Updated: 2017-03-13 09:11 EDT
man
pwd
pwd
, ls
, hidden filescd
, TAB filename completion, absolute/relative pathsCheck the due date for each assignment and put a reminder in your agenda, calendar, and digital assistant. Just like in the Real World, not all due dates are on the same days or at the same times.
Last week, your instructor showed you how to log in to the Course Linux Server and use some simple commands to create a file and then transfer the file to your laptop and upload it to Blackboard.
Assignment #02 HTML will have you log in to the CLS, do some simple commands with output redirection, and change your CLS password.
Worksheets are preparation for your assignments. You can’t do the assignments without having done the worksheets first, and you can’t do the worksheets without having first read the Course Notes: 1. Read. 2. Worksheet. 3. Assignment.
Form a small study group to do the worksheets. Each person tries the example given, and you make sure you all get the same answers. Worksheets are not for hand-in; they are not worth marks; the assignments test your knowledge of the lectures and worksheets.
The worksheets are available in four formats: Open Office (ODT), PDF, HTML, and Text. Only the Open Office format allows you “fill in the blanks” in the worksheet. The PDF format looks good but doesn’t allow you to type into the blanks in the worksheet. The HTML format is crude but useful for quick for viewing online.
Do NOT open the Worksheet ODT files using any Microsoft products; they will mangle the format and mis-number the questions. Use the free Libre Office or Open Office programs to open these ODT documents. On campus, you can download Libre Office here.
These first two worksheets require you to have read File System and Pathnames:
PS1, cd, find, less, ls, man, mkdir, passwd, pwd, rmdir
cat, clear, cp, find, grep, history, less, man, mv, rm, sleep, touch
Worksheets prepare you for the upcoming assignments.
For full marks, read the Test Instructions (all the words) before your midterm tests.
Tests take place at 10am in your lecture class, not in your lab period.
Take notes in class! Keep a pad open on your desk.
This week in lecture we learn about the terminal, the shell, and using pathnames, especially relative pathnames.
Three students used the wrong file name:
Bad file name: assignment01.txt.txt
Bad file name: assignment01.txt.txt
Bad file name: assinment 01.txt
Six students did not use the exact numbering specified in the assignment.
Please Read All The Words.
The Course Linux Server [CLS] is on the open Internet, not hidden behind a firewall, and is subject to attacks on its SSH port by people looking to take over the machine. Our job as System Administrators is to prevent that from happening.
Last term (September through December 2016) the CLS received over 131,705 attacks on the SSH port, mostly from China. Here are the counts, IP addresses, and country codes of the machines that attacked the CLS more than 500 times last term:
$ ./attack_whois.sh
82482 116.31.116.28 CN
18572 116.31.116.24 CN
13497 116.31.116.23 CN
1547 116.31.116.26 CN
966 68.55.78.69 US
545 221.194.47.229 CN
542 121.18.238.104 CN
532 221.194.47.249 CN
529 221.194.47.208 CN
526 221.194.47.224 CN
518 121.18.238.114 CN
(The above output is generated by a shell script that you will be able to write when you successfully complete CST8207.)
Here are excerpts from a sample attack from the CLS authorization log file /var/log/auth.log
on the evening of January 14 this week:
Jan 14 21:22:49 Invalid user cisco from 181.25.160.99
Jan 14 21:22:50 Invalid user test from 181.25.160.99
Jan 14 21:22:54 Invalid user admin from 181.25.160.99
[...]
Jan 14 21:23:24 PAM 8 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.25.160.99
A whois
lookup of IP address 181.25.160.99
shows that it is part of a network hosted in Buenos Aires, Argentina.
Your careful work in CST8207 is critical to preventing these types of attacks from compromising the machines you control.
This student did not type his own userid correctly and got his home IP address locked out of the server on Tuesday afternoon:
Jan 16 14:30:05 Invalid user XXXXXXXX from 70.29.53.248
Jan 16 14:30:23 Failed password for invalid user XXXXXXXX from 70.29.53.248
Jan 16 14:30:32 Failed password for invalid user XXXXXXXX from 70.29.53.248
Jan 16 14:30:49 Failed password for invalid user XXXXXXXX from 70.29.53.248
Jan 16 14:31:23 Invalid user XXXXXXXX from 70.29.53.248
Jan 16 14:31:36 Failed password for invalid user XXXXXXXX from 70.29.53.248
Jan 16 14:31:49 Failed password for invalid user XXXXXXXX from 70.29.53.248
Jan 16 14:31:57 Failed password for invalid user XXXXXXXX from 70.29.53.248
Jan 16 14:35:33 refused connect from otwaon1140w-lp130-03-70-29-53-248.dsl.bell.ca (70.29.53.248)
When you are locked out, follow the directions in the notes to get your IP address re-enabled.
No, you are not allowed to use privileged commands such as sudo
on my Course Linux Server. Use your own Linux virtual machine if you want to play with those commands.
https://www.schneier.com/crypto-gram/archives/2017/0115.html
“For decades, hackers have used techniques such as jump hosts, VPNs, Tor and open relays to obscure their origin, and in many cases they work. I’m sure that many national intelligence agencies route their attacks through China, simply because everyone knows lots of attacks come from China.”