Page 1 of 2 12 LastLast
Results 1 to 10 of 15

Thread: Posting terminal output in the forum

  1. #1
    Join Date
    Mar 2011
    Location
    South Dakota
    Beans
    1,132
    Distro
    Ubuntu 13.10 Saucy Salamander

    Question Posting terminal output in the forum

    I've done some searching on googlubuntu for and answer to this but haven't found anything.

    As a Linux newbie I was wondering if there are certain types of output from the terminal I should beware of posting for everyone to see? Also are there any codes; that, if I were to be asked to run and report the output on, should raise a red flag?

    Thanks in advance.
    “ The best method for accelerating a computer is the one that boosts it by 9.8 m/s2. ”
    - Anonymous

  2. #2
    Join Date
    Jun 2008
    Location
    NJ
    Beans
    37
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: Posting terminal output in the forum

    As a general rule, don't run anything on your computer unless you have a pretty good idea of what is going to happen. This is especially true if running something as root. In that case, I would suggest you know EXACTLY what each part of the command does. I'm always careful running anything with * in it. Another thing to be especially careful with is something like dd.

    As for output, most stuff is actually ok. Obviously, don't go posting the contents of your /etc/shadow file or other blatantly personal pieces of data. Another thing to be careful of is some types of debugging information like coredumps, which can sometimes contain data you wouldn't want people knowing. The moral of the story here I guess would be to look at what you're giving to others, and think what someone could do with it if they were bent on attacking you/your computer.

    Hope that helped

  3. #3
    Join Date
    Mar 2011
    Location
    South Dakota
    Beans
    1,132
    Distro
    Ubuntu 13.10 Saucy Salamander

    Re: Posting terminal output in the forum

    Quote Originally Posted by dacoolio View Post
    As a general rule, don't run anything on your computer unless you have a pretty good idea of what is going to happen. This is especially true if running something as root. In that case, I would suggest you know EXACTLY what each part of the command does. I'm always careful running anything with * in it. Another thing to be especially careful with is something like dd.

    As for output, most stuff is actually ok. Obviously, don't go posting the contents of your /etc/shadow file or other blatantly personal pieces of data. Another thing to be careful of is some types of debugging information like coredumps, which can sometimes contain data you wouldn't want people knowing. The moral of the story here I guess would be to look at what you're giving to others, and think what someone could do with it if they were bent on attacking you/your computer.

    Hope that helped

    Yes. Thank you. I guess I'm a little worried about how much it is that I don't know. I've learned of a few resources for checking on codes I'm asked to run (like "man", "info" and "whatis"), and I happen to have just read about wildcards (ie: "*"); but I'm sure that isn't nearly enough.

    When asking for help on things here, it's often requested to run some command to gather information from the system and post back. I'm sure this is almost always innocent enough and is just in order to help; but, sometimes I wonder what things could be used to crack one's system.

    Then you throw in the whole concept of phishing. I'm sure there's someone out there in this world phishing terminal output posted on forums and putting the pieces together to try and hack stuff. Sometimes I even wonder if something as simple as my user name and computer name are a no no (ie: uname@computername $).

    Thanks
    -------------------------------------------------

    Edit: I guess what I'm saying is I'm not sure what people can do. I'm sure there are a lot of people who can do a heck of a lot with very little information. Especially if your (read as "my") computer is not set up very securely to begin with.
    Last edited by ClientAlive; April 24th, 2011 at 12:28 AM. Reason: Clarity
    “ The best method for accelerating a computer is the one that boosts it by 9.8 m/s2. ”
    - Anonymous

  4. #4
    Join Date
    Jun 2008
    Location
    NJ
    Beans
    37
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: Posting terminal output in the forum

    I know exactly what you mean ClientAlive,

    When I first started, I really gave no thought into just running whatever people told me. Looking back, I'm REALLY lucky nothing ever happened.

    A lot of information can be posted as long as it doesn't uniquely identify YOU. For example, it would be fine posting "hey everyone, Port 21 on my computer is wide open!", as long as no one was able to personally identify you. Now, if you posting this along with your IP address, this would make it so someone could use this information against you specifically, and had a vector in which to get to you.

    If you need to know more about what commands you're being asked to run, try the man pages. The first few lines of the man page should give you a good idea what the command does. Also, don't be afraid to ask what the given command does prior to running it.

  5. #5
    Join Date
    Mar 2011
    Location
    South Dakota
    Beans
    1,132
    Distro
    Ubuntu 13.10 Saucy Salamander

    Re: Posting terminal output in the forum

    Quote Originally Posted by dacoolio View Post
    As a general rule, don't run anything on your computer unless you have a pretty good idea of what is going to happen. This is especially true if running something as root. In that case, I would suggest you know EXACTLY what each part of the command does. I'm always careful running anything with * in it. Another thing to be especially careful with is something like dd.

