Updated: 2017-03-13 09:11 EDT

1 Readings, Assignments, Labs, Tests, and ToDoIndexup to index

1.1 Read (at least) these things (All The Words)Indexup to index

  1. Week 02 Notes HTML – this file – Read All The Words
  2. The Unix/Linux Shell – using the shell command line in Linux
  3. Command Arguments and Options
  4. Finding Help in Manual Pages – RTFM
  5. File System and Pathnames – ROOT, absolute, relative, dot, dot dot
  6. List of Commands You Should Know
  7. Linux and Sysadmin News in the World

1.2 Assignments this weekIndexup to index

Check the due date for each assignment and put a reminder in your agenda, calendar, and digital assistant. Just like in the Real World, not all due dates are on the same days or at the same times.

1.3 Lab work this weekIndexup to index

1.3.1 WorksheetsIndexup to index

Worksheets are preparation for your assignments. You can’t do the assignments without having done the worksheets first, and you can’t do the worksheets without having first read the Course Notes: 1. Read. 2. Worksheet. 3. Assignment.

Form a small study group to do the worksheets. Each person tries the example given, and you make sure you all get the same answers. Worksheets are not for hand-in; they are not worth marks; the assignments test your knowledge of the lectures and worksheets.

The worksheets are available in four formats: Open Office (ODT), PDF, HTML, and Text. Only the Open Office format allows you “fill in the blanks” in the worksheet. The PDF format looks good but doesn’t allow you to type into the blanks in the worksheet. The HTML format is crude but useful for quick for viewing online.

Do NOT open the Worksheet ODT files using any Microsoft products; they will mangle the format and mis-number the questions. Use the free Libre Office or Open Office programs to open these ODT documents. On campus, you can download Libre Office here.

These first two worksheets require you to have read File System and Pathnames:

Worksheets prepare you for the upcoming assignments.

2 Upcoming testsIndexup to index

For full marks, read the Test Instructions (all the words) before your midterm tests.

  1. First Midterm test: 45 minutes; in lecture class 10am on Friday in Week 5 (Feb 10)
  2. Second Midterm test: 45 minutes; in lecture class 10am on Friday in Week 9 (Mar 17)

Tests take place at 10am in your lecture class, not in your lab period.

2.0.1 Midterm Test #1 – February 10Indexup to index

3 Notes from the ClassroomIndexup to index

3.1 Fifteen minute rule: don’t waste your timeIndexup to index

See the Course Introduction: fifteen minute rule

3.2 Assignment #1: Read All The WordsIndexup to index

Please Read All The Words.

3.3 Course Linux Server under attackIndexup to index

The Course Linux Server [CLS] is on the open Internet, not hidden behind a firewall, and is subject to attacks on its SSH port by people looking to take over the machine. Our job as System Administrators is to prevent that from happening.

Last term (September through December 2016) the CLS received over 131,705 attacks on the SSH port, mostly from China. Here are the counts, IP addresses, and country codes of the machines that attacked the CLS more than 500 times last term:

$ ./attack_whois.sh
82482 116.31.116.28 CN
18572 116.31.116.24 CN
13497 116.31.116.23 CN
1547 116.31.116.26 CN
966 68.55.78.69 US
545 221.194.47.229 CN
542 121.18.238.104 CN
532 221.194.47.249 CN
529 221.194.47.208 CN
526 221.194.47.224 CN
518 121.18.238.114 CN

(The above output is generated by a shell script that you will be able to write when you successfully complete CST8207.)

Here are excerpts from a sample attack from the CLS authorization log file /var/log/auth.log on the evening of January 14 this week:

Jan 14 21:22:49 Invalid user cisco from 181.25.160.99
Jan 14 21:22:50 Invalid user test from 181.25.160.99
Jan 14 21:22:54 Invalid user admin from 181.25.160.99
[...]
Jan 14 21:23:24 PAM 8 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.25.160.99

A whois lookup of IP address 181.25.160.99 shows that it is part of a network hosted in Buenos Aires, Argentina.

Your careful work in CST8207 is critical to preventing these types of attacks from compromising the machines you control.

3.4 Locked out of the Course Linux ServerIndexup to index

This student did not type his own userid correctly and got his home IP address locked out of the server on Tuesday afternoon:

Jan 16 14:30:05 Invalid user XXXXXXXX from 70.29.53.248
Jan 16 14:30:23 Failed password for invalid user XXXXXXXX from 70.29.53.248
Jan 16 14:30:32 Failed password for invalid user XXXXXXXX from 70.29.53.248
Jan 16 14:30:49 Failed password for invalid user XXXXXXXX from 70.29.53.248
Jan 16 14:31:23 Invalid user XXXXXXXX from 70.29.53.248
Jan 16 14:31:36 Failed password for invalid user XXXXXXXX from 70.29.53.248
Jan 16 14:31:49 Failed password for invalid user XXXXXXXX from 70.29.53.248
Jan 16 14:31:57 Failed password for invalid user XXXXXXXX from 70.29.53.248
Jan 16 14:35:33 refused connect from otwaon1140w-lp130-03-70-29-53-248.dsl.bell.ca (70.29.53.248)

When you are locked out, follow the directions in the notes to get your IP address re-enabled.

3.5 Trying to use privileged commands on the CLSIndexup to index

No, you are not allowed to use privileged commands such as sudo on my Course Linux Server. Use your own Linux virtual machine if you want to play with those commands.

3.6 Bruce Schneier on cyber attacksIndexup to index

https://www.schneier.com/crypto-gram/archives/2017/0115.html

“For decades, hackers have used techniques such as jump hosts, VPNs, Tor and open relays to obscure their origin, and in many cases they work. I’m sure that many national intelligence agencies route their attacks through China, simply because everyone knows lots of attacks come from China.”

Take Notes in Class

Take Notes in Class

Author: 
| Ian! D. Allen, BA, MMath  -  idallen@idallen.ca  -  Ottawa, Ontario, Canada
| Home Page: http://idallen.com/   Contact Improv: http://contactimprov.ca/
| College professor (Free/Libre GNU+Linux) at: http://teaching.idallen.com/
| Defend digital freedom:  http://eff.org/  and have fun:  http://fools.ca/

Plain Text - plain text version of this page in Pandoc Markdown format

Campaign for non-browser-specific HTML   Valid XHTML 1.0 Transitional   Valid CSS!   Creative Commons by nc sa 3.0   Hacker Ideals Emblem   Author Ian! D. Allen