl 0:00 _ /usr/bin/VBoxClient --clipboard 1067 ? S 0:00 /usr/bin/VBoxClient --seamless 1069 ? Sl 0:00 _ /usr/bin/VBoxClient --seamless 1072 ? S 0:00 /usr/bin/VBoxClient --draganddrop 1073 ? Sl 0:06 _ /usr/bin/VBoxClient --draganddrop 1076 ? S 0:00 /usr/bin/VBoxClient --vmsvga 1077 ? Sl 0:00 _ /usr/bin/VBoxClient --vmsvga 1229 ? Ssl 0:10 /usr/libexec/packagekitd 1410 ? Ssl 0:00 /usr/libexec/colord 1493 ? Ssl 0:00 /usr/libexec/fwupd/fwupd

hostname -I#

127.0.1.1

ip addr#

1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: enp0s3: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 08:00:27:97:cf:96 brd ff:ff:ff:ff:ff:ff inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic noprefixroute enp0s3 valid_lft 83607sec preferred_lft 83607sec inet6 fe80::a00:27ff:fe97:cf96/64 scope link noprefixroute valid_lft forever preferred_lft forever 3: enp0s8: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 08:00:27:8f:e6:b4 brd ff:ff:ff:ff:ff:ff inet 192.168.56.3/24 brd 192.168.56.255 scope global dynamic enp0s8 valid_lft 457sec preferred_lft 457sec inet6 fe80::a00:27ff:fe8f:e6b4/64 scope link valid_lft forever preferred_lft forever

ip route show#

default via 10.0.2.2 dev enp0s3 proto dhcp metric 100 10.0.2.0/24 dev enp0s3 proto kernel scope link src 10.0.2.15 metric 100 169.254.0.0/16 dev enp0s8 scope link metric 1000 192.168.56.0/24 dev enp0s8 proto kernel scope link src 192.168.56.3

cat /etc/resolv.conf#

Generated by NetworkManager#

nameserver 10.0.2.3

netstat -ntulp#

(Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.) Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0: LISTEN -
tcp6 0 0 :::22 :::
LISTEN -
udp 0 0 0.0.0.0:45575 0.0.0.0: -
udp 0 0 0.0.0.0:68 0.0.0.0:
-
udp 0 0 0.0.0.0:5353 0.0.0.0: -
udp6 0 0 :::44801 :::
-
udp6 0 0 :::5353 :::* -

ping -c 4 1.1.1.1#

PING 1.1.1.1 (1.1.1.1): 56 data bytes 64 bytes from 1.1.1.1: icmp_seq=0 ttl=63 time=24.559 ms 64 bytes from 1.1.1.1: icmp_seq=1 ttl=63 time=43.372 ms 64 bytes from 1.1.1.1: icmp_seq=2 ttl=63 time=23.110 ms 64 bytes from 1.1.1.1: icmp_seq=3 ttl=63 time=22.425 ms --- 1.1.1.1 ping statistics --- 4 packets transmitted, 4 packets received, 0% packet loss round-trip min/avg/max/stddev = 22.425/28.366/43.372/8.698 ms

dig example.com.#

; <<>> DiG 9.16.22-Debian <<>> example.com. ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37684 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 65494 ;; QUESTION SECTION: ;example.com. IN A

;; ANSWER SECTION: example.com. 33948 IN A 93.184.216.34

;; Query time: 24 msec ;; SERVER: 10.0.2.3#53(10.0.2.3) ;; WHEN: Mon Feb 28 18:40:17 CST 2022 ;; MSG SIZE rcvd: 56

$ getent passwd ${USER}

rubensaavedra:x:1000:1000:rubensaavedra,,,:/home/rubensaavedra:/bin/bash

$ getent passwd ${rubensaavedra}

root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin bin:x:2:2:bin:/bin:/usr/sbin/nologin sys:x:3:3:sys:/dev:/usr/sbin/nologin sync:x:4:65534:sync:/bin:/bin/sync games:x:5:60:games:/usr/games:/usr/sbin/nologin man:x:6:12:man:/var/cache/man:/usr/sbin/nologin lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin mail:x:8:8:mail:/var/mail:/usr/sbin/nologin news:x:9:9:news:/var/spool/news:/usr/sbin/nologin uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin proxy:x:13:13:proxy:/bin:/usr/sbin/nologin www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin backup:x:34:34:backup:/var/backups:/usr/sbin/nologin list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin irc:x:39:39:ircd:/run/ircd:/usr/sbin/nologin gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin _apt:x:100:65534::/nonexistent:/usr/sbin/nologin systemd-timesync:x:101:101:systemd Time Synchronization,,,:/run/systemd:/usr/sbin/nologin systemd-network:x:102:103:systemd Network Management,,,:/run/systemd:/usr/sbin/nologin systemd-resolve:x:103:104:systemd Resolver,,,:/run/systemd:/usr/sbin/nologin messagebus:x:104:110::/nonexistent:/usr/sbin/nologin avahi-autoipd:x:105:113:Avahi autoip daemon,,,:/var/lib/avahi-autoipd:/usr/sbin/nologin usbmux:x:106:46:usbmux daemon,,,:/var/lib/usbmux:/usr/sbin/nologin rtkit:x:107:114:RealtimeKit,,,:/proc:/usr/sbin/nologin sshd:x:108:65534::/run/sshd:/usr/sbin/nologin dnsmasq:x:109:65534:dnsmasq,,,:/var/lib/misc:/usr/sbin/nologin avahi:x:110:115:Avahi mDNS daemon,,,:/run/avahi-daemon:/usr/sbin/nologin speech-dispatcher:x:111:29:Speech Dispatcher,,,:/run/speech-dispatcher:/bin/false pulse:x:112:116:PulseAudio daemon,,,:/run/pulse:/usr/sbin/nologin lightdm:x:113:118:Light Display Manager:/var/lib/lightdm:/bin/false rubensaavedra:x:1000:1000:rubensaavedra,,,:/home/rubensaavedra:/bin/bash systemd-coredump:x:999:999:systemd Core Dumper:/:/usr/sbin/nologin vboxadd:x:998:1::/var/run/vboxadd:/bin/false tcpdump:x:114:119::/nonexistent:/usr/sbin/nologin tss:x:115:121:TPM software stack,,,:/var/lib/tpm:/bin/false geoclue:x:116:122::/var/lib/geoclue:/usr/sbin/nologin saned:x:117:124::/var/lib/saned:/usr/sbin/nologin colord:x:118:125:colord colour management daemon,,,:/var/lib/colord:/usr/sbin/nologin Debian-gdm:x:119:126:Gnome Display Manager:/var/lib/gdm3:/bin/false

$ id

uid=1000(rubensaavedra) gid=1000(rubensaavedra) groups=1000(rubensaavedra),24(cdrom),25(floppy),27(sudo),29(audio),30(dip),44(video),46(plugdev),109(netdev),112(bluetooth),120(wireshark)

$ groups

rubensaavedra cdrom floppy sudo audio dip video plugdev netdev bluetooth wireshark

$ sudo -l

Matching Defaults entries for rubensaavedra on debian: env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin

User rubensaavedra may run the following commands on debian: (ALL : ALL) NOPASSWD: ALL

$ sudo -i

which wireshark tcpdump nmap netcat-openbsd ngrep dsniff wget curl whois dnsutils net-tools iproute2 iptables iptables-persistent tsocks inetutils-ping inetutils-traceroute inetutils-tools ethtool#

/usr/bin/wireshark /usr/bin/tcpdump /usr/bin/nmap /usr/bin/ngrep /usr/sbin/dsniff /usr/bin/wget /usr/bin/curl /usr/bin/whois /usr/sbin/iptables /usr/bin/tsocks /usr/bin/inetutils-traceroute /usr/sbin/ethtool

whereis wireshark tcpdump nmap netcat-openbsd ngrep dsniff wget curl whois dnsutils net-tools iproute2 iptables iptables-persistent tsocks inetutils-ping inetutils-traceroute inetutils-tools ethtool#

wireshark: /usr/bin/wireshark /usr/lib/x86_64-linux-gnu/wireshark /etc/wireshark /usr/share/wireshark /usr/share/man/man1/wireshark.1.gz tcpdump: /usr/bin/tcpdump /usr/share/man/man8/tcpdump.8.gz nmap: /usr/bin/nmap /usr/share/nmap /usr/share/man/man1/nmap.1.gz netcat-openbsd: ngrep: /usr/bin/ngrep /usr/share/man/man8/ngrep.8.gz dsniff: /usr/sbin/dsniff /usr/share/dsniff /usr/share/man/man8/dsniff.8.gz wget: /usr/bin/wget /usr/share/man/man1/wget.1.gz /usr/share/info/wget.info.gz curl: /usr/bin/curl /usr/share/man/man1/curl.1.gz whois: /usr/bin/whois /usr/share/man/man1/whois.1.gz dnsutils: net-tools: iproute2: /etc/iproute2 /usr/include/iproute2 iptables: /usr/sbin/iptables /etc/iptables /usr/share/iptables /usr/share/man/man8/iptables.8.gz iptables-persistent: tsocks: /usr/bin/tsocks /etc/tsocks.conf /usr/share/man/man1/tsocks.1.gz /usr/share/man/man8/tsocks.8.gz inetutils-ping: inetutils-traceroute: /usr/bin/inetutils-traceroute /usr/share/man/man1/inetutils-traceroute.1.gz inetutils-tools: ethtool: /usr/sbin/ethtool /usr/share/man/man8/ethtool.8.gz

Primera captura de la información del sistema CentOS

uname -a#

Linux centos-8-local 4.18.0-365.el8.x86_64 #1 SMP Thu Feb 10 16:11:23 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux

cat /etc/os-release#

NAME="CentOS Stream" VERSION="8" ID="centos" ID_LIKE="rhel fedora" VERSION_ID="8" PLATFORM_ID="platform:el8" PRETTY_NAME="CentOS Stream 8" ANSI_COLOR="0;31" CPE_NAME="cpe:/o:centos:centos:8" HOME_URL="https://centos.org/" BUG_REPORT_URL="https://bugzilla.redhat.com/" REDHAT_SUPPORT_PRODUCT="Red Hat Enterprise Linux 8" REDHAT_SUPPORT_PRODUCT_VERSION="CentOS Stream"

cat /etc/centos-release /etc/redhat-release#

CentOS Stream release 8 CentOS Stream release 8

lsmod#

Module Size Used by vboxsf 90112 1 nls_utf8 16384 1 isofs 49152 1 uinput 20480 0 vboxvideo 32768 0 drm_vram_helper 20480 1 vboxvideo drm_ttm_helper 16384 2 drm_vram_helper,vboxvideo xt_CHECKSUM 16384 1 ipt_MASQUERADE 16384 3 xt_conntrack 16384 1 ipt_REJECT 16384 2 nft_compat 20480 16 nf_nat_tftp 16384 0 nft_objref 16384 1 nf_conntrack_tftp 16384 3 nf_nat_tftp nft_counter 16384 33 bridge 278528 0 stp 16384 1 bridge llc 16384 2 bridge,stp nft_fib_inet 16384 1 nft_fib_ipv4 16384 1 nft_fib_inet nft_fib_ipv6 16384 1 nft_fib_inet nft_fib 16384 3 nft_fib_ipv6,nft_fib_ipv4,nft_fib_inet nft_reject_inet 16384 5 nf_reject_ipv4 16384 2 nft_reject_inet,ipt_REJECT nf_reject_ipv6 16384 1 nft_reject_inet nft_reject 16384 1 nft_reject_inet nft_ct 20480 18 nf_tables_set 49152 20 nft_chain_nat 16384 12 nf_nat 45056 3 ipt_MASQUERADE,nf_nat_tftp,nft_chain_nat nf_conntrack 172032 6 xt_conntrack,nf_nat,nf_conntrack_tftp,nft_ct,ipt_MASQUERADE,nf_nat_tftp nf_defrag_ipv6 20480 1 nf_conntrack nf_defrag_ipv4 16384 1 nf_conntrack ip_set 49152 0 nf_tables 180224 456 nft_ct,nft_compat,nft_reject_inet,nft_fib_ipv6,nft_objref,nft_fib_ipv4,nft_counter,nft_chain_nat,nf_tables_set,nft_reject,nft_fib,nft_fib_inet nfnetlink 16384 4 nft_compat,nf_tables,ip_set sunrpc 565248 1 snd_intel8x0 45056 5 snd_ac97_codec 143360 1 snd_intel8x0 ac97_bus 16384 1 snd_ac97_codec snd_seq 81920 0 intel_rapl_msr 16384 0 intel_rapl_common 24576 1 intel_rapl_msr snd_seq_device 16384 1 snd_seq snd_pcm 118784 3 snd_intel8x0,snd_ac97_codec crct10dif_pclmul 16384 1 crc32_pclmul 16384 0 snd_timer 36864 3 snd_seq,snd_pcm ghash_clmulni_intel 16384 0 snd 98304 14 snd_seq,snd_seq_device,snd_intel8x0,snd_timer,snd_ac97_codec,snd_pcm pcspkr 16384 0 soundcore 16384 1 snd i2c_piix4 24576 0 joydev 24576 0 video 49152 0 xfs 1552384 2 libcrc32c 16384 4 nf_conntrack,nf_nat,nf_tables,xfs sr_mod 28672 1 cdrom 65536 2 isofs,sr_mod sd_mod 53248 3 t10_pi 16384 1 sd_mod sg 40960 0 ata_generic 16384 0 vmwgfx 372736 3 ttm 73728 3 vmwgfx,drm_vram_helper,drm_ttm_helper drm_kms_helper 266240 3 vmwgfx,drm_vram_helper,vboxvideo syscopyarea 16384 1 drm_kms_helper sysfillrect 16384 1 drm_kms_helper sysimgblt 16384 1 drm_kms_helper fb_sys_fops 16384 1 drm_kms_helper drm 585728 9 vmwgfx,drm_kms_helper,drm_vram_helper,vboxvideo,drm_ttm_helper,ttm ahci 40960 2 libahci 40960 1 ahci ata_piix 36864 1 libata 262144 4 ata_piix,libahci,ahci,ata_generic crc32c_intel 24576 1 e1000 151552 0 serio_raw 16384 0 vboxguest 385024 7 vboxsf dm_mirror 28672 0 dm_region_hash 20480 1 dm_mirror dm_log 20480 2 dm_region_hash,dm_mirror dm_mod 151552 9 dm_log,dm_mirror ipmi_devintf 20480 0 ipmi_msghandler 110592 1 ipmi_devintf fuse 155648 3

ps afx#

PID TTY      STAT   TIME COMMAND
  2 ?        S      0:00 [kthreadd]
  3 ?        I<     0:00  \_ [rcu_gp]
  4 ?        I<     0:00  \_ [rcu_par_gp]
  6 ?        I<     0:00  \_ [kworker/0:0H-events_highpri]
  8 ?        I      0:00  \_ [kworker/u2:0-events_unbound]
  9 ?        I<     0:00  \_ [mm_percpu_wq]
 10 ?        S      0:00  \_ [rcu_tasks_rude_]
 11 ?        S      0:00  \_ [rcu_tasks_trace]
 12 ?        S      0:00  \_ [ksoftirqd/0]
 13 ?        R      0:00  \_ [rcu_sched]
 14 ?        S      0:00  \_ [migration/0]
 15 ?        S      0:00  \_ [watchdog/0]
 16 ?        S      0:00  \_ [cpuhp/0]
 18 ?        S      0:00  \_ [kdevtmpfs]
 19 ?        I<     0:00  \_ [netns]
 20 ?        S      0:00  \_ [kauditd]
 21 ?        S      0:00  \_ [khungtaskd]
 22 ?        S      0:00  \_ [oom_reaper]
 23 ?        I<     0:00  \_ [writeback]
 24 ?        S      0:00  \_ [kcompactd0]
 25 ?        SN     0:00  \_ [ksmd]
 26 ?        SN     0:00  \_ [khugepaged]
 27 ?        I<     0:00  \_ [crypto]
 28 ?        I<     0:00  \_ [kintegrityd]
 29 ?        I<     0:00  \_ [kblockd]
 30 ?        I<     0:00  \_ [blkcg_punt_bio]
 31 ?        I<     0:00  \_ [tpm_dev_wq]
 32 ?        I<     0:00  \_ [md]
 33 ?        I<     0:00  \_ [edac-poller]
 34 ?        S      0:00  \_ [watchdogd]
 35 ?        I<     0:00  \_ [kworker/0:1H-kblockd]
 59 ?        S      0:00  \_ [kswapd0]
161 ?        I<     0:00  \_ [kthrotld]
162 ?        I<     0:00  \_ [acpi_thermal_pm]
163 ?        I<     0:00  \_ [kmpath_rdacd]
164 ?        I<     0:00  \_ [kaluad]
165 ?        I<     0:00  \_ [ipv6_addrconf]
166 ?        I      0:00  \_ [kworker/0:2-events]
167 ?        I<     0:00  \_ [kstrp]
286 ?        I      0:00  \_ [kworker/0:3-ata_sff]
300 ?        I      0:00  \_ [kworker/u2:2-xfs-cil/dm-0]
444 ?        I<     0:00  \_ [iprt-VBoxWQueue]
454 ?        I<     0:00  \_ [ata_sff]
455 ?        S      0:00  \_ [scsi_eh_0]
456 ?        I<     0:00  \_ [scsi_tmf_0]
457 ?        S      0:00  \_ [scsi_eh_1]
458 ?        I<     0:00  \_ [scsi_tmf_1]
459 ?        S      0:00  \_ [scsi_eh_2]
460 ?        I<     0:00  \_ [scsi_tmf_2]
467 ?        I<     0:00  \_ [ttm_swap]
468 ?        S      0:00  \_ [irq/18-vmwgfx]
469 ?        S      0:00  \_ [card0-crtc0]
470 ?        S      0:00  \_ [card0-crtc1]
471 ?        S      0:00  \_ [card0-crtc2]
472 ?        S      0:00  \_ [card0-crtc3]
473 ?        S      0:00  \_ [card0-crtc4]
474 ?        S      0:00  \_ [card0-crtc5]
475 ?        S      0:00  \_ [card0-crtc6]
476 ?        S      0:00  \_ [card0-crtc7]
551 ?        I<     0:00  \_ [kdmflush/253:0]
560 ?        I<     0:00  \_ [kdmflush/253:1]
584 ?        I<     0:00  \_ [xfsalloc]
585 ?        I<     0:00  \_ [xfs_mru_cache]
586 ?        I<     0:00  \_ [xfs-buf/dm-0]
587 ?        I<     0:00  \_ [xfs-conv/dm-0]
588 ?        I<     0:00  \_ [xfs-cil/dm-0]
589 ?        I<     0:00  \_ [xfs-reclaim/dm-]
590 ?        I<     0:00  \_ [xfs-eofblocks/d]
591 ?        I<     0:00  \_ [xfs-log/dm-0]
592 ?        S      0:00  \_ [xfsaild/dm-0]
795 ?        I<     0:00  \_ [xfs-buf/sda1]
796 ?        I<     0:00  \_ [xfs-conv/sda1]
797 ?        I<     0:00  \_ [xfs-cil/sda1]
798 ?        I<     0:00  \_ [xfs-reclaim/sda]
799 ?        I<     0:00  \_ [xfs-eofblocks/s]
800 ?        I<     0:00  \_ [xfs-log/sda1]
801 ?        S      0:00  \_ [xfsaild/sda1]
828 ?        I<     0:00  \_ [rpciod]
829 ?        I<     0:00  \_ [kworker/u3:0]
830 ?        I<     0:00  \_ [xprtiod]

2888 ? I 0:00 _ [kworker/0:6-mm_percpu_wq] 3138 ? I 0:00 _ [kworker/u2:3-events_unbound] 1 ? Ss 0:02 /usr/lib/systemd/systemd --switched-root --system - 690 ? Ss 0:00 /usr/lib/systemd/systemd-journald 730 ? Ss 0:00 /usr/lib/systemd/systemd-udevd 826 ? Ss 0:00 /usr/bin/rpcbind -w -f 832 ? S<sl 0:00 /sbin/auditd 834 ? S< 0:00 _ /usr/sbin/sedispatch 859 ? Ss 0:00 /usr/bin/lsmd -d 862 ? SNsl 0:00 /usr/libexec/rtkit-daemon 864 ? Ss 0:00 avahi-daemon: running [centos-8-local.local] 903 ? S 0:00 _ avahi-daemon: chroot helper 865 ? Ss 0:00 /usr/sbin/sssd -i --logger=files 904 ? S 0:00 _ /usr/libexec/sssd/sssd_be --domain implicit_fil 912 ? S 0:00 _ /usr/libexec/sssd/sssd_nss --uid 0 --gid 0 --lo 867 ? Ss 0:00 /usr/lib/systemd/systemd-machined 869 ? Ssl 0:01 /usr/bin/dbus-daemon --system --address=systemd: -- 872 ? Ss 0:00 /usr/sbin/smartd -n -q never 873 ? Ssl 0:05 /usr/lib/polkit-1/polkitd --no-debug 874 ? Ssl 0:00 /usr/libexec/udisks2/udisksd 875 ? SNs 0:00 /usr/sbin/alsactl -s -n 19 -c -E ALSA_CONFIG_PATH=/ 877 ? S 0:00 /usr/sbin/chronyd 910 ? S 0:00 /bin/bash /usr/sbin/ksmtuned 3348 ? S 0:00 _ sleep 60 913 ? Ss 0:00 /usr/lib/systemd/systemd-logind 914 ? Ssl 0:00 /usr/libexec/accounts-daemon 932 ? Ssl 0:00 /usr/libexec/platform-python -s /usr/sbin/firewalld 933 ? Ssl 0:00 /usr/sbin/ModemManager 1003 ? Ssl 0:00 /usr/sbin/NetworkManager --no-daemon 1011 ? Ss 0:00 /usr/sbin/cupsd -l 1014 ? Rsl 0:02 /usr/libexec/platform-python -Es /usr/sbin/tuned -l 1024 ? Ss 0:00 /usr/sbin/sshd -D -oCiphers=aes256-gcm@openssh.com, 1029 ? Ssl 0:00 /usr/sbin/gssproxy -D 1256 ? Ssl 0:00 /usr/sbin/rsyslogd -n 1269 ? Ss 0:00 /usr/sbin/atd -f 1271 ? Ss 0:00 /usr/sbin/crond -n 1738 ? S 0:00 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsm 1739 ? S 0:00 _ /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/ 1827 ? Ssl 0:00 /usr/sbin/gdm 2186 ? Sl 0:00 _ gdm-session-worker [pam/gdm-password] 2229 tty2 Ssl+ 0:00 _ /usr/libexec/gdm-wayland-session --register 2237 tty2 Sl+ 0:00 _ /usr/libexec/gnome-session-binary 2293 tty2 Sl+ 0:19 _ /usr/bin/gnome-shell 2321 tty2 S+ 0:00 | _ /usr/bin/Xwayland :0 -rootless 2342 tty2 Sl 0:00 | _ ibus-daemon --xim --panel disab 2346 tty2 Sl 0:00 | _ /usr/libexec/ibus-dconf 2347 tty2 Sl 0:00 | _ /usr/libexec/ibus-extension 2515 tty2 Sl 0:00 | _ /usr/libexec/ibus-engine-si 2433 tty2 Sl+ 0:00 _ /usr/libexec/gsd-power 2434 tty2 Sl+ 0:00 _ /usr/libexec/gsd-print-notification 2438 tty2 Sl+ 0:00 _ /usr/libexec/gsd-rfkill 2442 tty2 Sl+ 0:00 _ /usr/libexec/gsd-screensaver-proxy 2452 tty2 Sl+ 0:00 _ /usr/libexec/gsd-sharing 2458 tty2 Sl+ 0:00 _ /usr/libexec/gsd-sound 2461 tty2 Sl+ 0:00 _ /usr/libexec/gsd-xsettings 2464 tty2 Sl+ 0:00 _ /usr/libexec/gsd-wacom 2465 tty2 Sl+ 0:00 _ /usr/libexec/gsd-smartcard 2467 tty2 Sl+ 0:00 _ /usr/libexec/gsd-account 2486 tty2 Sl+ 0:00 _ /usr/libexec/gsd-a11y-settings 2487 tty2 Sl+ 0:00 _ /usr/libexec/gsd-clipboard 2490 tty2 Sl+ 0:00 _ /usr/libexec/gsd-color 2494 tty2 Sl+ 0:00 _ /usr/libexec/gsd-datetime 2497 tty2 Sl+ 0:00 _ /usr/libexec/gsd-housekeeping 2505 tty2 Sl+ 0:00 _ /usr/libexec/gsd-keyboard 2509 tty2 Sl+ 0:00 _ /usr/libexec/gsd-media-keys 2516 tty2 Sl+ 0:00 _ /usr/libexec/gsd-mouse 2633 tty2 Sl+ 0:01 _ /usr/bin/gnome-software --gapplicat 2644 tty2 Sl+ 0:00 _ /usr/libexec/gsd-disk-utility-notif 2665 tty2 SNl+ 0:00 _ /usr/libexec/tracker-miner-apps 2672 tty2 SNl+ 0:00 _ /usr/libexec/tracker-miner-fs 1839 ? Sl 0:00 /usr/sbin/VBoxService --pidfile /var/run/vboxadd-se 1998 ? Ssl 0:00 /usr/libexec/upowerd 2017 ? Ssl 0:05 /usr/libexec/packagekitd 2021 ? Ss 0:00 /usr/sbin/wpa_supplicant -c /etc/wpa_supplicant/wpa 2091 ? Ssl 0:00 /usr/libexec/colord 2197 ? Ss 0:00 /usr/lib/systemd/systemd --user 2201 ? S 0:00 _ (sd-pam) 2217 ? S<sl 0:00 _ /usr/bin/pulseaudio --daemonize=no --log-target 2233 ? Ssl 0:00 _ /usr/bin/dbus-daemon --session --address=system 2308 ? Ssl 0:00 _ /usr/libexec/gvfsd 3059 ? Sl 0:00 | _ /usr/libexec/gvfsd-trash --spawner :1.16 /o 3141 ? Sl 0:00 | _ /usr/libexec/gvfsd-network --spawner :1.16 3159 ? Sl 0:00 | _ /usr/libexec/gvfsd-dnssd --spawner :1.16 /o 3164 ? Sl 0:00 | _ /usr/libexec/gvfsd-admin --spawner :1.16 /o 2319 ? Sl 0:00 _ /usr/libexec/gvfsd-fuse /run/user/1000/gvfs -f 2329 ? Ssl 0:00 _ /usr/libexec/at-spi-bus-launcher 2334 ? Sl 0:00 | _ /usr/bin/dbus-daemon --config-file=/usr/sha 2339 ? Sl 0:00 _ /usr/libexec/at-spi2-registryd --use-gnome-sess 2354 ? Ssl 0:00 _ /usr/libexec/xdg-permission-store 2356 ? Sl 0:00 _ /usr/libexec/ibus-portal 2369 ? Sl 0:00 _ /usr/libexec/gnome-shell-calendar-server 2379 ? Ssl 0:00 _ /usr/libexec/gvfs-udisks2-volume-monitor 2391 ? Ssl 0:00 _ /usr/libexec/evolution-source-registry 2392 ? Ssl 0:00 _ /usr/libexec/gvfs-mtp-volume-monitor 2396 ? Ssl 0:00 _ /usr/libexec/gvfs-gphoto2-volume-monitor 2403 ? Ssl 0:00 _ /usr/libexec/gvfs-afc-volume-monitor 2408 ? Ssl 0:00 _ /usr/libexec/gvfs-goa-volume-monitor 2411 ? Sl 0:00 _ /usr/libexec/goa-daemon 2423 ? Sl 0:00 _ /usr/libexec/goa-identity-service 2454 ? Ssl 0:00 _ /usr/libexec/evolution-calendar-factory 2514 ? Sl 0:00 | _ /usr/libexec/evolution-calendar-factory-sub 2581 ? Sl 0:00 _ /usr/libexec/dconf-service 2584 ? Ssl 0:00 _ /usr/libexec/evolution-addressbook-factory 2603 ? Sl 0:00 | _ /usr/libexec/evolution-addressbook-factory- 2696 ? Ssl 0:00 _ /usr/libexec/tracker-store 2858 ? Ssl 0:01 _ /usr/libexec/gnome-terminal-server 2869 pts/0 Ss 0:00 | _ bash 2961 pts/0 S 0:00 | _ su - 2970 pts/0 S 0:00 | _ -bash 3350 pts/0 R+ 0:00 | _ ps afx 3090 ? Ssl 0:00 _ /usr/libexec/gvfsd-metadata 2223 ? Sl 0:00 /usr/bin/gnome-keyring-daemon --daemonize --login 2351 tty2 Sl 0:00 /usr/libexec/ibus-x11 --kill-daemon 2429 ? Ss 0:00 /usr/libexec/sssd/sssd_kcm --uid 0 --gid 0 --logger 2558 tty2 Sl+ 0:00 /usr/libexec/gsd-printer 2669 ? S 0:00 /usr/bin/VBoxClient --clipboard 2674 ? Sl 0:00 _ /usr/bin/VBoxClient --clipboard 2687 ? S 0:00 /usr/bin/VBoxClient --seamless 2691 ? Sl 0:00 _ /usr/bin/VBoxClient --seamless 2701 ? S 0:00 /usr/bin/VBoxClient --draganddrop 2705 ? Sl 0:00 _ /usr/bin/VBoxClient --draganddrop 2712 ? S 0:00 /usr/bin/VBoxClient --vmsvga 2717 ? S 0:00 _ [VBoxDRMClient] 2842 ? Ssl 0:00 /usr/libexec/fwupd/fwupd

hostname -I#

10.0.2.15 192.168.122.1

ip addr#

1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: enp0s3: mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 08:00:27:01:c3:00 brd ff:ff:ff:ff:ff:ff inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic noprefixroute enp0s3 valid_lft 85750sec preferred_lft 85750sec inet6 fe80::a00:27ff:fe01:c300/64 scope link noprefixroute valid_lft forever preferred_lft forever 3: enp0s8: mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 08:00:27:d3:ce:2a brd ff:ff:ff:ff:ff:ff 4: virbr0: mtu 1500 qdisc noqueue state DOWN group default qlen 1000 link/ether 52:54:00:22:49:19 brd ff:ff:ff:ff:ff:ff inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 valid_lft forever preferred_lft forever

ip route show#

default via 10.0.2.2 dev enp0s3 proto dhcp metric 100 10.0.2.0/24 dev enp0s3 proto kernel scope link src 10.0.2.15 metric 100 192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 linkdown

cat /etc/resolv.conf#

Generated by NetworkManager#

nameserver 10.0.2.3

netstat -ntulp#

Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 192.168.122.1:53 0.0.0.0: LISTEN 1738/dnsmasq
tcp 0 0 0.0.0.0:22 0.0.0.0:
LISTEN 1024/sshd
tcp 0 0 127.0.0.1:631 0.0.0.0: LISTEN 1011/cupsd
tcp 0 0 0.0.0.0:111 0.0.0.0:
LISTEN 1/systemd
tcp6 0 0 :::22 ::: LISTEN 1024/sshd
tcp6 0 0 ::1:631 :::
LISTEN 1011/cupsd
tcp6 0 0 :::111 ::: LISTEN 1/systemd
udp 0 0 192.168.122.1:53 0.0.0.0:
1738/dnsmasq
udp 0 0 0.0.0.0:67 0.0.0.0: 1738/dnsmasq
udp 0 0 0.0.0.0:111 0.0.0.0:
1/systemd
udp 0 0 0.0.0.0:54444 0.0.0.0: 864/avahi-daemon: r udp 0 0 0.0.0.0:5353 0.0.0.0: 864/avahi-daemon: r udp 0 0 127.0.0.1:323 0.0.0.0: 877/chronyd
udp6 0 0 :::111 :::
1/systemd
udp6 0 0 :::5353 ::: 864/avahi-daemon: r udp6 0 0 ::1:323 ::: 877/chronyd
udp6 0 0 :::51634 :::* 864/avahi-daemon: r

ping -c 4 1.1.1.1#

PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data. 64 bytes from 1.1.1.1: icmp_seq=1 ttl=63 time=35.6 ms 64 bytes from 1.1.1.1: icmp_seq=2 ttl=63 time=29.2 ms 64 bytes from 1.1.1.1: icmp_seq=3 ttl=63 time=16.4 ms 64 bytes from 1.1.1.1: icmp_seq=4 ttl=63 time=23.5 ms

--- 1.1.1.1 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3002ms rtt min/avg/max/mdev = 16.359/26.172/35.637/7.118 ms

dig example.com.#

; <<>> DiG 9.11.36-RedHat-9.11.36-3.el8 <<>> example.com. ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62500 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 65494 ;; QUESTION SECTION: ;example.com. IN A

;; ANSWER SECTION: example.com. 16102 IN A 93.184.216.34

;; Query time: 44 msec ;; SERVER: 10.0.2.3#53(10.0.2.3) ;; WHEN: Mon Feb 28 23:37:43 CST 2022 ;; MSG SIZE rcvd: 56

