Updated: 2015-01-29 02:36 EST

1 Readings, Assignments, Labs, Tests, and ToDo

1.1 Assignments this week

Check the due date for each assignment and put a reminder in your agenda, calendar, and digital assistant.

1.1.1 Worksheets

The worksheets are available in four formats: Open Office (ODT), PDF, HTML, and Text. Only the Open Office format allows you “fill in the blanks” in the worksheet. The PDF format looks good but doesn’t allow you to type into the blanks in the worksheet. The HTML format is crude but useful for quick for viewing online.

Do NOT open the ODT files using any Microsoft products; they will mangle the format and mis-number the questions. Use the free Libre Office or Open Office programs to open these ODT documents. On campus, you can download Libre Office here.

1.2 Lab work this week

1.3 Upcoming tests

Read the Test Instructions (all the words) before your first midterm test.

  1. First Midterm test: 45 minutes; in class 8am Thursday in Week 6 (February 12)
  2. Second Midterm test: 45 minutes; in class 8am Thursday in Week 9 (March 12)

Tests take place in your 8am lecture hour, not in your lab period.

1.3.1 Midterm Test #1

  • Midterm #1 takes place 8am Thursday February 12 (Week 6) in your scheduled lecture hour (not in your lab period).
  • For full marks, you must read the Test Instructions before the test for important directions on how to enter your answers, your lab (not lecture) section number, and the test version number on the question sheet and the mark-sense forms.
  • There may be more questions on the test than you can answer in the time allowed; answer the ones you know, first.
  • I will post a set of practice questions and quizzes for the test soon.

3 From the Classroom Whiteboard/Chalkboard

Each time we dispatch an email in one way or another, we feel a sense of accomplishment, and our brain gets a dollop of reward hormones telling us we accomplished something. Each time we check a Twitter feed or Facebook update, we encounter something novel and feel more connected socially (in a kind of weird, impersonal cyber way) and get another dollop of reward hormones. But remember, it is the dumb, novelty-seeking portion of the brain driving the limbic system that induces this feeling of pleasure, not the planning, scheduling, higher-level thought centres in the prefrontal cortex. Make no mistake: email-, Facebook- and Twitter-checking constitute a neural addiction.

3.1 Disabled SFTP writing on CLS

To improve CLS security, I’ve disabled the writing or changing of files on the CLS by the SFTP service, as used by file transfer programs such as WinSCP and FileZilla. You can copy files out of the CLS (e.g. your assignments) using WinSCP and friends, but you can’t copy files into the CLS unless you use the secure scp program.

3.2 Fifteen minute rule

Your time as a student is valuable. If you come up against a tough problem and make no progress in fifteen minutes despite best efforts:

  1. get help from a professor or lab instructor
  2. get help from classmates
  3. take a break
  4. put it on hold and work on something else

This happens to all of us, and we need to watch out for it when it happens.

But what about when it’s midnight before the assignment is due?

Remember the “Don’t Leave Things to the Last Minute” rule!

3.3 Locked out of CLS

When you use a file transfer program, remember that the program must use your userid to log in and not a blank userid. Someone got their IP address locked out of the CLS yesterday for using a blank userid:

Jan 21 20:36:31 Accepted password for XXXXXXXX from 99.246.105.31
Jan 22 01:42:38 Invalid user  from 99.246.105.31
Jan 22 01:43:05 Failed password for invalid user  from 99.246.105.31
Jan 22 01:43:15 Failed password for invalid user  from 99.246.105.31
Jan 22 01:44:07 Invalid user  from 99.246.105.31
Jan 22 01:44:37 Failed password for invalid user  from 99.246.105.31
Jan 22 01:44:52 Failed password for invalid user  from 99.246.105.31
Jan 22 01:46:40 refused connect from cpe0c473dc25fe1-cm0c473dc25fe0.cpe.net.cable.rogers.com (99.246.105.31)

Remember your password, and use the correct userid:

Jan 10 15:46:52 Failed password for XXXXXXXX from 99.224.126.41
Jan 17 21:31:54 Invalid user steam from 99.224.126.41   
Jan 17 21:54:21 Invalid user desktop from 99.224.126.41
Jan 17 22:14:39 refused connect from cpe001ec92c1d15-cm84948c4813b0.cpe.net.cable.rogers.com (99.224.126.41)

3.4 Commands

Commands are usually VERB and OBJECT:

$ wc /etc/passwd
$ cat /etc/passwd
$ less /etc/passwd

Commands in worksheets 2 and 3:

Read All The Words:

From: a CST8207 student
Hey, was just playing around with "mv" command as per weekly notes
"9 Relative Pathname Exercise"  kept getting error "-bash: $:
command not found" after trying to rename a .txt file.  example:

    -bash-4.2$ $ mv caltest.txt catltest2.txt
    bash: $: command not found

Just wondering if I'm doing something wrong and if so where would
the information pertaining to this be?

In the Week 2 Notes, under heading “2-1 Readings, Assignments, Labs, Tests, and ToDo”, (the list of things you needed to read last week) is this web page: “3. The Unix/Linux Shell – using the shell command line in Linux” and in that web page is the heading “2 Typing Command Lines”, which is the information you need to Read All The Words, especially the sentence that starts with “You do not”.

4 Real Sysadmin Work

4.1 Using parent directory chains to attack my server

Using chains of parent directories such as ../.., people attack web servers, trying to get access to sensitive files.

Someone in Kitchener tries to find a list of VMware hosts on my home machine:

$ zfgrep ../.. /var/log/apache2/*gz 
/var/log/apache2/access.log.8.gz:2014-11-27_03:52:57 162.244.31.150 162.244.31.150 - 192.168.2.250 idallen-oak.home.idallen.ca 69-165-154-175.dsl.teksavvy.com "GET /sdk/../../../../../..//etc/vmware/hostd/vmInventory.xml HTTP/1.1" 404 327 "-" "Mozilla/5.0 (compatible; Nmap Scripting Engine; http://nmap.org/book/nse.html)" 223 530 "/var/www/html/etc" 0 3672 FMT=idallen2
/var/log/apache2/other_vhosts_access.log.8.gz:idallen-oak.home.idallen.ca:80 162.244.31.150 - - [27/Nov/2014:03:52:57 -0500] "GET /sdk/../../../../../..//etc/vmware/hostd/vmInventory.xml HTTP/1.1" 404 530 "-" "Mozilla/5.0 (compatible; Nmap Scripting Engine; http://nmap.org/book/nse.html)"

See hundreds of attacks on the CLS web server in March 2014


Read All The Words 2012

Read All The Words 2012

Take Notes in Class

Take Notes in Class

Author: 
| Ian! D. Allen  -  idallen@idallen.ca  -  Ottawa, Ontario, Canada
| Home Page: http://idallen.com/   Contact Improv: http://contactimprov.ca/
| College professor (Free/Libre GNU+Linux) at: http://teaching.idallen.com/
| Defend digital freedom:  http://eff.org/  and have fun:  http://fools.ca/

Plain Text - plain text version of this page in Pandoc Markdown format

Campaign for non-browser-specific HTML   Valid XHTML 1.0 Transitional   Valid CSS!   Creative Commons by nc sa 3.0   Hacker Ideals Emblem   Author Ian! D. Allen