Updated: 2014-04-22 12:47 EDT
vi/vim, nano
head, tail
.bashrc
fileThis is one of several quizzes in this course. Each midterm and final exam will have an associated quiz. See the course outline for the mark weight of all course quizzes, midterm tests, and exams.
The quizzes are open-book, but the midterm tests and final exam are closed-book.
This quiz is based on the 224 practice Midterm Test #1 questions that are posted in the Class Notes. Each quiz is 10 questions long and you see the answers right after you submit the quiz. You can take the quiz as many times as you like. Every time you take the quiz, you get a different random set of ten questions. This quiz closes just before the Final Exam in this course; after the Final Exam begins you will not be able to submit any more quiz attempts.
Your mark for this quiz is the average of your five best quiz scores. Examples:
Your score will be taken from the five best scores. The more times you do the quiz, the more likely you are to have a set of excellent best scores. You must have five perfect quiz scores to get a perfect averaged quiz mark. Missing quizzes (fewer than five) count as zeroes. Only the five best scores are averaged.
This quiz usually closes just before the Final Exam in this course; after the Final Exam begins you will not be able to submit any more quiz attempts. (Extensions are sometimes granted; check Blackboard for the exact final due date.)
See the “Quizzes” section in the Blackboard left side-bar for CST8207.
Note: Blackboard averages the marks of all your quiz attempts. Your quiz mark is actually the average of your five best attempts, not all the attempts.
Check the due date for each assignment and put a reminder in your agenda, calendar, and digital assistant.
The worksheets are available in four formats: Open Office, PDF, HTML, and Text. Only the Open Office format allows you “fill in the blanks” in the worksheet. The PDF format looks good but doesn’t allow you to type into the blanks in the worksheet. The HTML format is crude but useful for quick for viewing online.
vim
vim
vimtutor
program on the CLS.Take notes in class! Your in-class notes would go here.
^R
cp -r dir1 dir2
and mkdir dir2 ; cp -r dir1 dir2
cd
vim
tutorial and text editor
nano
text editor
sort
command sorts one or more files to standard outputuniq
command removes or counts adjacent duplicate lineshostname
command shows your computer’s local namewhoami
command shows your useridwc
command has useful options to limit outputlocate
command finds file names using an existing listcut
and awk
commands select fields in linesdog
, doG
, Dog
, DOG
, etc.
$ echo [dD][oO][gG]
-ls
instead of -print
with find
, e.g. find . -ls
[a-z]
GLOB ranges until you understand Internationalization
$ echo [0-9]*
ls
vs. ls -a
what is the difference between grep
and fgrep
?
Redirection and pipes this week.
Here is a command pipeline that does real-time monitoring of who is trying to attack the Course Linux Server (may require privileged read permission on the log files):
$ fgrep 'refused connect' /var/log/auth.log | awk '{print $NF}' \
| sort | uniq -c | sort -nr | head -n 5
686 (188.165.173.230)
65 (70.35.59.13)
53 (211.161.45.222)
31 (61.160.215.170)
31 (1.93.34.211)
The top listed attacker is from France. They tried to log in as several different accounts and the denyhosts
intrusion protection package quickly blocked that IP address:
$ host 188.165.173.230
230.173.165.188.in-addr.arpa domain name pointer isis.cleonet.fr.
$ whois 188.165.173.230
[...]
address: 59100 Roubaix
address: France
$ fgrep '188.165.173.230' /var/log/auth.log # (output edited slightly)
Jan 19 21:51:18 Invalid user aion from 188.165.173.230
Jan 19 21:51:18 Invalid user asterisk from 188.165.173.230
Jan 19 21:51:18 Invalid user bugzilla from 188.165.173.230
Jan 19 21:51:20 Failed password for invalid user aion from 188.165.173.230 port 49674 ssh2
Jan 19 21:51:20 Failed password for invalid user asterisk from 188.165.173.230 port 50007 ssh2
Jan 19 21:51:21 Failed password for invalid user bugzilla from 188.165.173.230 port 50347 ssh2
Jan 19 21:51:26 Failed password for invalid user bugzilla from 188.165.173.230 port 50683 ssh2
Jan 19 21:51:28 Failed password for invalid user bugzilla from 188.165.173.230 port 51020 ssh2
Jan 19 21:51:28 refused connect from isis.cleonet.fr (188.165.173.230)
Jan 19 21:51:31 refused connect from isis.cleonet.fr (188.165.173.230)
[...600 repeat lines deleted...]
The next most persistent attacker is from California:
$ host 70.35.59.13
13.59.35.70.in-addr.arpa domain name pointer 70-35-59-13.static.wiline.com.
$ whois 70.35.59.13
[...]
City: Foster City
StateProv: CA
Country: US
$ fgrep '70.35.59.13' /var/log/auth.log # (output edited slightly)
Jan 9 05:13:10 Failed password for invalid user admin from 70.35.59.13 port 47336 ssh2
Jan 9 05:13:12 Failed password for invalid user admin from 70.35.59.13 port 47336 ssh2
Jan 9 05:13:17 Failed password for invalid user admin from 70.35.59.13 port 47471 ssh2
Jan 9 05:13:19 Failed password for invalid user admin from 70.35.59.13 port 47471 ssh2
Jan 9 05:13:30 Failed password for invalid user admin from 70.35.59.13 port 47635 ssh2
Jan 9 05:13:33 Failed password for invalid user admin from 70.35.59.13 port 47635 ssh2
Jan 9 05:13:55 refused connect from 70-35-59-13.static.wiline.com (70.35.59.13)
Jan 9 05:14:12 refused connect from 70-35-59-13.static.wiline.com (70.35.59.13)
[...]
The third most persistent attacker is from China:
$ host 211.161.45.222
222.45.161.211.in-addr.arpa domain name pointer Dns-Slave.bjgwbn.net.cn.
$ whois 211.161.45.222
descr: Beijing,China
$ fgrep '211.161.45.222' /var/log/auth.log # (output edited slightly)
Jan 23 10:03:31 Invalid user szabol from 211.161.45.222
Jan 23 10:03:36 Invalid user szabol from 211.161.45.222
Jan 23 10:03:44 Invalid user szabol from 211.161.45.222
Jan 23 10:03:56 refused connect from 211.161.45.222 (211.161.45.222)
Jan 23 10:04:03 refused connect from 211.161.45.222 (211.161.45.222)
[...]