$ getent passwd ${USER}

root:x:0:0:root:/root:/bin/bash

root:x:0:0:root:/root:/bin/bash bin:x:1:1:bin:/bin:/sbin/nologin daemon:x:2:2:daemon:/sbin:/sbin/nologin adm:x:3:4:adm:/var/adm:/sbin/nologin lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin sync:x:5:0:sync:/sbin:/bin/sync shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown halt:x:7:0:halt:/sbin:/sbin/halt mail:x:8:12:mail:/var/spool/mail:/sbin/nologin operator:x:11:0:operator:/root:/sbin/nologin games:x:12:100:games:/usr/games:/sbin/nologin ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin nobody:x:65534:65534:Kernel Overflow User:/:/sbin/nologin dbus:x:81:81:System message bus:/:/sbin/nologin systemd-coredump:x:999:997:systemd Core Dumper:/:/sbin/nologin systemd-resolve:x:193:193:systemd Resolver:/:/sbin/nologin tss:x:59:59:Account used for TPM access:/dev/null:/sbin/nologin polkitd:x:998:996:User for polkitd:/:/sbin/nologin unbound:x:997:995:Unbound DNS resolver:/etc/unbound:/sbin/nologin geoclue:x:996:994:User for geoclue:/var/lib/geoclue:/sbin/nologin rtkit:x:172:172:RealtimeKit:/proc:/sbin/nologin pipewire:x:995:991:PipeWire System Daemon:/var/run/pipewire:/sbin/nologin clevis:x:994:990:Clevis Decryption Framework unprivileged user:/var/cache/clevis:/sbin/nologin usbmuxd:x:113:113:usbmuxd user:/:/sbin/nologin gluster:x:993:989:GlusterFS daemons:/run/gluster:/sbin/nologin rpc:x:32:32:Rpcbind Daemon:/var/lib/rpcbind:/sbin/nologin avahi:x:70:70:Avahi mDNS/DNS-SD Stack:/var/run/avahi-daemon:/sbin/nologin chrony:x:992:988::/var/lib/chrony:/sbin/nologin dnsmasq:x:987:987:Dnsmasq DHCP and DNS server:/var/lib/dnsmasq:/sbin/nologin saslauth:x:986:76:Saslauthd user:/run/saslauthd:/sbin/nologin libstoragemgmt:x:985:986:daemon account for libstoragemgmt:/var/run/lsm:/sbin/nologin sssd:x:984:985:User for sssd:/:/sbin/nologin qemu:x:107:107:qemu user:/:/sbin/nologin cockpit-ws:x:983:983:User for cockpit web service:/nonexisting:/sbin/nologin cockpit-wsinstance:x:982:982:User for cockpit-ws instances:/nonexisting:/sbin/nologin colord:x:981:981:User for colord:/var/lib/colord:/sbin/nologin rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin pulse:x:171:171:PulseAudio System Daemon:/var/run/pulse:/sbin/nologin setroubleshoot:x:980:977::/var/lib/setroubleshoot:/sbin/nologin flatpak:x:979:976:User for flatpak system helper:/:/sbin/nologin gdm:x:42:42::/var/lib/gdm:/sbin/nologin gnome-initial-setup:x:978:975::/run/gnome-initial-setup/:/sbin/nologin sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin tcpdump:x:72:72::/:/sbin/nologin rsaavedra:x:1000:1000:Ruben Saavedra:/home/rsaavedra:/bin/bash pesign:x:977:974:Group for the pesign signing daemon:/run/pesign:/sbin/nologin vboxadd:x:976:1::/var/run/vboxadd:/bin/false

$ id

uid=0(root) gid=0(root) groups=0(root) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

$ groups

root

$ sudo -l

Matching Defaults entries for root on centos-8-local: !visiblepw, always_set_home, match_group_by_gid, always_query_group_plugin, env_reset, env_keep="COLORS DISPLAY HOSTNAME HISTSIZE KDEDIR LS_COLORS", env_keep+="MAIL PS1 PS2 QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE", env_keep+="LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES", env_keep+="LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE", env_keep+="LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY", secure_path=/sbin\:/bin\:/usr/sbin\:/usr/bin

User root may run the following commands on centos-8-local: (ALL) ALL

$ sudo -i

$ sudo which wireshark tcpdump nmap netcat ngrep dsniff wget curl whois bind-utils net-tools iproute iptables iptables-services iputils traceroute ethtool

/bin/wireshark /sbin/tcpdump /bin/nmap /bin/netcat /sbin/ngrep /sbin/dsniff /bin/wget /bin/curl /bin/whois which: no bind-utils in (/sbin:/bin:/usr/sbin:/usr/bin) which: no net-tools in (/sbin:/bin:/usr/sbin:/usr/bin) which: no iproute in (/sbin:/bin:/usr/sbin:/usr/bin) /sbin/iptables which: no iptables-services in (/sbin:/bin:/usr/sbin:/usr/bin) which: no iputils in (/sbin:/bin:/usr/sbin:/usr/bin) /bin/traceroute /sbin/ethtool

$ sudo whereis wireshark tcpdump nmap netcat ngrep dsniff wget curl whois bind-utils net-tools iproute iptables iptables-services iputils traceroute ethtool cat ngrep dsniff wget curl whois bind-utils net-tools iproute iptables iptables-services iputils traceroute ethtool sudo: /usr/bin/sudo /etc/sudo.conf /usr/libexec/sudo /usr/share/man/man8/sudo.8.gz which: /usr/bin/which /usr/share/man/man1/which.1.gz /usr/share/info/which.info.gz wireshark: /usr/bin/wireshark /usr/lib64/wireshark /usr/share/wireshark /usr/share/man/man1/wireshark.1.gz tcpdump: /usr/sbin/tcpdump /usr/share/man/man8/tcpdump.8.gz nmap: /usr/bin/nmap /usr/share/nmap /usr/share/man/man1/nmap.1.gz netcat: /usr/bin/netcat /usr/share/man/man1/netcat.1.gz ngrep: /usr/sbin/ngrep /usr/share/man/man8/ngrep.8.gz dsniff: /usr/sbin/dsniff /etc/dsniff /usr/share/man/man8/dsniff.8.gz wget: /usr/bin/wget /usr/share/man/man1/wget.1.gz /usr/share/info/wget.info.gz curl: /usr/bin/curl /usr/share/man/man1/curl.1.gz whois: /usr/bin/whois.md /usr/bin/whois /etc/whois.conf /usr/share/man/man1/whois.1.gz bind-utils: net-tools: iproute: iptables: /usr/sbin/iptables /usr/libexec/iptables /usr/share/man/man8/iptables.8.gz iptables-services: iputils: traceroute: /usr/bin/traceroute /usr/share/man/man8/traceroute.8.gz ethtool: /usr/sbin/ethtool /usr/share/man/man8/ethtool.8.gz