Keeping your command lines on Linux

This post is just a handy proposal when doing pen-testing from a Linux box. Keep all the commands you launched from your command line. By default, normally the first 500 ones are saved in the history file of your user profile, in a file named .bash_history.

It is a good idea to increase the number of commands that will be saved in that file between sessions and per session. How to do it?

First, check your current values

youruser@yourmachine:~$ echo $HISTFILESIZE
500
youruser@yourmachine:~$ echo $HISTSIZE
500

Second, modify them so that you can keep a reasonably high amount of command lines in the .bash_history file between sessions (HISTFILESIZE) and during sessions (HISTFILESIZE):

youruser@yourmachine:~$ vim .profile

...add these lines in the .profile file

# extended number of command lines per session
export HISTSIZE=50000
# extended number of command lines in the history file
export HISTFILESIZE=250000

Third, re-load your profile
youruser@yourmachine:~$ source ./.profile

Fourth, check new values

youruser@yourmachine:~$ echo $HISTFILESIZE
250000
youruser@yourmachine:~$ echo $HISTSIZE
50000

Fifth, do the same steps with the root user (if you use it for pen-testing)

And finally, copy the history file regularly so that your commands are stored in two different locations:

youruser@yourmachine:~$ cp ./.bash_history commandhistory032009.txt

0 comments: