Can sharing the output of these bash commands put you into a risk of being compromised?

command-line ssh security networking

Introduction

Hello i have had some issues on my ubuntu and during making a research and topic about how to get it fixed i was prompted to post an output of few bash commands and later on i wasnot sure if that was a good idea since i dont understand the entire content of that output , im running ubuntu destkop , ssh disabled.

Commands

  • ifconfig
  • who
  • w
  • sudo netstat -tulpan

Question

The question is: does these commands reveal something that might be used in order to get into my computer system or interact with my computer or get the content of my harddisks?

Optional question (too broad)

is there any command that might harm you if you output the content of it ? without having anything enabled or installed ? imagine you just installed the ubuntu you havenot turned on anything like SSH or so , and then just your bad mate will tell you give me this commands output and here we go...


Yes.

How?

  • ifconfig shows the configured IP address(es) of your computer. An attacker can use this info (your global IP, local IP is sufficient for an attacker in the local network) to pinpoint you on the internet

  • w and who show the currently logged in user(s), this info makes sure that certain user(s) is present on the system i.e. the username is valid on the given system. Now knowing the username, the attacker can then start e.g. a brute-force or dictionary attack for your password only. If the username is not known, the attacker would have do the same for both username and password

  • sudo netstat -tulpan shows the service name and port they are listening on. Knowing that a certain port is open, an attacker can try to leverage that open port by accessing it or can try to exploit the service if its buggy. If the attacker is not aware of this, they would have to run a port scan and/or other tests beforehand.

Note that, this is a general depiction of how these information can be exploited against you, there are so many ways an attacker can leverage these information now-a-days. So as a must, you must follow the right procedures of hardening your system on the Internet irrespective of the possibility of being attacked by someone.


none of those is likely to put you a significantly greater risk of compromise if the computer they are applied to is behind a firewall, if its a publicly accessible computer then don't share those details.

That said the netstat command output could allow a very clever attacker to try to bust through your firewalls NAT table by showing it which hosts will accept packets from to pass through. They would still need to find exploitable services in a very short amount time before the ports are closed (seconds usually) which is far far harder.

If you aren't operating a server for the clintons , a us voting system , sony pictures internal servers or an equation group attack server i wouldn't worry about it.


Short answer for the overwhelming majority of situations, e.g. your run-of-the-mill home desktop connected to the internet with a dsl router, is it is safe to share the ouput of these.

In any case, it is a good idea to question what a command does, instead of blindly executing what people on the internet tell you to.

Related

How to replace text between two patterns on different lines?
Temporarily switch to a full-screen, hairline cursor
Cutting numbers into a specific decimals
Cloning Textmate's functionality with Vim
How can I download Youtube videos? [closed]
Is there any Window Manager like the Windows 7's for Ubuntu?
How to make folders like "System Volume Information" or "RECYCLER" hidden, just like it is on windows?
for loop syntax in shell script [duplicate]
How do I remove lines of a file which contain a specific string?
How to give permissions to www-data to log in with ssh? [duplicate]
Cannot delete .crdownload files
Echoing a number?