DOCSLIB.ORG

Intro to Linux (PDF)

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Intro to Linux TSYS School of Computer Science & Rothschild Leadership Academy 2017-2018 Acknowledgements Middle School Cybersecurity Curriculum is prepared by the TSYS School of Computer Science in collaboration with Rothschild Leadership Academy in Columbus, GA. This project is funded by a 2017 -2018 NSA MEPP Grant. Contributors: Dr. Yesem Kurt Peker, Assistant Professor of CS at Columbus State University Hillary Fleenor, Instructor and Outreach Coordinator at Columbus State University Ebone Cutts, Business Teacher at Rothschild Leadership Academy Loran Shaver, Senior Student at Columbus State University Maidel Fletes, Sophomore Student at Columbus State University, Noyce Intern What Is Linux? • Linux is an operating system: It is a collection of software that manages hardware resources and provides an environment where applications can run. • It allows applications to store information, send documents to printers, interact with users, etc. History of Linux • A Finnish student Linus Torvalds created Linux in 1991 at age 21, • Linux is an open source software. • Since the initial release of its source code in 1991, Linux has grown from a small number of C files under a license prohibiting commercial distribution with more than 16 million lines of source code under the GNU General Public License. Photo by Martin Streicher / CC BY-SA 3.0 Linux System Architecture Linux System Architecture consists of following layers: ● Hardware layer - Hardware consists of all peripheral devices (RAM/ HDD/ CPU etc). ● Kernel - Core component of Operating System, interacts directly with hardware, provides low level services to upper layer components. ● Shell - An interface to kernel, hiding complexity of kernel's functions from users. ● Utilities - Utility programs giving user most of the functionalities of an operating systems. Linux Directory Structure • The Filesystem Hierarchy Standard (FHS) defines the structure of file systems on Linux and other UNIX-like operating systems. Some Main Directories / (the root directory) Everything on your Linux system is located here /bin the place for most commonly used terminal commands, like ls, cd, rm, mount, etc. /etc contains system-global configuration files, which affect the system's behavior for all users. /home the place for users' home directories. /var/log stores log files for various system programs Two special directories included in every directory: ● Parent directory .. ● Current directory . Linux Core Commands Command Task pwd print working directory ls [location] List the files in the given location (in the working directory ls –l if location is missing) ls -a cd [location] Change to the directory given in location cd .. Go up one directory (to the parent directory) mkdir [name] Make (create) a directory with given name touch [filename] Create an empty file with given filename rm [filename] Removes the file rm –rf [directoryname] Removes the directory and all its content including subfolders Linux Core Commands - Continued Command Task cat [filename] View content of file with given filename cat >[filename] Create a new file called filename (replace if already exists) with content that will be typed until Ctrl+C is hit cat >>[filename] Add to the end of file filename (create one if it doesn’t exist) the content that will be typed until Ctrl+C is hit nano [filename] Create/modify a file using the nano editor id Display user information (user id and name, group id and name, id and name of supplementary groups, cp [filename] [filename or path] copy the file to the new filename or the location given by path mv [filename] [filename or path] move the file to the new filename or the location given by path Absolute Path • Absolute path is the shortest path to a file starting with the root directory. • Consider the directories given in the picture shown on the right. • The absolute path to file1 is: /home/seed/principles/test1/test3/file1 Relative Path • Relative path is the shortest path to a file starting with the current (working) directory. • Consider the directories given in the picture on previous slide and suppose the user is in test1 directory. Relative path to file1 from test1 is test3/file1 Relative path to file3 from test1 is ../test2/test4/file3 Example: Absolute vs Relative Path • Suppose I am logged in as the sysadmin and am in the test3 directory. • I’d like to cd into the test4 directory under test2. • I can use: A relative path: cd ../../test2/test4 OR The absolute path: cd /home/sysadmin/test2/test4 Passwords in Linux ● Passwords are NOT stored in plaintext. ● If they were, then if an attacker stole the password file, then he/she would have all the passwords. ● Instead the hashes of the passwords are stored. ● Even better, the passwords are “salted” before hashing and the salt value and the resulting hash value are stored. ● Password salts and hash values are stored in shadow file in Linux (/etc/shadow) Typical entry in shadow file A typical entry in the /etc/shadow file: yesem:$6$5H0QpwprRiJQR19Y$bXGOh7dIfOWpUb/Tuqr7yQVCqL3UkrJns9.7msfvMg4ZO/PsFC5Tbt 32PXAw9qRFEBs1254aLimFeNM8YsYOv.:16431:0:99999:7::: yesem username $6$ SHA512 (Secure Hash Algorithm with 512 bits) 5H0QpwprRiJQR19Y Salt value 16431 last password change in number of days since Jan 1 1970 0 minimum days between password changes 99999 Password validity (days) 7 Warning threshold Account inactive Time since account disabled Resources • https://www.digitalocean.com/community/tutorials/brief-history-of-linux • http://futurist.se/gldt/wp-content/uploads/11.04/gldt1104.png • https://www.howtogeek.com/117435/htg-explains-the-linux-directory-structure-explained/ • https://www-uxsup.csx.cam.ac.uk/pub/doc/suse/suse9.0/userguide-9.0/ch24s04.html • https://www.linux.com/blog/absolute-path-vs-relative-path-linuxunix.
Recommended publications
  • LS-09EN. OS Permissions. SUID/SGID/Sticky. Extended Attributes

