Course 4/Module 3 /Linux commands via the Bash shell.

-name or -iname options

-to find file or directory names that contain a specific string. -pecific string you're searching for must be entered in quotes after the -name or -iname options -two options is that -name is case-sensitive, and -iname is not.

-mtime

-use find to find files or directories last modified within a certain time frame. - The -mtime option can be used for this search. -For example, entering find /home/analyst/projects -mtime -3 returns all files and directories in the projects directory that have been modified within the past three days. The -mtime option search is based on days, so entering -mtime +1 indicates all files or directories last modified more than one day ago, and entering -mtime -1 indicates all files or directories last modified less than one day ago. Note: The option -mmin can be used instead of -mtime if you want to base the search on minutes rather than days.

why are applications important

. As a security analyst, file editors are often necessary for your daily tasks, like writing or editing reports. A popular file editor is nano.

You can use the relative file path and enter cd

.. to go up one level in the file structure. For example, if the current directory is /home/analyst/projects, entering cd .. would change your working directory to /home/analyst.

An instruction that tells a computer to do something

1. Question 1 What is a command? A component of the Linux architecture The highest-level directory in Linux A common shell in many Linux distributions An instruction that tells a computer to do something

The string to search for and the file to search through

1. Question 1 What two arguments commonly follow the grep command? 1 point -The file to move and the new file location -The file name to search for and the directory to search through -The file to write to and the string to add to it -The string to search for and the file to search through

cd /home/analyst/reports/users

1. Navigate to the /home/analyst/reports/users directory.

cd logs

1.Navigate to the /home/analyst/logs directory.

It sends the standard output of one command as standard input to another command for further processing

2. Question 2 In Linux, what does the piping command (|) do? -It moves a file or directory to a new location. -It sends the standard input of one command as standard output to another command for further processing. -It searches a specified file and returns all lines in the file containing a specified string. -It sends the standard output of one command as standard input to another command for further processing.

pwd

2. Question 2 Which of the following commands prints the working directory to the screen? cat head ls pwd

grep error server_logs.txt

2. Use grep to filter the server_logs.txt file, and return all lines containing the text string error.

ls | grep Q1

2.Using the pipe character (|), pipe the output of the ls command to the grep command to list only the files containing the string Q1 in their names.

-Copy the vulnerabilities.txt file into the projects directory

3. Question 3 A security professional enters cp vulnerabilities.txt /home/analyst/projects into the command line. What do they want the operating system to do? -Remove the vulnerabilities.txt file from the projects directory -Copy the vulnerabilities.txt file into the projects directory -Create a new file named vulnerabilities.txt in the projects directory -Search for the string vulnerabilities.txt in the projects directory

Navigates between directories

3. Question 3 What does the cd command do? Prints the working directory to the screen Displays the names of files in the current directory Navigates between directories Outputs a specified string of text

Display the first 10 lines of access.txt

4. Question 4 A security professional enters head access.txt into a shell. What are they telling the operating system to do? Remove the first 5 lines of access.txt Display the first 10 lines of access.txt Return the content of access.txt one page a time Add a header to the file named access.txt

touch failed_logins.txt

4. Question 4 What command creates a new file called failed_logins.txt? 1 point find failed_logins.txt -touch failed_logins.txt rm failed_logins.txt mkdir failed_logins.txt

An absolute file path is the full file path that starts from the root, and a relative file path is a shorter file path that starts from the current directory.

5. Question 5 What is the difference between an absolute file path and a relative file path? -An absolute file path ends with a backslash (\), and a relative file path ends with a forward slash (/). -An absolute file path starts from the root, and a relative file path starts from the current directory. -An absolute file path ends with a forward slash (/), and a relative file path ends with a backslash (\). -An absolute file path starts from the current directory, and a relative file path starts from the root.

ls

Display the files in the /home/analyst/reports/users directory.

/home:

Each user in the system gets their own home directory.

ls | grep access

How many files in the /home/analyst/reports/users directory contain "access" in their names?

mv

Moves a file or directory to a new loctaion

to read the most recent information in a log file.

Pro Tip: You can use tail

Display the first 10 lines of access.txt

Question 4 A security professional enters head access.txt into a shell. What are they telling the operating system to do? 1 / 1 point Remove the first 5 lines of access.txt Display the first 10 lines of access.txt Return the content of access.txt one page a time Add a header to the file named access.txt

rmdir

Removes, or deletes a directory

/bin:

This directory stands for "binary" and contains binary files and other executables. -Executables are files that contain a series of commands a computer needs to follow to run programs and perform other functions.

/tmp:

This directory stores many temporary files. -commonly used by attackers because anyone in the system can modify data in these files.

/etc:

This directory stores the system's configuration files.

User-specific subdirectories

Under home are subdirectories for specific users. -In the diagram, these users are analyst and analyst2. -Each user has their own personal subdirectories, such as projects, logs, or reports.

analyst@cdf712ddf345:~/logs$ grep error server_logs.txt

Use grep to filter the server_logs.txt file, and return all lines containing the text string error.

why is this file system is this a very important part of Linux

because everything we do in Linux is considered a file somewhere in the system's directory.

cp

copies a file or directory into a new location

mkdir

creates a new directory -

touch

creates a new file

head

displays just the beginning of a file.by default by default 10 lines

The cat command

displays the content of a file. For example, entering cat updates.txt returns everything in the updates.txt file.

Ls

displays the name of files

The tail command

does the opposite of head. - can be used to display just the end of a file, by default 10 lines. - Entering tail updates.txt returns only the last 10 lines of the updates.txt file.

find /home/analyst/projects -name "*log*"

find all files in the projects directory that contain the word "log" in the file name. -You could also enter find /home/analyst/projects -iname "*log*".

/home/analyst/projects

first argument after find indicates where to start searching. For example, entering find /home/analyst/projects searches for everything starting at the projects directory.

how to scan for a certain word in a specified file

grep OS updates txt OS- first argument we are searching for second argument - updates. txt

grep error time_logs.txt.

grep is used to search for the text pattern. -error is the term you are looking for in the time_logs.txt file. -When you run this command, grep will scan the time_logs.txt file and print only the lines containing the word error.

filesystem Hierarchy Standard (FHS) is t

he component of Linux that organizes data. - important because it defines how directories, directory contents, and other storage is organized in the operating system.

why do we need directories

help organize files in sub directories

pwd ls rmidir oldreports ls

input the rmdir command and follow it with the name of the directory we want to remove: oldreports. We can use the ls command to confirm that oldreports has been deleted and no longer appears among the contents.

A command

is an instruction telling the computer to do something.

absolute file path

is the full file path, which starts from the root. - For example, /home/analyst/projects

root directory

is the highest-level directory in Linux, and it's always represented with a forward slash (/). All subdirectories branch off the root directory. Subdirectories can continue branching out to as many levels as necessary.

A file path

is the location of a file or directory. In the file path, the different levels of the hierarchy are separated by a forward slash (/).

an asterisk (*)

is used as a wildcard to represent zero or more unknown characters.

where to find pipe (|) character

located on the same key as the backslash character (\). On some keyboards, the | can look different and have a small space

cd

navigates between directories

email_patches.txt ls

only need a new report on OS patches and we want to delete the email patches report? -To do this, we input the rm command and specify the file to delete as: email_patches.txt. -

pwd

prints the working directory onto the screen.

create directories and files

q

grep OS updates.txt returns

returns all lines containing OS in the updates.txt file. - OS is the specific string to search for, and updates.txt is the specific file to search through.

