Linux

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Permissions: Numerical Values

4 - Read only 2 - Write only 1 - Execute only For numbers higher than three, you add the permissions together to get the final permission.

SCP Flags: -I

Bandwidth limitation

Sort

Executed on letters, the results will be sorted in alphabetical order in which uppercase letters precede lowercase.

-f flag

Forced deletion

Operators: >

Greater than

Operators: ge

Greater than or equal to

dhclient

IP addresses can be changed, released, renewed, or removed from the server side and can be configured on a client station.

Linux History

Is a family of operating systems (OS) intended to provide a UNIX-like experience. Uses the GNU General Public License Version 2 (GPLv2), in contrast to UNIX, which has a proprietary license. Created early 1990s. Uses a terminal (CLI), and most Linux distributions have a graphical user interface (GUI) as well, which makes the environment more user friendly. Linux itself is only the kernel, which manages communication between applications and hardware.

iptables

Is a generic, highly versatile, firewall utility that is pre-installed on most Linux distributions. It is CLI-based, with no graphical interface, and looks for rules in its table that match packets, and either allows them, or blocks them.

Network File System (NFS)

Is a protocol used to access files from a remote network

Operators: <

Less than

Md5sum

Md5sum uses an MD5 message digest. It generates an MD5 hash for almost any type of object, and is pre-installed in most Linux distributions.

Relative Path

Navigation to directories without specifying the root. This path command should be used when the destination is close to the current location.

Open-Source Philosophy

Open-source refers to source code published by developers and organizations so that anyone can see how the program is written, and modify and enhance the code. Modified GUI-licensed code can be used privately or released to the public for the benefit of the community. Open-source code has a great advantage over closed-sourced applications, because people can work together to improve the code and fix security vulnerabilities. As an open-source software, Linux is free and can be downloaded from the internet or redistribution under GNU licenses. RedHat and Novell provide additional Linux support, consultancy, bug fixing, and training for an additional fee.

rm -rf*

Recursively delete all files in the current directory, including directories within that directory

SCP Flags: -p

Sends original modification details such as data created, access times, etc.

Important Directories: /etc

Stores configuration files, such as the host file, kernel configuration, and system services. Some configurations have folders within the /etc directory

Important Directories: /usr

Stores user binaries and read-only data

Expr

The expr command evaluates a given sequence

Command Breakdown: root@debian:/etc# Command [option] [argument]

The first section represents data regarding the user and the system. root@debian:/etc# represents the logged user, the machine's name, the current directory, and a sign representing the user. The second section if the command itself with an option part for flags, and arguments passed to the command.

SUID

The flag s provides other users with the ability to execute the file as its owner.

Route: Gateway

The gateway address that points to the network

Route: Iface

The interface used for the route

Linux Kernel: Memory Management

The kernel is responsible for OS memory management. It keeps track of memory usage for the purpose of enhancing performance, and uses virtual memory addresses to ensure that one purpose does not manipulate the data of another process.

'Let' Command

The let command is used to calculate arithmetic expressions. It converts a variable to an arithmetic expression. The command does not require spaces, but if one is needed in the expression, it must appear in quotation marks.

sed

The sed command is typically used for word replacement. It runs a search on the specified item, deletes the desired word, and replaces it with another specified word. After its execution, it displays and output of the result. The command includes flags that can be used to enhance the search and replace operation. Example: sed 's/words/replaces/' filename

CLI

The terminal allows users to run commands on the system. Accepts text commands. Some operate without a GUI when the computer is booted, while others, such as Gnome, work with an emulated GUI. CLI terminals can run remotely via processes such as SSH and Telnet, and are known as a Remote Terminal.

/etc/skel

This is a directory that is used as a template for a new user's home directory. Every file or directory created within it, will appear in the new user's home directory

Advanced Grep & AWK

Tools used to find words, characters, lines, and text patterns in files. Primary use it for quickly finding specific words and patterns that match the search in all specified files and folders.

apt upgrade

Updates existing packages to the newest available version.

SCP Flags: -S (program)

Use a third-party program for the connection

cut -d

Used as a delimiter

Command Separators

Variable=$ (command) runs the command in the parentheses and saves the output in the variable (like the back tick sign mentioned earlier). A good test would be to assign the command date to a variable and run it a few times in succession. You will get the same result even when time has passed.

Static IP Address: First Method

ifconfig <interface> <ip_address> netmask <mask> up

System Awareness: whoami

outputs the user currently logged in to the CLI

System Awareness: pwd

(Present/Print Working Directory) indicates the current location.

System Libraries: OS Root Directories; Additional Directories

/etc - System config files /tmp - Temporary files /boot - Kernel and bootloader /var and /srv - Server data /proc and /sys - System information /lib - Library directories

System Libraries: OS Root Directories Syntax

/root - super user home directory /boot - kernel image /etc - system configuration files /home - user directories /mnt - mount points /sbin - executables /dev - device files /bin - executables /lib - libraries

System Libraries: OS Root Directories; Important Directories

/root, /home/<username> - The home folders /bin, /usr/bin, /usr/local/bin/sbin, /usr/sbin, /usr/local/sbin - Binary program files /media and /mnt - External file system and mount points

Samba Process Steps

1. The first configuration option in the file specifies the service's work environment, meaning whether or not it is a workgroup of a domain. 2. To share a folder, its name and path must be specified. 3. The folder's read and access permissions must be set. 4. Any change in the configuration file requires a system restart

Permissions: Format

1. The first three characters are the file permissions that apply to the creator (owner) of the file. 2. The next three characters determine the group permissions. 3. The last three characters represent 'other' or 'public'

SSH Hardening: Configure Fail2Ban

A brute-force prevention solution

Apache

A common server program in Linux that provides web hosting services. Run as a service itself, called apache2. The service operates by default on port 80 for HTTP and needs to be configured to use port 443 for HTTPS. Is not a physical server. It operates via software that can be installed on a machine and used as a server. It creates connection between the server and web browsers. Is cross-platform and works on UNIX-based and Windows OS systems.

Absolute Path

A complete path that always starts from the root directory (/) which is at the top of the file system hierarchy. The path should be used when the destination is not located close to the current location.

wc

A file's word count, number of letters, bytes, and more.

--help

A flag that can be used together with the name of almost any other Linux command to display helpful information on how to use the binary

Open-Source Philosophy: Apache

A free open-source software. It can interface with third-party applications, and can be edited, sold, and distributed as a customized package based on the Apache software. It cannot, however, be redistributed without proper attribution. Apache is commonly used with the GPL license (version 3), which allows developers to mix codes.

Terminal Emulator: Example

A network administrator who wants to connect from a Microsoft Windows OS can run a simple command in Windows or Linux to create a connection based in the terminal emulator.

nslookup

A package called dnsutils contains the nslookup tool that resolves IP addresses. Each domain has information about the owner, main servers, and fully qualified domain name (FQDN). Dnsutils allows you to run the DNS check from the CLI, although it can also be found online. Flags can be added to the command to abtain more accurate results, such as NS records that point the management sources like msft, Cloudflare, and Google.

Cups Print Server

A print server that runs in the background and transfers print requests.

Squid Cache Proxy

A proxy server, mainly used to resolve slow network connectivity.

Users: Regular Users

A regular user is added by the root user and has low-level permissions. This user cannot perform high-level actions in the system. Also known as super-do, a sudo is a normal user added to sudo groups by the root user. This user may be assigned permissions to access and execute some root commands.

Users: Root Users

A root user, or superuser, is the highest-level user in the system. Each system has its own root admin user. Root users can access all files in the system and execute all commands. A root user can override any file ownership, permissions, or restrictions. In addition, their ability to perform system-wide changes means their accounts must be kept secure. An unsecure superuser account means a hacker can assume superuser privileges and make changes to other user accounts in the system.

Shebang

A script is indicated by the shebang at the start of the document. In a UNIX-like operating system, a shebang is interpreted as an executable file. It consists of a hashtag (#) and an exclamation mark (!) followed by a path for the interpreter, and no spaces. Page 98 To execute a script file, simply run ./ and the name of the script with no spaces, or bash <scrip path and name>

Shell Types

A shell is an application that executes commands in text form within an operating system. Application commands run from shells are checked against the $PATH variable. Some commands execute binary files often located in the /bin or /sbin directories. Each shell has its own slightly different built-in commands (such as cd) that can be run regardless of the $PATH variable.

Shell Script

A shell script is a complete language, with variables, functions, and conditional executions. when you execute a script, a terminal window opens to run the commands. Since commands are in plain text, typically logged and can be viewed using "history". Scripts can run and perform tasks in the background.

Package

A type of archive that contains all files required for a binary to be installed and operate properly. A package may also list other packages required for the specific binary. Typically installed by software called "Package Manager", which is a simple and highly efficient utility for installing, updating, and removing binaries. The Manager is operated via commands and does not require the use of browsers and download websites.

MongoDB

A type of server database that is document-oriented and unstructured (NoSQL)

usermod

Adds existing user to existing group. Two common flags; -a: for append, -G: for groups

Debian Package (Dpkg) Files (.deb)

Allow for easy installation and removal of applications, and provide information about the package.

Static IP Address

Can be configured through server configuration or from the client. Setting a fixed IP address via the client configuration file can cause a collision between IP addresses on the same network if the DHCP server distributes the address when the host is down and the address is available for use. In most cases, the address is reserved on the server.

Locate

Can find files in the Linux system, but relies on a database that must be updated to provide more accurate results. Has an advantage over find in its speed

Plex Media Server

Can store entertainment services (similar to Netflix) for movies, program series, music, and more.

cat <file name> | grep <word>

Cat command to display a file's contents and search for specific words or sentences within the contents.

SSH Hardening: Change Default Ports

Changing the port assists in reducing the attack surface, and can mitigate potential attacks performed by inexperienced attackers.

Special Files: (c)

Character device file

Cksum

Checksum is a well-known tool that uses the cksum command to count bytes in a file. This allows you to compare two files, one that you created and the source file, to ensure that data was not compromised.

ls

Command used to list the contents of a directory

Grep

Command. Used to filter text for a more specific search. It can be combined with other functions and commands to improve the search. Outputs the results. Shows the entire line in the results

System Awareness

Commands like whoami, pwd, and uname -r can indicate details about the user, directory position, and operating system.

Variables and Arguments: $!

Completes the last command

Linux Kernel: Layers Overview

Composed of layers, which provide crucial separation for stable functionality and data security. The kernel is an abstraction layer that serves as a buffer between users/apps and hardware. Separating those elements prevents an application or user from obtaining access to the hardware, and damaging the system.

Tar Archive -zcvf: z

Compress using Gzip

Static IP Address: Second Method

Configure the interface configuration file with the address, netmask, and gateway in the /etc/network/interfaces file directory

Regular Files (-)

Contain programs, executables, and text files

Directory Files (d)

Contains lists of files

SCP Flags: -r

Copies the entire directory (recursive)

cp <filename><destination>

Copy a file from one location to another, whereby the filename and destination can be absolute or relative paths. The destination parameter can include a file name, and also enables the user to define a new name for the file that was copied

Additional Flags for Grep: -c

Counts the number of lines that were found a match

ping -c

Counts the number of pings

mkdir [option [directory name]

Create a directory

touch [option] [file name]

Create a file

Tar Archive -zcvf: c

Create a new archive

useradd

Create a new user; Created without a password and home directory, which must be created separately.

adduser

Create a new user; does not require additional information because it uses the value specified in the command and default information from the operating system.

groupadd

Creating a group

Creating Backups

Creating file backups is crucial for any organization, regardless of its size. Backups should be created every 24 hours to prevent data loss. Important data should be backed up a minimum of once per week.

Groups

Creating groups of users is done to simplify the application of settings and permissions. Any user who belongs to a group will have the settings and permissions assigned to the entire group. When a user is created during installation, they are automatically assigned to a standard group (unless defined by root).

Crontab (Cron Table)

Crontab is a tool that stores tasks that are scheduled to be executed by cron, such as running a routine script or restarting a machine. Since Cron is popular among IT system administrators, it is often considered a vulnerable target by hackers. If the default is not changed, the configuration will remain the same, and it will be unprotected.

Cut

Customizes alphabetic output. "cuts" letters and presents several parts of the word or words.

Linux Installation: Debian After Installation

Debian configuration is required, including HTTP proxy and mirroring. During the configuration process, options are chosen for the desktop experience or server installation. Since Debian does not install a desktop experience or server by default, this stage includes several options for faster installation: Debian Desktop Environment, Printer Server, and Standard System Utilities. The last step is GRUB installation, after which the machine reboots.