    LS-09EN. OS Permissions. SUID/SGID/Sticky. Extended Attributes

    Operating Systems LS-09. OS Permissions. SUID/SGID/Sticky. Extended Attributes. Operating System Concepts 1.1 ys©2019 Linux/UNIX Security Basics Agenda ! UID ! GID ! Superuser ! File Permissions ! Umask ! RUID/EUID, RGID/EGID ! SUID, SGID, Sticky bits ! File Extended Attributes ! Mount/umount ! Windows Permissions ! File Systems Restriction Operating System Concepts 1.2 ys©2019 Domain Implementation in Linux/UNIX ! Two types domain (subjects) groups ! User Domains = User ID (UID>0) or User Group ID (GID>0) ! Superuser Domains = Root ID (UID=0) or Root Group ID (root can do everything, GID=0) ! Domain switch accomplished via file system. ! Each file has associated with it a domain bit (SetUID bit = SUID bit). ! When file is executed and SUID=on, then Effective UID is set to Owner of the file being executed. When execution completes Efective UID is reset to Real UID. ! Each subject (process) and object (file, socket,etc) has a 16-bit UID. ! Each object also has a 16-bit GID and each subject has one or more GIDs. ! Objects have access control lists that specify read, write, and execute permissions for user, group, and world. Operating System Concepts 1.3 ys©2019 Subjects and Objects Subjects = processes Objects = files (regular, directory, (Effective UID, EGID) devices /dev, ram /proc) RUID (EUID) Owner permissions (UID) RGID-main (EGID) Group Owner permissions (GID) +RGID-list Others RUID, RGID Others ID permissions Operating System Concepts 1.4 ys©2019 The Superuser (root) • Almost every Unix system comes with a special user in the /etc/passwd file with a UID=0. This user is known as the superuser and is normally given the username root.
  • Linux Filesystem Hierarchy Chapter 1

    Linux Filesystem Hierarchy Chapter 1

    Linux Filesystem Hierarchy Chapter 1. Linux Filesystem Hierarchy 1.1. Foreward When migrating from another operating system such as Microsoft Windows to another; one thing that will profoundly affect the end user greatly will be the differences between the filesystems. What are filesystems? A filesystem is the methods and data structures that an operating system uses to keep track of files on a disk or partition; that is, the way the files are organized on the disk. The word is also used to refer to a partition or disk that is used to store the files or the type of the filesystem. Thus, one might say I have two filesystems meaning one has two partitions on which one stores files, or that one is using the extended filesystem, meaning the type of the filesystem. The difference between a disk or partition and the filesystem it contains is important. A few programs (including, reasonably enough, programs that create filesystems) operate directly on the raw sectors of a disk or partition; if there is an existing file system there it will be destroyed or seriously corrupted. Most programs operate on a filesystem, and therefore won't work on a partition that doesn't contain one (or that contains one of the wrong type). Before a partition or disk can be used as a filesystem, it needs to be initialized, and the bookkeeping data structures need to be written to the disk. This process is called making a filesystem. Most UNIX filesystem types have a similar general structure, although the exact details vary quite a bit.
  • Command Line Interface Specification Windows

    Command Line Interface Specification Windows

    Command Line Interface Specification Windows Online Backup Client version 4.3.x 1. Introduction The CloudBackup Command Line Interface (CLI for short) makes it possible to access the CloudBackup Client software from the command line. The following actions are implemented: backup, delete, dir en restore. These actions are described in more detail in the following paragraphs. For all actions applies that a successful action is indicated by means of exit code 0. In all other cases a status code of 1 will be used. 2. Configuration The command line client needs a configuration file. This configuration file may have the same layout as the configuration file for the full CloudBackup client. This configuration file is expected to reside in one of the following folders: CLI installation location or the settings folder in the CLI installation location. The name of the configuration file must be: Settings.xml. Example: if the CLI is installed in C:\Windows\MyBackup\, the configuration file may be in one of the two following locations: C:\Windows\MyBackup\Settings.xml C:\Windows\MyBackup\Settings\Settings.xml If both are present, the first form has precedence. Also the customer needs to edit the CloudBackup.Console.exe.config file which is located in the program file directory and edit the following line: 1 <add key="SettingsFolder" value="%settingsfilelocation%" /> After making these changes the customer can use the CLI instruction to make backups and restore data. 2.1 Configuration Error Handling If an error is found in the configuration file, the command line client will issue an error message describing which value or setting or option is causing the error and terminate with an exit value of 1.
  • Attacker Antics Illustrations of Ingenuity

    Attacker Antics Illustrations of Ingenuity

    ATTACKER ANTICS ILLUSTRATIONS OF INGENUITY Bart Inglot and Vincent Wong FIRST CONFERENCE 2018 2 Bart Inglot ◆ Principal Consultant at Mandiant ◆ Incident Responder ◆ Rock Climber ◆ Globetrotter ▶ From Poland but live in Singapore ▶ Spent 1 year in Brazil and 8 years in the UK ▶ Learning French… poor effort! ◆ Twitter: @bartinglot ©2018 FireEye | Private & Confidential 3 Vincent Wong ◆ Principal Consultant at Mandiant ◆ Incident Responder ◆ Baby Sitter ◆ 3 years in Singapore ◆ Grew up in Australia ©2018 FireEye | Private & Confidential 4 Disclosure Statement “ Case studies and examples are drawn from our experiences and activities working for a variety of customers, and do not represent our work for any one customer or set of customers. In many cases, facts have been changed to obscure the identity of our customers and individuals associated with our customers. ” ©2018 FireEye | Private & Confidential 5 Today’s Tales 1. AV Server Gone Bad 2. Stealing Secrets From An Air-Gapped Network 3. A Backdoor That Uses DNS for C2 4. Hidden Comment That Can Haunt You 5. A Little Known Persistence Technique 6. Securing Corporate Email is Tricky 7. Hiding in Plain Sight 8. Rewriting Import Table 9. Dastardly Diabolical Evil (aka DDE) ©2018 FireEye | Private & Confidential 6 AV SERVER GONE BAD Cobalt Strike, PowerShell & McAfee ePO (1/9) 7 AV Server Gone Bad – Background ◆ Attackers used Cobalt Strike (along with other malware) ◆ Easily recognisable IOCs when recorded by Windows Event Logs ▶ Random service name – also seen with Metasploit ▶ Base64-encoded script, “%COMSPEC%” and “powershell.exe” ▶ Decoding the script yields additional PowerShell script with a base64-encoded GZIP stream that in turn contained a base64-encoded Cobalt Strike “Beacon” payload.
  • Powershell Integration with Vmware View 5.0

    Powershell Integration with Vmware View 5.0

    PowerShell Integration with VMware® View™ 5.0 TECHNICAL WHITE PAPER PowerShell Integration with VMware View 5.0 Table of Contents Introduction . 3 VMware View. 3 Windows PowerShell . 3 Architecture . 4 Cmdlet dll. 4 Communication with Broker . 4 VMware View PowerCLI Integration . 5 VMware View PowerCLI Prerequisites . 5 Using VMware View PowerCLI . 5 VMware View PowerCLI cmdlets . 6 vSphere PowerCLI Integration . 7 Examples of VMware View PowerCLI and VMware vSphere PowerCLI Integration . 7 Passing VMs from Get-VM to VMware View PowerCLI cmdlets . 7 Registering a vCenter Server . .. 7 Using Other VMware vSphere Objects . 7 Advanced Usage . 7 Integrating VMware View PowerCLI into Your Own Scripts . 8 Scheduling PowerShell Scripts . 8 Workflow with VMware View PowerCLI and VMware vSphere PowerCLI . 9 Sample Scripts . 10 Add or Remove Datastores in Automatic Pools . 10 Add or Remove Virtual Machines . 11 Inventory Path Manipulation . 15 Poll Pool Usage . 16 Basic Troubleshooting . 18 About the Authors . 18 TECHNICAL WHITE PAPER / 2 PowerShell Integration with VMware View 5.0 Introduction VMware View VMware® View™ is a best-in-class enterprise desktop virtualization platform. VMware View separates the personal desktop environment from the physical system by moving desktops to a datacenter, where users can access them using a client-server computing model. VMware View delivers a rich set of features required for any enterprise deployment by providing a robust platform for hosting virtual desktops from VMware vSphere™. Windows PowerShell Windows PowerShell is Microsoft’s command line shell and scripting language. PowerShell is built on the Microsoft .NET Framework and helps in system administration. By providing full access to COM (Component Object Model) and WMI (Windows Management Instrumentation), PowerShell enables administrators to perform administrative tasks on both local and remote Windows systems.
  • Linux-PATH.Pdf

    Linux-PATH.Pdf

    http://www.linfo.org/path_env_var.html PATH Definition PATH is an environmental variable in Linux and other Unix-like operating systems that tells the shell which directories to search for executable files (i.e., ready-to-run programs ) in response to commands issued by a user. It increases both the convenience and the safety of such operating systems and is widely considered to be the single most important environmental variable. Environmental variables are a class of variables (i.e., items whose values can be changed) that tell the shell how to behave as the user works at the command line (i.e., in a text-only mode) or with shell scripts (i.e., short programs written in a shell programming language). A shell is a program that provides the traditional, text-only user interface for Unix-like operating systems; its primary function is to read commands that are typed in at the command line and then execute (i.e., run) them. PATH (which is written with all upper case letters) should not be confused with the term path (lower case letters). The latter is a file's or directory's address on a filesystem (i.e., the hierarchy of directories and files that is used to organize information stored on a computer ). A relative path is an address relative to the current directory (i.e., the directory in which a user is currently working). An absolute path (also called a full path ) is an address relative to the root directory (i.e., the directory at the very top of the filesystem and which contains all other directories and files).
  • Filesystem Hierarchy Standard

    Filesystem Hierarchy Standard

    Filesystem Hierarchy Standard LSB Workgroup, The Linux Foundation Filesystem Hierarchy Standard LSB Workgroup, The Linux Foundation Version 3.0 Publication date March 19, 2015 Copyright © 2015 The Linux Foundation Copyright © 1994-2004 Daniel Quinlan Copyright © 2001-2004 Paul 'Rusty' Russell Copyright © 2003-2004 Christopher Yeoh Abstract This standard consists of a set of requirements and guidelines for file and directory placement under UNIX-like operating systems. The guidelines are intended to support interoperability of applications, system administration tools, development tools, and scripts as well as greater uniformity of documentation for these systems. All trademarks and copyrights are owned by their owners, unless specifically noted otherwise. Use of a term in this document should not be regarded as affecting the validity of any trademark or service mark. Permission is granted to make and distribute verbatim copies of this standard provided the copyright and this permission notice are preserved on all copies. Permission is granted to copy and distribute modified versions of this standard under the conditions for verbatim copying, provided also that the title page is labeled as modified including a reference to the original standard, provided that information on retrieving the original standard is included, and provided that the entire resulting derived work is distributed under the terms of a permission notice identical to this one. Permission is granted to copy and distribute translations of this standard into another language, under the above conditions for modified versions, except that this permission notice may be stated in a translation approved by the copyright holder. Dedication This release is dedicated to the memory of Christopher Yeoh, a long-time friend and colleague, and one of the original editors of the FHS.
  • Autodesk Alias 2016 Hardware Qualification

    Autodesk Alias 2016 Hardware Qualification

    Autodesk Alias 2016 Hardware Qualification Updated June 1, 2015 Windows Mac OSX Build Information Products Platform Version Software Date Build Number • Autodesk AutoStudio • Autodesk Alias Surface 64-bit 2016 March 6, 2015 201503061129-441529 • Autodesk Alias Design Supported Operating Systems and CPU Platforms Operating System CPU Platform Windows 7 SP1 Intel Xeon (Enterprise, Ultimate or Professional) 64-bit Intel Core AMD Opteron Windows 8.0 or 8.1 Intel Xeon (Enterprise or Professional) 64-bit Intel Core AMD Opteron Important Notes • Alias AutoStudio, Automotive, Surface and Design fully support 64-bit environments. Running the 64-bit native version requires Windows 8 or 8.1 64-bit or Windows 7 64-bit operating system. • Certain 3rd party software may alter the processor affinity settings, affecting multi-cpu systems running Alias.exe and its spawned processes. To check the affinity setting, right-click on the Alias.exe process inside the Windows Task Manager and select Set Affinity... ensure that all available CPUs are enabled. • Alias or its component programs may not launch successfully depending on your Windows security settings. If this occurs, you may either unblock the program via the Windows Firewall Security Alert dialog, or add it as an Exception in the Exceptions Tab in the Windows Firewall dialog box. For more information, please see the Microsoft Update. Similar configurations are necessary for any third party firewall software, Please Read • It may be possible to successfully use Alias for Windows with a non-qualified configuration, however, Support and Maintenance programs will be subject to the Autodesk Support services guidelines. • The configurations shown are subject to change, and additional qualified configurations may be added after qualification testing has been carried out.
  • Filesystem Hierarchy Standard

    Filesystem Hierarchy Standard

    Filesystem Hierarchy Standard Filesystem Hierarchy Standard Group Edited by Rusty Russell Daniel Quinlan Filesystem Hierarchy Standard by Filesystem Hierarchy Standard Group Edited by Rusty Russell and Daniel Quinlan Published November 4 2003 Copyright © 1994-2003 Daniel Quinlan Copyright © 2001-2003 Paul ’Rusty’ Russell Copyright © 2003 Christopher Yeoh This standard consists of a set of requirements and guidelines for file and directory placement under UNIX-like operating systems. The guidelines are intended to support interoperability of applications, system administration tools, development tools, and scripts as well as greater uniformity of documentation for these systems. All trademarks and copyrights are owned by their owners, unless specifically noted otherwise. Use of a term in this document should not be regarded as affecting the validity of any trademark or service mark. Permission is granted to make and distribute verbatim copies of this standard provided the copyright and this permission notice are preserved on all copies. Permission is granted to copy and distribute modified versions of this standard under the conditions for verbatim copying, provided also that the title page is labeled as modified including a reference to the original standard, provided that information on retrieving the original standard is included, and provided that the entire resulting derived work is distributed under the terms of a permission notice identical to this one. Permission is granted to copy and distribute translations of this standard into another language, under the above conditions for modified versions, except that this permission notice may be stated in a translation approved by the copyright holder. Table of Contents 1. Introduction........................................................................................................................................................1 1.1.
  • Open Directory Administration for Version 10.5 Leopard Second Edition

    Open Directory Administration for Version 10.5 Leopard Second Edition

    Mac OS X Server Open Directory Administration For Version 10.5 Leopard Second Edition Apple Inc. © 2008 Apple Inc. All rights reserved. The owner or authorized user of a valid copy of Mac OS X Server software may reproduce this publication for the purpose of learning to use such software. No part of this publication may be reproduced or transmitted for commercial purposes, such as selling copies of this publication or for providing paid-for support services. Every effort has been made to make sure that the information in this manual is correct. Apple Inc., is not responsible for printing or clerical errors. Apple 1 Infinite Loop Cupertino CA 95014-2084 www.apple.com The Apple logo is a trademark of Apple Inc., registered in the U.S. and other countries. Use of the “keyboard” Apple logo (Option-Shift-K) for commercial purposes without the prior written consent of Apple may constitute trademark infringement and unfair competition in violation of federal and state laws. Apple, the Apple logo, iCal, iChat, Leopard, Mac, Macintosh, QuickTime, Xgrid, and Xserve are trademarks of Apple Inc., registered in the U.S. and other countries. Finder is a trademark of Apple Inc. Adobe and PostScript are trademarks of Adobe Systems Incorporated. UNIX is a registered trademark of The Open Group. Other company and product names mentioned herein are trademarks of their respective companies. Mention of third-party products is for informational purposes only and constitutes neither an endorsement nor a recommendation. Apple assumes no responsibility with regard to the performance or use of these products.
  • Path Howto Path Howto

    Path Howto Path Howto

    PATH HOWTO PATH HOWTO Table of Contents PATH HOWTO..................................................................................................................................................1 Esa Turtiainen etu@dna.fi.......................................................................................................................1 1. Introduction..........................................................................................................................................1 2. Copyright.............................................................................................................................................1 3. General.................................................................................................................................................1 4. Init........................................................................................................................................................1 5. Login....................................................................................................................................................1 6. Shells....................................................................................................................................................1 7. Changing user ID.................................................................................................................................1 8. Network servers...................................................................................................................................1
  • TOCTTOU Attacks

    TOCTTOU Attacks

    CS 380S TOCTTOU Attacks Don Porter Some slides courtesy Vitaly Shmatikov and Emmett Witchel slide 1 Definitions TOCTTOU – Time of Check To Time of Use Check – Establish some precondition (invariant), e.g., access permission Use – Operate on the object assuming that the invariant is still valid Essentially a race condition Most famously in the file system, but can occur in any concurrent system 2 UNIX File System Security Access control: user should only be able to access a file if he has the permission to do so But what if user is running as setuid-root? • E.g., a printing program is usually setuid-root in order to access the printer device – Runs “as if” the user had root privileges • But a root user can access any file! • How does the printing program know that the user has the right to read (and print) any given file? UNIX has a special access() system call slide 3 TOCTTOU Example – setuid Victim checks file, if its good, opens it Attacker changes interpretation of file name Victim reads secret file Victim Attacker if(access(“foo”)) { symlink(“secret”, “foo”); fd = open(“foo”); read(fd,…); … time } 4 access()/open() Exploit Goal: trick setuid-root program into opening a normally inaccessible file Create a symbolic link to a harmless user file • access() will say that file is Ok to read After access(), but before open() switch symbolic link to point to /etc/shadow • /etc/shadow is a root-readable password file Attack program must run concurrently with the victim and switch the link at exactly the right time • Interrupt victim between access() and open() • How easy is this in practice? slide 5 Broken passwd [Bishop] Password update program on HP/UX and SunOS (circa 1996) When invoked with password file as argument… 1.