The less command

returns the content of a file one page at a time. -For example, entering ______ updates.txt changes the terminal window to display the contents of updates.txt one page at a time. -This allows you to easily move forward and backward through the content. Once you've accessed your content with the ____ command, you can use several keyboard controls to move through the file: -Space bar: Move forward one page -b: Move back one page -Down arrow: Move forward one line -Up arrow: Move back one line -q: Quit and return to the previous terminal window

ls /home/analyst/reports | grep users

returns the file and directory names in the reports directory that contain users. -Before the pipe, ls indicates to list the names of the files and directories in reports. -Then, it sends this output to the command after the pipe. In this case, grep users returns all of the file or directory names containing users from the input it received.

rm

revomes or deletes a file

nano

s a command-line file editor that is available by default in many Linux distributions. Many beginners find it easy to use, and it's widely used in the security profession. -multiple basic tasks in nano, such as creating new files and modifying file contents.

Grep

searches a specified file and returns all lines in the file containing specified string or text -takes two arguments:a specific string to search for and a specific file to search through. -

I (piping)

sends the standard output of one command as standard input to another command for further processing -grep can be incorporated after using this command -you can also use the right angle bracket (>) and double right angle bracket (>>) operators to redirect standard outpu

As a security analyst, you will work with

server logs and you'll need to know how to navigate, manage and analyze files remotely without a graphical user interface. In addition, you'll need to know how to verify and configure users and group access. You'll also need to give authorization and set file permissions.

echo

the > and >> operators can be used to send the output of echo to a specified file rather than the screen. - The difference between the two is that > overwrites your existing file, and >> adds your content to the end of the existing file instead of overwriting it. -The > operator should be used carefully, because it's not easy to recover overwritten files. When you're inside the directory containing the permissions.txt file, entering echo "last updated date" >> permissions.txt adds the string "last updated date" to the file contents. Entering echo "time" > permissions.txt after this command overwrites the entire file contents of permissions.txt with the string "time". Note: Both the > and >> operators will create a new file if one doesn't already exist with your specified name.

The root directory is

the highest-level directory in Linux. It's designated by a single slash. Subdirectories branch off from the root directory. The subdirectories branch out further and further away from the root directory. When describing the directory structure in Linux, slashes are used when tracing back through these branches to the root. ex. /home/analyst

To learn what your username is,

use the whoami command. The whoami command returns the username of the current user. For example, if your username is analyst, entering whoami returns analyst.

cp vulnerabilities.txt/ home/analyst/projects/

vulnerabilities.txt is a file that we want to keep in the reports directory.s it affects an upcoming project, we also want to copy it into the project's directory. (already in projects directory) -cp to copy into projects directory- ENTER - leaves the original reports and makes a copy in to the projects

If you want to return the contents of a directory that's not your current working directory,

you can add an argument after ls with the absolute or relative file path to the desired directory. -For example, if you're in the /home/analyst directory but want to list the contents of its projects subdirectory, you can enter ls /home/analyst/projects or just ls projects.

Pro Tip: If you want to change the number of lines returned by head, y

you can specify the number of lines by including -n. -For example, if you only want to display the first five lines of the updates.txt file, enter head -n 5 updates.txt.

using nano

-open an existing file in nano from the directory that contains it, enter nano followed by the file name. ex, entering nano permissions.txt from the /home/analyst/reports directory opens a new nano editing window with the permissions.txt file open for editing. -provide the absolute file path to the file if you're not in the directory that contains it. -create a new file in nano by entering nano followed by a new file name. - ex, entering nano authorized_users.txt from the/home/analyst/reports directory creates the authorized_users.txt file within that directory and opens it in a new nano editing window. -there isn't an auto-saving feature in nano, it's important to save your work before exiting. To save a file in nano, -use the keyboard shortcut Ctrl + O. You'll be prompted to confirm the file name before saving. To exit out of nano, use the keyboard shortcut Ctrl + X.

pwd command

-prints the working directory to the screen Or in other words, it returns the directory that you're currently in. -The output gives you the absolute path to this directory. For example, if you're in your home directory and your username is analyst, entering pwd returns /home/analyst

cat

-reading file content -Displays the content of a file

find

-searches for directories and files that meet specified criteria. wide range of criteria that can be specified with find. : --Contain a specific string in the name, --Are a certain file size, or --Were last modified within a certain time frame.

/mnt:

-This directory stores many temporary files. -The /tmp directory is commonly used by attackers because anyone in the system can modify data in these files.

The head command

-displays just the beginning of a file, by default 10 lines. - useful when you want to know the basic contents of a file but don't need the full contents. - Entering _______ updates.txt returns only the first 10 lines of the updates.txt file.

ls

-displays the names of the files and directories in the current working directory. For example, in the video, ls returned directories such as logs, and a file called updates.txt.

touch email_patches.txt os_ patches.txt ls

-draft new reports on recently installed email and OS patches. To create these files,we input: touch email_patches.txt and then: touch OS_patches.txt.

cd/home/analyst/reports ls mv email_policey.txt /home/analyst/drafts/ cd /home/ analyst/drafts ls cd/ home/analyst/ reports ls

-focus on our commands for moving and copying -cmmands for moving and copying. - a file called email policy in the reports folder in draft format. - want to move it into the newly created drafts folder. -need to change into the directory that currently has that file. -MV command followed by two arguments 1. identifies file to be moved 2. identifies where to move it cd/ home/analyst/ drafts - will show the move cd/ home/analyst/ reports - shows that it is no longer there

absolute and relative file path

The cd command accepts absolute and relative paths. An absolute path includes all the directories from the root of the file system and starts with a /. -An alternative is a relative path, which is expressed starting from the current directory and starts without the initial /. The above command uses a relative path.

, standard output and standard input

, standard output is the information returned by the OS through the shell, - standard input is information received by the OS via the command line.

mkdir drafts ls updates. txt cd drafts ls

- a new directory for drafts of reports. -mkdir and specify a name for this directory: drafts. -If we input ls again, we'll notice the new directory drafts included among the contents of the analyst directory.

The cd command

- navigates between directories. When you need to change directories, you should use this command. -To navigate to a subdirectory of the current directory, you can add an argument after ____with the subdirectory name. -For example, if you're in the /home/analyst directory and want to navigate to its projects subdirectory, you can enter ____ projects. -You can also navigate to any specific directory by entering the absolute file path. For example, if you're in /home/analyst/projects, entering cd /home/analyst/logs changes your current directory to /home/analyst/logs.

Bash

-$ -is the default shell in most Linux distributions -Linux is that -all commands and arguments are case sensitive.

An argument is specific information needed by a command. Some commands take multiple arguments.

An argument is specific information needed by a command. Some commands take multiple arguments.

grep jhill Q2_deleted_users.txt

Search the Q2_deleted_users.txt file for the username jhill.

grep "Human Resources" Q4_added_users.txt

Search the Q4_added_users.txt file to list the users who were added to the Human Resources department.

-cd/home/analyst/drafts/ -nano OS_patches.txt. -OS_patches.txt. -CRTL +O -CRTL +X

We'll add a title to our new draft report: OS_patches.txt. -change into the directory containing that file, - input nano followed by the name of the file we want to edit: OS_patches.txt. This brings up the nano file editor with that file open. -just enter the title OS Patches by typing this into the editor. -save this beforereturning to the command line, and to do so, we press Ctrl+O -enter to save it with the current file name. Then to exit, we press Ctrl+X.

You can enter grep error log.txt. -The grep command searches a specified file and returns all lines in the file containing a specified string. Its first argument is the string you are searching for. Its second argument is the file you are searching through.

What command can you enter to search the log.txt file for all lines containing the string error?

displays the names of files and directories in the current working directory.

What does the ls command do? It displays the content of a file. It prints the working directory to the screen. It displays just the beginning of a file, by default 10 lines. It displays the names of files and directories in the current working directory.

an instruction telling the computer to do something.

What is a Linux command?

For example, /home/analyst/logs can also be represented as ~/logs.

When the path leads to a subdirectory below the user's home directory, the user's home directory can be represented as the tilde (~).

touch

Which of the following commands can you use to create a new file? mv mkdir touch rmdir

man hier

You can use the ______ _______command to learn more about the FHS and its standard directories.