Apt Package Manager

Debian uses a package manager called "atp" that provides a wide selection of options to handle packages.

Variables and Arguments: ""

Defines textual content

rm [option] [file name]

Delete a file

groupdel

Delete a group

Diff

Diff is a command that compares two files line-by-line and displays the differences. The command uses specific symbols, and special instructions are required to create two identical files.

whatis

Displays an informative line from a binary's manual

System Awareness: uname -r

Displays information about the system and its version. Can also be used with different flags to present additional information, such as the kernel version

ifconfig

Displays information such as the IP address, network card name, protocol support (IPv4/IPv6), subnet mask, and more.

Isof

Displays open files, local and network, from the specific host in which the command is executed. Displays results only from the directory it is executed from and if a user does not have permission to view the file, the output will be readlink: permission denied. Some files are not accessible to users, such as system files that are located in the root directory, while others are displayed with the directory path, process IP (PID), node, user, file type, and device.

Linux Kernel

Due to its scalability, Linux-based operating systems can be used for a variety of products, ranging from wristwatches and refrigerators to supercomputers. The kernel establishes communication between the hardware and software components, and manages the system's resources.

visudo

Edit the sudoers file, but you must have sudo permissions to view or edit the file

Elif

Elif is a combination of else and if. While if will always be checked and else only runs when if returns false, elif provides the ability to check multiple if statements, because else considers only the last if statement.

Configuration Files

Enable shell customixation, such as new function creation, coloring, and control over the command completion mechanism

Operators: =

Equals

Operators: -eq

Equals (number)

File and Directory Ownership

Every file and directory in the system has a user owner and a group. The owner can be identified by the first name that appears after the permission, and the group is the second name.

UID (User ID)

Every user in the system has a unique user identifier (UID). Value is used for identification and to define which system resources a user can access. New users created in the system begin with UID 1000, while the root user has the value 0.

Exit Status

Exit status is code that triggers a verification process. It checks if the last command executed was a success or failure. The standard exit code is 0 for success, and any number between 1 and 255 for failure.

FTP Hardening

FTP service hardening options include those described above for SSH, but some additional options address it unique vulnerabilities

/etc/shadow

File contains passwords for each user encrypted with one-way keys

/etc/passwd

File includes a list of all users in the system

Login.defs

File is located in the /etc directory and is responsible for retaining password management information. Contains configurations designating the maximum length of passwords, password expiry periods, the generation of prompts to change passwords that will soon expire, and more. This file is referenced when a password is set using passwd, and does not depend on other applications that require a password, such as SSH, Apache, and others.

/etc/group

File lists all users and the groups they are associated with. Displays several groups of characters, each separated with a colon. The first shows the group name, and in most cases the second displays x, which stands for password, followed by the unique GID number, and users that are listed in the group.

System Libraries: OS Root Directories

Files and directories are organized in a single-root inverted tree structure. The file system begins at the root directory, represented by a forward slash (/). Names are case-sensitive, and pats are delimited by a forward slash. For file and directory names, all characters are valid, except the forward slash. It is important to be careful when using some special characters in file or directory names, and some characters should appear in quotes when they are referenced. Names are case-sensitive.

Ordinary Files

Files that contain data, text, or program instructions

whereis

Finds the location of specific binaries, their manual, and source file

ping -f

Floods the server with ping requests.

Unzipping Files

For a zipped file to be unzipped, the file must be specified in the unzip command. The -d flag can be used to export the zipped content to a different folder.

Linux Kernel: Primary Responsibilities

Four primary responsibilities; 1. Hardware Management; 2. Memory Management; 3. Process Management; 4. System Call Management

Users: Service Users

Generally, service run non-interactive or background processes on a system, while regular users can log in and run interactive processes.

> or >>

If added to a file name, it will add the content in the file without displaying it on the terminal interface

apt install

Installs packages

Variables and Arguments: $

Invokes a variable

User Home Directory

Is designated for users to store files and create other directories.

Network Time Protocol Daemon (NTPD)

Is the most widely used method to sync Linux system clocks with network time servers.

SSH Hardening: Back Up Configuration File

It is recommended to back up the original file, so that it can be recovered if a configuration issues arises.

*

Known as "wildcard", represents "everything"

Operators: -lt

Less than

Operators: le

Less than or equal to

resolve.conf

Name resolution is performed by DNS servers specified in the resolve.conf file located in /etc/.

Additional Flags for Grep: -v

Outputs the unmatched typed filter

For Loop

Performs a block of code with a range, as long as the condition is true.

While Loop

Performs a block of code, as long as the conditions are true.

chmod

Permissions for a file are set using numerical input (such as 777 for full permissions), or r/w/x. Can use this method with a plus sign (+) for addition, minus sign (-) for removal, and an equals sign (=) to apply a permission.

Route: Ref

References to the specified route

dhclient -r

Releases an IP address received from a DHCP server

rmdir

Remove directory

apt remove

Removes packages

Hidden Files

Represented by dots (.) at the beginning of the file name

FTP Hardening: Set Disk Quotas

Restrict the size of files that can be uploaded

System Commands: uname

Returns information regarding the operating system

System Commands: whoami

Returns the current user name

Navigation Commands: cd ~

Returns to the home directory

Navigation Commands: cd -

Returns to the previous directory

Route: Use

Route lookups (decision-making process to determine how to route packets to their destinations)

groups <username>

Run to find out what groups a user belongs to.

Until Loop

Runs a block of code until a specific condition is met.

Secure Copy Protocol

SCP is a protocol that provides the ability to transfer files among parties securely, via SSH. SCP also has an authentication level in the connection process. Allows file uploads to and downloads from a server, via port 22. Different flags can be used to control the bandwidth, cypher, and ports of the connection. The SCP protocol is east-to-use and pre-installed on Linux distributions.

SUID, SGID, and PATH

SUID and SGID are special characters (bits) that can be attached to files or directories to provide additional permission capabilities. These capabilities may be beneficial for the system's operation. They can also be views as potential vulnerabilities.

Smb.conf

Samba's configuration file is used to manage all the options regarding data sharing. The file contains comments that explain the different options and assists in the configuration process.

Find

Searches for files and directories. The command looks for the file in the working directory. Yields more accurate results and uses more complex syntax. Find by size: find / -size 50M

Gaming Server

Servers that can be run on home PCs for multiple player video games.

ping -i

Sets the interval in seconds between each packet it sends.

Logical Operators

Several commands can be written on a single line by separating them with a semi-colon (;). This allows you to combine several commands in a single variable. Other command separators can be used as well, such as || which will run the second command if the first fails, and && which will run the second command if the first succeeds. The exit status syntax is echo $? and can only be run from the terminal window.

Netstat

Shows network statistics about the workstation and displays the port number, incoming and outgoing connections, if the connection is active or inactive, and if the port is listening. Also can display the information in a graphical view. Netstat returns results with information about the online state and live connections, similar to the ss command, which dumps socket statistics. The ss command is installed by default in Linux distributions and is easier to use than netstat

wc -c

Shows the number of bytes

Additional Flags for Grep: -n

Shows the number of the line the word was found in

which

Shows where the execution location is for specific binaries. Typing it before a command or set of commands will show the location of the command, which will typically be /usr/bin

Special Files: (s)

Socket file

Basic Linux Components: Desktop Environment

Software that provides a user-friendly GUI.

Basic Linux Components: Package Manager

Software that provides the ability to download, install, and update applications.

Terminal Emulator: Graphical Usage & Applications

Some applications cannot be replaced with a terminal emulator, such as those that run their own database. Some applications, such as Wireshark, can be used as both GUI and non-GUI.

SCP Flags: -P <port>

Specifies the remote connection port

Tar Archive -zcvf: f

Specify the archive name

Permissions: UGO

Specify the entity and the permission using letters. u - user g - group o- other

Important Directories: /media

Stores information about removable media, such as CDs and USBs. When a removable disk is connected, a directory will automatically be created with the disk contents.

Cut -b

Text can be arranged by bytes

Gedit

Text editor for UNIX-like operating environments. It is a third-party application that works with an interface similar to Notepad. Terminating the command without exiting the Gedit interface will close the Gedit window without saving the changes. It supports syntax highlighting, printing, plugins, spell check, and more. Text appears monochrome, unless a different color scheme is chosen.

Hidden Files: .bashrc

The Bourne Shell configuration file

Hidden Files: .kshrc

The Korn Shell (ksh) configuration file

Bash

The characters ./ are placed before the name of a script, for it to be executed. When a script file is created, it is not assigned execution permissions, which must be added manually to allow its execution. When scripts are written in text editors, the editors recognize the code and provide different colors for their various sections.

SSH Connection

The connection process consists of several steps. 1: set the command with the server's credentials to initiate the connection. 2. The client is asked about continuing or not, and then sends a password for the specified user. If the password is correct, a shell appears.

'Do' Parameter

The do parameter defines the action to perform if the condition is true. The do action follows for, and done closes the loop. Note: done is necessary to let the script know when to end the loop actions.

Linux Distributions: Distribution Variety

The fact that Linux is an open-sourced project, enabled it to branch out to form many different distributions. Each distribution has its own purpose, strong points, and weaknesses. Some distributions are dedicated to server management, such as Ubuntu and CentOS. Some distributions are dedicated to penetration testing and hacking, such as Parrot and Kali. Due to flexibility of the Linux architecture, many distributions are based on older ones. Although there are many distributions with different GUI experiences and file managers, they all share a common kernel.

chown

The file owner or group can be changed. By changing the owner or the group of the file or directory, the permissions will be applied to the specified entity. Example: chown <user>:<group> <filename>

Linux Installation: Debian

The first step is to choose the installation type: graphical experience (32/64-bit), standard installation, or graphical installation that does not include the GUI interface. The next step is to choose the language and country, and then the hostname, domain name, and root password. After those steps, the user specifies his/her actual name, and a username and password for non-admin users. Debian does not use the root as the main user, for security reasons. The final steps are to save the configuration details and choose the installation path.

Samba Hardening

The following hardening options are suggested for the samba service: Allow list the host access segment; Turn off the option to save passwords; Don't publish the service to the world' Use the relevant SMB version

ls -l | grep <file name>

The grep command is used to search for strings within a text. Concatenating the ls command with grep using the pipe will filter the search to obtain a more accurate output.

If, Else, Then

The if structure includes if followed by open brackets, with the condition appearing in the brackets. The word then follows, and what should happen if the statement is true. The structure ends with fi. Note: If statements must include the following to work: They must end with fi; They must have spaces before and after an option in brackets.

FTP Installation

The installation process for the client is simple and requires the execution of a single command: apt install ftp. A connection can be established for a server simply by providing the name of the application and the target IP address. Upon connection, the CLI of the ftp server will appear and allow command execution. A browser can also be an ftp client, as long as the protocol is specified in the target URL.

Samba Installation

The installation process is straightforward, and the service is installed via the apt package manager. Before installing Samba, it is recommended to have a fixed IP address to avoid unnecessary changes to the configuration file.

Linux Kernel: Process Management

The kernel assigns resources to individual processes and prioritizes them. It also manages process security and ownership information.

Linux Kernel: Handling System Calls

The kernel can receive requests from programs to perform certain tasks.

Route: Genmask

The network mask of the destination network

Repositories

The paths listed in the sources.list directory are called repositories, which are storage locations that Linux designates for all packages (a remote server). The file can be located in the /etc/apt/ directory and there are also several files in the /etc/apt/sources.list.d/ directory. Require internet connection. Changes can be made in the sources.list file to change the accessed repositories, but such changes require root access

File Sharing

The protocol allows file sharing among parties, and can also be used to deploy a file storage server that users can access via CLI or a browser and download files from it. The server's access permissions can be controlled via its configuration file, vsftpd.conf, which is located in /etc/. The default installation of an FTP server is considered unsecure, since all the data is transferred in plain text.

/etc/apt/source.list.d/

The purpose of the files is to communicate with the sources listed in the file for online updates.

Hidden Files: .rhosts

The remote shell configuration file

Route: Destination

The routed network

system-resolved

The service in Linux systems responsible for address name resolution

Stderr

The standard error stream that sends error messages to stdout

Stdin

The standard input stream that reads data from the user.

Stdout

The standard output stream that, by default, sends data to the output terminal

Sum

The sum command performs a checksum and counts 512-byte blocks in a file.

Command Line Interface (CLI)

The terminal allows the user to enter commands for the operating system. The command interface depends on the distribution. In the terminal prompt. the dollar sign ($) typically means "logged in as regular user." The hash sign (#) means "logged in as root user."

Command Structure

The terminal and commands run through it are used to configure system settings and display existing data. System operations and management can be faster and more efficient via the terminal, and process automation is simpler. Commands run via the terminal have unique structures that include letters, numbers, and characters

Apache Configuration

The web files are located by default in /var/www/html/index.html. This is the root folder and contains Apache webpages. You can change it by editing the apache2.conf file, which is located in /etc/apache2/ along with many other Apache configuration files. Apache2.conf is also responsible for loading the other configuration files in the /etc/apache2 directory.

Linux Distributions

There are many Linux distributions, some of which are fully customized, and some that are compiled to a ready image and uploaded to the internet as ISO files. Common distributions include Debian, Ubuntu, RedHat, CentOS, SUSE, and others. Some have different command execution syntax, and some are completely different in their user interface and experience.

vsftpd

This is the server side of the FTP communication. The server is responsible for running the FTP daemon and stores all information regarding the service and its configurations. Installation of the vsftpd service is done using the command: apt install vsftpd

Permissions

Three main: read, write, and execute (-rwxrwxrwx). Typically the root user is the only one who has the permissions to work with system configuration files.

More

To avoid scrolling endlessly to find something in the file, it can be viewed page by page

ssh [user]@[IP address]

To connect via CLI, the service command must be used with the credentials of the server and a user to connect to.

mv <filename><destination>

To move a file from one location to another. The original location is referenced first, and then the new location. The command will also overwrite any files in the destination with the same specified name

SSH Hardening: Disable Root Login

To prevent remote connections with high level privileges, the option to log in with the root user may be disabled.

Vim: (:)

To run a command while a Vim file is open. Colon can be used for: to save a file, search for somethin gin the code, or display information on other commands. When you type (:), a line will appear at the bottom of the terminal, where you can enter a command

Compilers

Translate the code into machine language before running it. Although compiled programs run faster, they first need to go through the compilation process, which is time consuming.

Interpreters

Translates the code into a intermediate form and then runs it. Interpreters run high-level programs immediately. A shell interpreter links commands written in CLI to OS services and binaries, and runs them.

ifconfig down

Turns the network interface off

ifconfig up

Turns the network interface on

Tail & Head

Typically used in content with large amounts of text. Can change the number of lines displayed using the -n flag.

apt update

Updates package lists for upgrades

Apt Updating

Updating the system does not mean it installs the packages. Instead it saves a list of the newest versions of the available packages in the /var/cache/apt/archives directory, which can be retrieved and installed using the apt install command.

Automation

Us a crucial aspect of Linux system management and operation. Bash scripting is ideal for that purpose and can significantly reduce the time and effort of administrator and user tasks. When an automated task is performed, it is recommended to have the script print messages about the execution for informational and possibly debugging purposes.

SSH Hardening: Set a Certificate

Use this option to control the login security level without monitoring the usage of strong passwords

SCP Flags: -v

Used in debug mode to observe the connection details between SCP and SSH

cat [filename]

Used to output a file's content to the terminal

Hidden Files: .profile

User settings related to a shell, such as the location of a shell-based search for executed commands

Basic Linux Components: Dedicated Environment

Users can choose the Linux distribution that suits their needs. For example, because Kali OS contains hacking tools, it is often used by penetration testers. Although Kali includes a GUI interface, the terminal within the GUI is user for many operations, since most of the hacking tools are supported only via the terminal. To build an operating system, programmers rely on some of the more commonly used distributions, such as Debian, to customize the repository, applications, and the entire look.

SMB

Uses two protocols: 139 when it runs on top of NETBIOS as an older versions, and port 445 when it runs on top of TCP

Variables and Calculations

Using a double plus sign (++) before or after a variable increases the value by 1. Variables are calculated relative to their locations within the command flow. The last variable that is calculated will be the final value. In arithmetic operators, there is an option to use the escape character (\), which indicates the removal of the special meaning of a character.

C Shell

Utilizing C Shell is done by running the csh command from a terminal. C Shell commands provide programming features, such as keyboard shortcuts, automation by scripting, displaying a history of commands, and more. C Shell lends itself to ease of extension and expansion using a C-syntax development language. Common for developers who would like to maintain consistency in syntax to the operating system itself.

systemctl status <service name>

View service status

Crontab Text Editor

When Cron is started for the first time, you need to specify the text editor. The crontab -e command will start the johnd crontab file. The default and recommended editor is Nano.

Service Debugging

When a service is activated, it is important to check its status using the command: service <service name> status, and verify that it is active. If the service fails to start, a brief description of the problem will often be provided.

IP Address

When clean versions (without additional tools) are installed, the IP address command will display the IP address of the station.

Read & Echo

When learning a new language, a good way to start is to learn how to print and read data. The read command waits for input from the user and assigns it to a variable. The command can be used in a script to collect information from the user and use it as a variable.

Alias

When working with a shell interpreter, aliases can help write scripts faster and more efficiently. An alias is a combination of commands that are piped together. The commands can be sequenced in .bashrc files, which are located in the user's home directory. The file is hidden (as indicated by the dot before the file name) and can be viewed using ls -la (the -a flag shows hidden files) or opened using a text editor (for example, vim ~/.bashrc). The file can also be viewed using the GUI file explorer, and Ctrl + H allows you to see hidden files in a folder.

Basic Linux Components: Dedicated Environment; RHEL and CentOS

Which are enterprise-grade versions of servers. Unlike other distributions, RHEL is licensed, and requires a fee for support. CentOS is a free alternative to RHEL, with several differences and without RHEL's enterprise support.

Named

Which is part of the BIND DNS package, is a service that executes the DNS server daemon, which converts host names to IP and vice versa.

Sort -o

Which places the sorted output in a new file

Sort -r

Which sorts content in reverse order

echo >

Will overwrite all existing content and insert new content

Bash

aka Bourne-Again Shell, is a type of interpreter that processes shell commands. An interpreter is a program that executes instructions written in a high-level language.

Starting the Service

service <daemon_name> <action> or systemctl <action> <daemon_name> The most common actions are start, restart, stop, and status. To configure a service to start with the system boot using the command systemctl enable <daemon_name>

Alias: If not found

the shell interpreter will go to the PATH and look for executable files that correspond to the given command. PATH is an environment variable that points the shell to directories where the executable files (such as binaries and scripts) reside.

Variables: Assign a Command Output to a Variable

you can use back ticks (`): myIP=`ip a | grep - A 1 enp0s3`. Using that example, you can obtain the IP address by running echo $myIP after the grep command.

Hard Link

Files that are saved to the hard drive (regularly created and saved files). Any change in a hard link will also cause a change in its associated soft link.

File System Navigation

Fundamental skills to master in Linux are: manipulating files, navigating the directory tree, and understanding the file system environment. After logging in to a server, the initial location is often the user account's home directory.

Installing GNOME as a Desktop Experience

GNOME (GNU Network Object Model Environment) installs tools and features in a graphical interface and presents them in a desktop environment. GNOME is one of the many desktop experience interfaces that are referred to as Windows Managers, and can be installed and uninstalled at any time.

Operators: -gt

Greater than

Sudo

A regular user can be configured as a 'sudoer' which grants the privilege to execute commands with root permissions

SSH Remote Connection

A remote connection to an SSH server can be established from a CLI with a dedicated command or a dedicated third-party application, such as PuTTY. One side has the role of the server and the other has the role of the connecting client. The SSH daemon constantly listens to the service's port and waits for a client's request to connect.

Route: Metric

A value that specifies the preferred route when there are several routes to the same destination. A lower number indicates a higher preference

Variables

A variable is a character string to which a value can be assigned. Since a variable is a pointer to actual data, it can represent anything from a character to a device. Variables are indicated by the dollar sign ($).

Route: Flags

Additional data that describes the routes (U= up, G= gateway)

Symbolic Link

Aka Soft link, and is similar to a shortcut in Windows. The link is written to a different directory than the one it is saved in.

dhclient -p

Allows configuration of a custom port (the default port is 68 UDP).

Archives

An archive is a group of files that are bundled into a single file. Many archives are compressed to reduce the file's size. Transmission of data and program distribution can also be performed using archives. Software available online is typically distributed in archived files that include all associated files and documentation.

Bash Scripting

Anything that can be run as a command can be included in a script. Example: write a script to run simple commands such as tar and crontab to schedule a backup.

echo

Appending and writing text to a file. Displays typed content on the same terminal interface.

Command Line Interface (CLI): Options

Are properties of commands that expand the command's capabilities. They are typically represented by hyphens and one or more letters.

Arithmetic Operators

Arithmetic operators are mathematical functions that can calculate two or more operands, or objects that can be manipulated. For example, in 2 - 1 = 1, the 2 and 1 are operands and the minus sign is the operator. Arithmetic operators are used in equations in computer language scripts, to perform various types of calculations.

B2SUM

B2SUM is a BLAKE2 hashing tool. BLAKE2 is a cryptographic hash that works faster than MD5 and SHA1(3), and has the SHA-3 security standard.

Compression: BZip2

BZip2 is an open-source file compression program. It can only compress individual files and is not a file archiver.

Ping

Based on the ICMP, sends a network packet called ICMP echo request to a remote server, which replies with the information about how long it took for the packet to get to the server and back to the station. The response can also include an error message if the connection fails. Can be used with an IP address or DNS name and has advanced options that can be set with flags

Bash Scripting

Bash scripts allow multiple commands in a single file to be executed, which makes command execution easier. It also allows system commands in the script, which are otherwise typically executed from the terminal. Bash features make it ideal for administrative task automation. Script files have the extension .sh, and start with the line #!/bin/bash, which tells the system where to pass the data for execution.

Basic Linux Components: Debian

Basic distribution of Linux. It does not contain a desktop experience or a graphical interface other than the basic UNIX terminal. Users can install many utilities in Debian to enhance their work with the operating system.

Special Files: (b)

Block file

BASH

Bourne Again Shell. Was designed as an improved version of the sh shell and therefore has similar command syntax. BASH shell scripts are commonly run on Linux distributions

Vim

Built-in text editor based on the terminal. Uses colors, and displays line and character locations. Messages displayed at the bottom of the terminal window can be set to appear in yellow or red. Writing code is easier with the completion feature. Opens in command mode, what you type is interpreted as commands rather than regular strings.

mv

Can also be used to rename files in the system. To change a file's name and leave it in the same directory, the destination should be the current working directory(./).

Linux Installation

Can be installed as an operating system on the host computer or as a virtual machine. Linux can interact with and support many hardware components. Before installing Linux on a virtual machine, a few things should be preconfigured. Virtual box requires the preparation of an installation surface that applies RAM and disk size and matches and marks the platform (type and version) prior to inserting the ISO. Some versions of Linux include live version along with a full installation, but all have several common installation-related steps, such as creating a user, setting a password, configuring the installation path, updating the OS (during installation), and choosing a language.

journalctl -- unit=<service name>

Can be used to display logs for specific services

Files & Folders

Can include more than text, images, and compiled programs. Can also contain partitions, hardware device drivers, and directories. Case-sensitive. Two files can share the same name, but their names may have different letter cases.

Traceroute

Checks the path of a packet that is sent to its destination, and displays it in the command line. Each device along the path is known as a hop. Not every hop will be visible because some devices do not reply to ICMP requests even through they process them. Such devices are marked with **. The final destination is the target IP address and the source IP is linked to the sending station.

Additional Flags for Grep: -l

Displays the file name of input files

Head

Displays the first 10 lines.

Tail

Displays the last 10 lines of the document

wc -L

Displays the longest line in the file

wc -w

Displays the number of words in a file

Route

Displays the routing host tables that show the possible ways to forward network traffic. Setting the IP address as one of the sides (outgoing or incoming traffic) allows communication between all traffic segments. Listed as a table showing columns for the destination, gateway, genmask, flags, metric, Ref, and Iface.

Operators: !=

Does not equal

Basic Linux Components: Without GUI

Even if a Linux distribution does not come with a GUI environment, one can easily be installed. The GUI helps users perform many actions without having to run terminal commands, and is especially helpful for new users who may be unfamiliar with the command line interface (CLI). For example, the GUI interface simplifies file management tasks, such as moving directories, copying and pasting files and folders, and accessing directory listings.

Compression: Gzip

Gzip compresses data to reduce its size. The original data can be recovered by unzipping the compressed file. This application is essential for web apps and websites because the HTTP protocol uses Gzip for output, enabling smaller files to be downloaded by visitors.

Hashing

Hashing is the process of generating a unique value from a string or text using a mathematical algorithm. Hashes are used for almost any type of digital content, including text, documents, images, and more. A hashing function will always output the same results for the same given data. Databases of known password hashes, called rainbow tables, contain data that correspond with hashed values.

Additional Flags for Grep: -i

Ignores case sensitivity

File Integrity

In Linux, file integrity refers to whether or not files have been modified.

Terminal Emulator

In Linux, the terminal emulator allows the user to run OS commands directly on the machine. It is a tool that has a graphical interface and emulates shell or terminal text. The terminal emulator also allows remote command execution through SSH or Telnet protocols.

Users

In Linux, three user types: Service users; Regular users, Root user or superuser. A simple way to view all users in the system is to read the contents of the /etc/passwd file. Each line in that file contains information about a single user.

Linux Distributions: Other Uses of Linux

In addition to servers and personal computers, Linux is also used as a core component in Android and IoT devices. Since Android OS is based on the Linux OS, every Android phone, smart watch, and multimedia device runs on the Linux Kernel.

nano [file name]

Invoke Nano

vi

Invoke Vim

AWK

Is a data extension tool. It can extract specific data from texts and outputs the results to the screen. By default AWK uses white space to separate between fields, but you can set a custom separator using the -F flag.

dmesg

Is a diagnostic tool that generates messages from the kernel ring buffer during the boot sequence. Useful in cases of device failure. The kernel ring buffer records messages related to the operation of the kernel.

Sendmail

Is a mail transfer agent (MTA) used to deliver pre-formatted email messages. It comes pre-installed by default on most Linux distributions, and does not work with a GUI, but only through the CLI. The SMTP protocol that is used by nearly all email services communicates via sendmail

Secure Shell (SSH)

Is a secure network protocol with a range of uses. It can be used to securely access remote servers and hosts, and operates by creating an encrypted connection between a local client and a remote server over an insecure network such as the internet. The connection not only allows you to access remote servers and hosts but also to securley transfer files using the SCP protocol via SSH. SSH is used by applications such as PuTTY, MobaXterm, and many more. Port 22 is reserved for SSH.

Samba

Is a service that operates via the SMB protocol, which is responsible for file sharing in a network. The shared directory that it opens is specified in the smb.conf configuration file located in /etc/samba. The configuration file allows selection of different access permissions, such as allowing write operations to the directory, permitting browsing in other directories, and more

User Types: Root Account

Is a superuser that has complete access tot he operating system, including making changes and managing other users. The root user should not be able to log in to the OS freely, but should do so using the sudo command, which allows switching to root-level access when changes are necessary. Only a root user can create and delete other users.

Logwatch

Is a system log analyzer and reporter. It generates periodic reports based on criteria specified by the user, and can aggregate logs from multiple machines to a single report. It can analyze logs from multiple platforms. Some versions are not supported by older versions of system logs. Installed using: apt install logwatch -y

Nano

Is a text editor for UNIX-like operating environments that use a command-line interface. Includes shortcut keys to exit a file, cut a file's content, look for keywords in a file, and more. Keys appear at the bottom of the command line when using Nano.

journalctl

Is a utility that retrieves messages from the kernel, system daemons, journals, and other log sources.

Z Shell (Zsh)

Is an extension of the sh shell and shares common features with it. Includes automatic directory movement, recursive directory expansion, spell check, correction, and more.

Open-Source Philosophy: Berkeley Software Distribution (BSD)

Is an open-source OS based on research conducted on UNIX. Created at UC Berkeley and last release in 1995. From BSD, derivative programs, or descendants were created, including FreeBSD, NetBSD, DragonFly BSD, and others.

Samba

Is an open-source software suite that runs on Linux-based operating systems and communicates with Windows clients. Enables the sharing of resources such as printers and files through the Common Internet File System (CIFS) and the Server Message Block (SMB) protocols. SMB is used by applications and services to talk to each other over a network.

File Transfer Protocol (FTP)

Is one of the oldest methods for transferring files among hosts over TCP/IP connections. Is a client-server protocol that creates two communication channels between a client and a server: one to control the conversation, and another to transmit the data. Does not encrypt transferred files and was eventually replaced with Secure FTP (SFTP), which works over SSH. Uses two ports: port 21, to set the connection between both communicating parties, and port 20, to transfer the data.

PATH

Is the location the command references. Commands are located in the bin or sbin directory, and the command path is configured so that it first references the bin and then navigates to the sbin if it is not found in the bin directory. Can be manually configured and comes with default settings depending on the commands, libraries, application settings, and location. Each file path is separated with a colon (:).

Hardening

Is the practice of enhancing security, checking configurations, creating rules and policies, updating and patching software and systems, and a variety of other measures, with the aim of decreasing the surface vulnerability of programs, services, protocols, and operating systems.

sh

Known as the Bourne Shell. Is a simple shell interface that works with the OS. Sh is used as a scripting language and contains many features that are designed for programming.

SSH Hardening: Audit Connections

Monitor requests to connect to the service, to keep track of potential threats.

Linux Distributions: Computers and Servers

Linux became more and more user friendly, and evolved to include a modern, convenient desktop environment. This opened Linux to a larger volume of users, and the Linux personal computer OS today features an excellent GUI experience and numerous applications, such as those in the Ubuntu desktop. Linux OS designed for servers often do not implement GUI features and desktop experiences. Ubuntu has a server without GUI features, which makes it "lighter" and requires less resources for its basic operations. Linux servers can be used to host cloud services such as OwnCloud and NextCloud

Hashing Tools

Linux has a built-in command called checksum generation that displays the outcome of a cryptographic hash function. The most popular encryption utility in Linux is md5sum. There are tools that make hashing easier and can create a hash for almost anything, including files, words, and passwords.

GID (Group ID)

Linux identifies groups by their GID. Value is unique, and group names are case sensitive.

User Types

Linux uses groups to manage users and set access permissions. Can be personal accounts or the root account. Linux is a multi-user system based on the UNIX concepts of file ownership and permissions. Regular users typically perform daily routine-like operations. Not every command that the root user can run can be executed by a regular user.

ls -a

Lists invisible files

wc -l

Lists the line numbers in the file

Loops

Loop statements simplify repetitious tasks by continuously repeating an action until a condition is met. Repetitive tasks are used in programming, as well as in malicious brute-force attacks, the aim of which is to log in to a system by guessing a user's password. In malicious usage of a loop, an attacker can create a script featuring a loop that tries to enter a website by going through many possible passwords one at a time.

Open-Source Philosophy: Licenses

Most operating systems come in a compiled format, meaning the main source code is not directly accessible. The source code of an open-source OS is included in its compiled version, and anyone can modify and customize it. In addition, an open-source OS allows the user to run programs, change the code for a specific use, redistribute copies, and more. When software is compiled and ready, it is published and made available to the public. Applications typically include signatures, and some open-source software have a GNU General Public License (GPL), that ensures that it remains open-source, free, and available to be modified and configured at the kernel level.

Special Files

May provide access to hardware, such as hard drives, CD-ROM drives, modems, and Ethernet adapters. Other special files are similar to aliases or shortcuts that open or activate the files they represent

Special Files: (p)

Named pipe file

Navigation Commands: cd ..

Navigates to the parent directory of the current directory

Navigation Commands: cd /

Navigates to the root directory of the entire system.

Nginx

Open-source web server that focuses on performance optimization. Also used as a reverse proxy, HTTP cache, and load balancer.

Less

Opens one page of the file at a time

man

Opens the manual for a specified binary

Important Directories: /dev

Points to the location of device-related files.

FTP Hardening: Disable Anonymous Connections

Prevent the option to log in without credentials

FTP Hardening: Set Access Time Restrictions

Prevent users from connecting to the server at specific times, such as work hours.

System Commands: pwd

Prints the current working directory

System Commands

Provide data regarding the system and its content.

SGID

Provides the ability to execute a file for anyone in the owning group.

Piping (|)

Redirects the output of one command through the input of another command. A type of redirection from a stdout to a stdin. Used mainly in command form and can also be used in programs and processes. Divides the command into two inter-dependent parts. The second part of a piped command must be associated with the first part.

Additional Flags for Grep: -r

Represents recursive, and processes all files in the directory

dhclient command

Requests a new IP address

Sha1sum

Sha1sum works on SHA-1 message digests, which are no longer considered secure.

Tar Archive -zcvf: v

Show a list of processed files

Basic Linux Components: File Manager

Software that provides an interface for file and directory management.

SSH Hardening: Allow List Users

Specify which users can log in to the system to lower the potential attack surface.

Variables and Arguments: #

Starts a comnent

Directories

Store both special and ordinary files. For users familiar with Windows, UNIX-based directories are similar to folders

Important Directories: /var

Stores variable data files, such as log files (/var/log) and HTTP server files (/var/www), although these can be stored in the /srv directory as well.

Special Files: (I)

Symbolic link file

Command Line Interface (CLI): Commands

Syntax: Command [options] [arguments] A command can be a representation of existing data in the system, but can also configure the system itself, create new files, and run programs.

Linux Kernel: Hardware Management

Systems can include a variety of hardware components, such as CPUs, memory devices, sound cards, graphics cards, etc. The kernel stores all data related to the device drivers and how to interact with them. Without a kernel, the components could not be controlled.

Tar Archive

Tar is typically used by Linux system administrators to back up data. It creates archive files that can be moved easily from disk to disk. A tar archive is created using tar -zcvf .

Cut -c

Text can be arranged by column

cut -f

Text can be arranged by field

Zip & Unzip

The zip command is located in the /bin Linux directory. Options can be added to the command, such as the -d flag, which deletes the file during the unzipping process, and - u, which updates the compression.

Hidden Files: .cshrc

The C Shell (csh) configuration file

Double Parentheses

The starting point of a calculation can be indicated using double parentheses.

Zipping Files

The zip command compresses specified files. A list of files that were added will be displayed at the end of the command. Zip is not installed by default in the Debian distribution.

CLI vs GUI: CLI

While Microsoft Windows OS is developed for regular end users and includes an easy-to-use and well-designed interface, Linux is designed more for technical purposes, such as servers, devices, hacking tools, and forensics. The Linux OS is mainly based on the Command-Line Interface (CLI), but most Linux operating systems are designed and installed with a graphical user interface (GUI) as well. CLI allows the user to run a variety of actions with a single device (keyboard) from any directory. If you need to create multiple directories, one script can cerate as many directories as needed, whereas in the GUI, it would be a much more manual process. In addition, a GUI consumes more system resources.

Vim: i

Will active the insert mode, allow regular string input in a file, rather than characters activating commands

echo >>

Will append the existing content to the end of the file

Sort -n

Which takes numeric values into conideration

Linux vs Windows

Windows is closed-source system, Linux is open-sourced system. Windows is purchased, Linux is mostly free. Windows is not customizable, Linux is highly customizable.

FTP

Works with two sides: one is the client and the other is the server. The client application is called ftp and the server application is called vsftpd. The client and server applications may not be pre-installed in the Linux distribution by default.

cat <filename> | sort

You can display the contents of a file using the cat command and sort the contents by redirecting its output to the sort command.

Conditional Operators

perform actions based on whether a statement is true or false. They consist of if...then statements, whereby if the response is true, then an action will be performed or a message will be issued. There can also be an else clause for a false response, which will perform a different action or issue a different message. Conditional operators can be logical operators, such as and or or, which can check as many things as needed in one statement. Logical operators are indicated by a double ampersand (&&) or double pipe (||). For ampersands, both conditions must be true. For pipes, only one condition must be true.

Variable: Assign a Variable

simply write the reference, followed by an equals sign (=), and the value of the variable with a number, or a word in quotes. For example, num=3 or str="Hello World".

-type=ns. -type=any

will display additional information about the domain, such as NS records, mailing address, expiration date, and other records, including SPF and TXT


Ensembles d'études connexes

Tema 3: Udvikling og udfordringer i voksenlivet

View Set

Professional Nursing: Documentation

View Set

Purchasing and Materials Management Final

View Set

Processing of Data - DLMBDSA01 Unit 4

View Set

14 conscious and unconscious thought

View Set