    As for output, most stuff is actually ok. Obviously, don't go posting the contents of your /etc/shadow file or other blatantly personal pieces of data. Another thing to be careful of is some types of debugging information like coredumps, which can sometimes contain data you wouldn't want people knowing. The moral of the story here I guess would be to look at what you're giving to others, and think what someone could do with it if they were bent on attacking you/your computer.

    Hope that helped

    Yeah. Thanks. Guess I have a lot to learn then and It's important that I do (I do want to). I jsut ran a search on googlubuntu for my user name; and, in a flash, it brings up every post I've ever posted here (right up to the last post in this thread). Wow!

    Thanks for the advice. you really gave me a chuckle with your example by the way. Guess I better get back to studying then.
    Last edited by ClientAlive; April 24th, 2011 at 02:14 AM.
    “ The best method for accelerating a computer is the one that boosts it by 9.8 m/s2. ”
    - Anonymous

  6. #6
    Join Date
    Apr 2008
    Location
    Far, far away
    Beans
    2,148
    Distro
    Ubuntu 11.04 Natty Narwhal

    Re: Posting terminal output in the forum

    Be aware that here and any other forums that the admins can see your IP address. I'm not saying any admin here is or would be malicious - just that you should always assume your IP address is known.

    The most immediately obvious command to watch out for is "rm" especially with -rf and * included as combinations of that can instantly cause major grief. The most practical rule is to look thru the commands and understand them before running them. This is also good from a learning linux perspective too.

    Also, try to stick to using software from the repos - though this is not always practical it's always better to get programs from a good source rather than random secondary places. I tend to stay away from any of these file download sites that simply list free (and not free) software cluttered with ads. I just don't trust them.
    Last edited by BkkBonanza; April 24th, 2011 at 05:43 AM.

  7. #7
    Join Date
    Apr 2006
    Location
    Montana
    Beans
    Hidden!
    Distro
    Kubuntu Development Release

    Re: Posting terminal output in the forum

    Do not post personal or privileged information (user names / passwords).

    In terms of running posted code, most code is in general going to be "safe" as these are monitored forms and malignant code is uncommon here and reported fast.

    Still, best to understand the code before you run it.

    Learn to read the man pages or ask for clarification if you do not understand the code.

    This is a great place to start :

    http://linuxcommand.org/
    There are two mistakes one can make along the road to truth...not going all the way, and not starting.
    --Prince Gautama Siddharta

    #ubuntuforums web interface

  8. #8
    Join Date
    Mar 2011
    Location
    South Dakota
    Beans
    1,132
    Distro
    Ubuntu 13.10 Saucy Salamander

    Re: Posting terminal output in the forum

    Quote Originally Posted by bodhi.zazen View Post
    Do not post personal or privileged information (user names / passwords).

    In terms of running posted code, most code is in general going to be "safe" as these are monitored forms and malignant code is uncommon here and reported fast.

    Still, best to understand the code before you run it.

    Learn to read the man pages or ask for clarification if you do not understand the code.

    This is a great place to start :

    http://linuxcommand.org/

    Right on. I'm learning. I can navigate the file system pretty well and make files and directories, pipe stuff, sort of filter stuff, know about man, info and whatis. I'm working on beefing up my understanding of wildcards right now.

    Coincidentally, linuxcommand.org is one of my book marks.

    I guess what noids me out is the idea that there are people in the world with a heck of a lot greater knowledge than I (right now that doesn't take much). Some of them may be up to no good and I don't want to learn the hard way. Suppose it's better safe than sorry huh? Take the time to research something I'm asked even if it takes longer for me to reply?

    Thanks for the support and advice guys.

    Oh! I just thought of something! Well, it occurred to me that it might be good not to show the username and computer name in anything I post (ie: uname@computername $). Maybe a good way to do that is pipe the output into a file with less?

    What do you think? Is that pretty common practice around here?
    “ The best method for accelerating a computer is the one that boosts it by 9.8 m/s2. ”
    - Anonymous

  9. #9
    Join Date
    Sep 2010
    Beans
    898

    Re: Posting terminal output in the forum

    I normally strip off the uname@computername from output that I post, although that's probably overkill.

    I don't run commands that I don't understand. I'll find out what they do first, either by "man command", searching for documentation about it, or at least asking about it.

    It's not too hard to figure out which people are knowledgeable and reliable by reading their previous posts. But even if the person helping you has good intentions, there could be an honest mistake in his instructions.

  10. #10
    Join Date
    Jul 2007
    Location
    Magic City of the Plains
    Beans
    Hidden!
    Distro
    Xubuntu 17.10 Artful Aardvark

    Re: Posting terminal output in the forum

    If you're at all unsure about a command someone's asking you to run, ask. Someone's who's genuinely trying to help you out will not be offended by this.

Page 1 of 2 12 LastLast

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •