Proceedings of the 4th National Conference; INDIACom-2010 Computing For Nation Development, February 25 – 26, 2010 Bharati Vidyapeeth’s Institute of Computer Applications and Management, New Delhi

Secure And User Interactive Information Extraction in Linux Distributions

Sunit Jaiswal1, Anshul Agrawal2, Ravi Prabh3 and Rakesh Kumar4 1,2,3Final Year Department of Computer Science & Engineering 4Assistant Professor Department of Computer Science & Engineering, MMMEC, Gorakhpur-273010 Email: [email protected], [email protected], [email protected], [email protected]

ABSTRACT than 1000 lines of code and is made to be as friendly as Linux distributions have long been used as server operating possible to a user. systems, and have risen to prominence in that area. Netcraft [1] This paper is organized in the following sections: section 1 reported in October 2009 that seven of the ten most reliable gives a brief introduction to various commands that are used to internet hosting companies ran Linux distributions on their web manage a server, section 2 describes the tools and platform servers. Linux distributions are the cornerstone of the LAMP used to develop and test INTODUCE, section 3 explains the server-software combination (Linux, Apache, MySQL, working of INTODUCE, screenshots depicting the entire Perl/PHP/Python) which has achieved popularity among working, are included in section 4, performance evaluation is developers, and which is one of the more common platforms for done in section 5, then finally the conclusion, future scope and website hosting. references in section 6, 7 and 8 respectively. Linux distributions are also commonly used as operating systems for supercomputers as of June 2009, out of the top 500 2. COMMANDS THAT ARE USED TO MANAGE A systems, 443 (88.6%) run a Linux distribution. In the Linux SERVER[6] distributions there are several commands already available for useradd, usermod, groupadd, groupmod, chmod maintaining servers. We generally use commands like useradd, These commands will complement INTODUCE when it will be groupadd in Linux distributions for adding a user. These used on any Linux [3] distribution. commands can be used with options to include the information useradd is used to create a user account, groupadd is used to about the user. But the drawback is that if you are the network add a group to the user account, chmod is used to give administrator and you are maintaining the server, you are permissions to the account while usermod and groupmod are required to add the information personally. It becomes a used to modify the account of a user. tedious and time taking task for administrator because he/she has lot of other important tasks to perform. That is why we are 3. TOOLS AND PLATFORM introducing a new command INTODUCE to minimize the work We have used shell scripting for writing the code for load on administrator. INTODUCE. Bash is a free software UNIX shell written for the GNU Project [11]. Its name is an acronym which stands for KEYWORDS Bourne-again shell. The name is a put on the name of the BASH shell [3], POSIX [15], RedHat Enterprise Linux [16]. Bourne shell, an early and important Unix shell written by Stephen Bourne and distributed with Version 7 Unix circa 1. INTRODUCTION 1978, and the phrase "born again." Bash was created in 1987 by There should be facility to the administrator for maintaining the Brian Fox. Bash is the shell for the GNU user accounts and their access to the server [2] through some sort from the GNU Project. It can be run on most Unix-like of simple commands. So we are suggesting that if Linux operating systems. It is the default shell on most systems built distributions are used frequently for servers in organizations on top of the Linux kernel [3] as well as on Mac OS X [12]. It has then enterprise versions of Linux distributions like RedHat also been ported to using Subsystem for must include the command that facilitate the administrator with UNIX-based Applications (SUA) [13]. It has been ported to MS- the ability to extract user information in an automated manner. DOS by the DJGPP project [14]. The Bash command syntax is a We are providing a new command named as INTODUCE that superset of the Bourne shell command syntax. The vast fulfills our requirements of extracting user information so that majority of Bourne shell scripts can be executed by Bash the working load on administrator can be minimized without modification, with the exception of Bourne shell scripts significantly. This command will be used like other commands referencing a Bourne special variable or those using built-in already available in the Linux distributions. This command will Bourne commands. Bash command syntax includes ideas be implemented in such a way that it is easy to use for the user drawn from the Korn shell and the shell such as command and for the administrator as well. And as far as the security [4] is line editing, command history, the directory stack, the concerned it allows the user to be able to run the INTODUCE $RANDOM and $PPID variables, and POSIX[15] command command only after getting an authorization from administrator substitution syntax $(…). When used as an interactive through. Moreover, the code for INTODUCE contains more command shell and pressing the tab key, Bash automatically uses command line completion to match partly typed program Proceedings of the 4th National Conference; INDIACom-2010

names, filenames and variable names. Bash's syntax has many Name, surname, address, city, zip on separate line by “enter” extensions which the Bourne shell lacks. Bash can perform Now it also gives you to check of details by displaying integer calculations without spawning external processes, Message displayed: unlike the Bourne shell. Bash uses the ((…)) command and the You have entered the following details $[…] variable syntax for this purpose. Bash syntax simplifies Name: Sunit I/O redirection in ways that are not possible in the traditional Surname: Jaiswal Bourne shell. For example, Bash can redirect standard output Address: MMMEC (stdout) and standard error (stderr) at the same time using the City: Gorakhpur &> operator. This is simpler to type than the Bourne shell Zip: 273010 equivalent 'command > file 2>&1. We have tested our Are these are correct(y/n)? command on Linux distributions like RedHat Enterprise Linux Then press y/Y/yes/YES or n/N/no/NO to again fill another set version 4. Red Hat Enterprise Linux is a Linux distribution of details. produced by Red Hat and targeted toward the commercial It also gives you option to fill the another record by message market, including mainframes. Message displayed: Do you want to create another record(y/n)? 4. HOW IT WORKS? If we press y/Y/yes/YES then it again goes to fill the details When a user logs in at the shell and if command is made If we press n/N/no/NO then available to the user by the administrator then the working of Message displayed: Please enter to continue…. command will be as follows: Now if we press 2 then enter then it displays all the entries If we write only intoduce it gives us usage message to write the inserted in the file in fully formatted way which is looking correct syntax of the command just like all other available good and understandable. The details are sorted in the order of commands. Surname. Usage: intoduce filename It also displays the total no of entries there by Now if file does not exist Message displayed: Message displayed: “file” does not exist The no of contacts in the file “filename” is “Number” Create it (y/n) Press enter to continue……… If we press “y/Y/yes/YES” then it creates [5] Now if we press 3 and enter then it searches the particular If we press “n/N/no/NO” then it exits (goes to shell prompt) details by message If we press y/n and other characters then it gives message Message displayed: Message displayed: please answer y/n Please enter the string or character to search….. Create it (y/n) As we enter the string or character and press enter, all entries When we press “y/Y/yes/YES” it goes to contact database containing that string or character are displayed on the shell in Message displayed: the formatted way. “Contact database” Message displayed: press enter to continue…. Here are the choices Now if we press 4 and enter then it again goes for searching. 1. Insert record It goes for deleting by message 2. View record Message displayed: 3. Search record Do you really wish to delete (y/n)? 4. Delete record If we press y/Y/yes/YES then it is deleted from the file Enter your choice (or q/Q to quit) If we press n/N/no/NO then it displays message Now if we press q*/Q* then it again asks to confirm Message displayed: press enter to continue and goes to “contact it by message database” Message displayed: Now we can quit from here. Do you really wish to quit now(y/n)? If we press y/Y/yes/YES then it quits other wise 5. SCREENSHOTS DEPICTING THE WORKING OF Message displayed: INTODUCE Please answer yes or no … We have captured screenshots of step-by-step working of Do you really wish to quit now(y/n)? INTODUCE, which are included here to elaborate its working If we press n/N/no/NO then to the readers. It displays a message These screenshots serially depict all the steps written in the Message displayed: above mentioned working of INTODUCE. The command is Press enter to continue made available to the user by the administrator. A user is And as we press “enter” or any key it again goes to “contact logged in through TELNET [7] and can use it. database” Now if we press 1 and “enter” then it prompts you for The following details

Secure And User Interactive Information Extraction in Linux Distributions

Proceedings of the 4th National Conference; INDIACom-2010

Continued on Page No. 498

Secure And User Interactive Information Extraction in Linux Distributions

[12]. "The Open Brand - Register of Certified Products - Mac 6. PERFORMANCE OS X 10.5 on Intel-based Macintosh computers". To evaluate the credibility of INTODUCE, we have initially http://www.opengroup.org/openbrand/register/brand3555.h deployed it in our college server. The screenshots included in tm. Retrieved November 22 2009. this paper depict how INTODUCE worked when deployed in [13]. “SUA Community Tool Warehouse” college intranet [10] and the results were found satisfactory. http://www.suacommunity.com/tool_warehouse.htm [14]. “The DJGPP Project” 7. CONCLUSION http://www.delorie.com/djgpp/doc/eli-m17n99.html With this purview, we are introducing a new command named [15]. "POSIX". Standards IEEE. as INTODUCE written in BASH shell scripting language. http://standards.ieee.org/regauth/posix/. Initially we developed INTODUCE for our college server only [16]. Red Hat Enterprise Linux 5 Administration Unleashed. but the need, usage and its efficacy encouraged us to present it Indianapolis, Ind.: Sams. ISBN 978-0672328923. OCLC before you so that it could be made available to all the 137291425. organizations using Linux distributions.

8. FUTURE SCOPE Right now, INTODUCE provides fewer facilities but since it would be an open source, therefore, it can get enhanced according to the requirements of system administrator. Also we intend to work on this command to make it more and more secured and user friendly in upcoming days and to make INTODUCE work efficiently on other Linux distributions like Suse [9], Mandriva [8], etc.

9. REFERENCES [1]. “Most reliable web hosting company”, a survey by Netcraft, retrieved in October 2009. [2]. Frameworks for Component-Based Client/Server Computing SCOTT M. LEWANDOWSKI Department of Computer Science, Brown University, Providence, RI 02912-1910. [3]. Ramey, Chet (1994-08-01). "Bash - the GNU shell (Reflections and Lessons Learned)". Linux Journal, retrieved 2008-11-13. [4]. “Security Programming with OpenSSL” by Girish Venkatachalam. License: Linux Forums Article License. Posted: 28 March, 2007. [5]. “Demystifying Regular Expressions” by Matej Urbancic. License: Linux Forums Article License. Posted: 15 April, 2006. [6]. Slackware Linux Essentials: “Basic Network Commands”. [7]. RFC: 854. Network Working Group; J. Postel & J. Reynolds. “TELNET Protocol Specification”, retrieved May 1983. [8]. "Development - Mandriva Community Wiki". http://wiki.mandriva.com/en/Development. Retrieved 2008-03-01. [9]. "OpenSUSE 11.2 Released!”. http://news.opensuse.org/2009/11/12/opensuse-11-2- released/. Retrieved 2009-11-12. [10]. "Intranet: Table of Contents". http://www.bookrags.com/sciences/computerscience/intra net-csci-04.html. Retrieved 2009-04-03. [11]. The GNU Project (1997). "GNU 0.2". ftp://ftp..org/gnu/gnu-0.2/.