COS30015 Lab 1 week1SOL PDF

Preview

Summary

COS30015 Lab 1 week1SOL...

Description

Name: ______________________________________ Student ID:______________

COS30015 IT Security Lab 1 (week 1) In this lab you will investigate Linux commands

1. Red-Hat. 1.1 What is Red-Hat? (Look it up with Google). Don't copy and paste – write down what it is in your own words. Open source community supported version of Red Hat enterprise Linux (production grade server)

1.2 Using a web browser, go to https://feenix.swin.edu.au/help/ (a) What is Mercury? Hint: it is NOT the mail server in XAMPP! Swinburne’s Red-Hat server for ICT students (b) Mercury does not support Telnet. What command must you use to get secure terminal access (login) to Mercury? Ask around. Putty (from windows) or ssh (from Linux) Uses SSL encryption (PKI public key crypto) to authenticate server and encrypt traffic. Uses port 22 instead of 23 (c) How is it different to Telnet? (d) What version of Red-Hat is Mercury running? (e) What is the URL of Mercury? mercury.swin.edu.au

1.3 Install and open Swinburne VPN Cisco AnyConnect from: https://vpn.swin.edu.au/+CSCOE+/noportal.html Using Putty, log in to Mercury Your username is s1234567 where 1234567 is your student ID. Your password will be your SIMS password. Call 9214 5000 if you lock yourself out.

COS30015 Lab 1 (week 1)

Page 1

Name: ______________________________________ Student ID:______________ When you log in, read the banner. What version of Red-Hat is Mercury running? ---no banner? try cat /etc/redhat-release (Redhat only) or cat /etc/issue (The version may change due to regular upgrades.)

1.4 What do the following commands do? (Write down the answers here or in a notebook) After running the command, try --help man or info for more information. Typing q will get you out of the manual. Or try Google (keyword + 'linux') ls ls –l Directory listing – what files and folders are there. -l is a long list (ownership, permissions, dates) pwd Google can tell you what pwd stands for - look for the wikipedia entry. ps ps -al

print working directory – shows which folder we are in

process statistics – list processes (programs, threads) running and PIDs

cd / cd cd ~ cd ..

COS30015 Lab 1 (week 1)

Change directory. / is root folder, is home folder, ~ is home folder, .. is up one folder

Page 2

Name: ______________________________________ Student ID:______________ uname uname –a Names of operating system, name and version numbers of OS components

df df –hi disk information – drives, partitions, sizes, %full

echo $PATH echo $Path Is Linux case sensitive? The current search path – where commands will be looked for when issued.

history history | more history –c

yes

previous commands used by this user. more shows one page at a time. -c clears the history Try a ping command: ping opax.swin.edu.au Sends an ICMP packet to a server, and counts the hops and travel time

What does it do? Use CTRL + C to stop the pings What is the IP address of opax?

1.5 More advanced commands: dig telstra.com DNS lookup

nslookup telstra.com DNS lookup

netstat netstat | grep CONNECTED netstat | grep ESTABLISHED Shows current TCP, Unix and UDP “connections” and listening ports COS30015 Lab 1 (week 1)

Page 3

Name: ______________________________________ Student ID:______________ /usr/sbin/lsof list of open files and the various users on the system using them

Note: Executables in Linux have no extensions. zip files have tar or gz extensions To run a program, type it's name. If it is in the current directory, type ./name Try these commands to find the ifconfig program: locate ifconfig which ifconfig find / -name ifconfig You can get rid of the error messages this way: find / -name ifconfig 2>/dev/null You must type the instructions EXACTLY as shown. Spaces matter in UNIX/LINUX Where is ifconfig? What does ifconfig –v show? /sbin/ifconfig host IP and MAC addresses (of Mercury) 1.6 Type in the following command: who whoami Who is logged in at the moment? jhamlynharris? many others from ITS, many students

Even though we can’t Telnet into Mercury, we can Telnet from the host PC to other servers. From the host PC (with Win10), open a command shell (+R cmd ) Try this command telnet opax.swin.edu.au Try logging in with your 7 or 10-digit student number and your SIMS password. It’s the internet in the 1990’s From there you can telnet to another server and so on… all around the world.

2. Kali Linux VM: Kali is a custom Debian Linux distribution pre-loaded with a variety of penetration and security testing tools.

COS30015 Lab 1 (week 1)

Page 4

Name: ______________________________________ Student ID:______________

2.1 Start the VM (Start/VMLauncher/COS30015/Kali with local network) You don't have an account on this Linux server, but you can use the root account. username

Select Other log in as root toor

password Open a console window:

2.2 Try out these commands: smbstatus What does it do? shows network shares (samba shares) - mapped drives none at the moment. This command is disabled on Mercury top What does it do? (type q to quit) process list, memory use, CPU use in order

history Shows recent commands

ls ls –l ls -al

List files, long list files (details), list for all users

How many files are directories? (look for d )

/root Type pwd to see where you are. Is this location in the search path? (echo $PATH)

12

no

2.3 To create a text file: cat > hello echo Hello World! Ctrl+C

//where hello is the name of a new file //...type stuff into hello //stop

COS30015 Lab 1 (week 1)

Page 5

Name: ______________________________________ Student ID:______________

To see what's in a file: cat hello To run the file, you must first set its executable bit: chmod +x hello Now run it: Type the name of the file: hello no Doesn't work? Use file hello to see what sort of file it is.

Linux does not use file extensions to determine file type. There are no .exe files in Linux. Linux uses commands like chmod to set permissions which include read, write and execute. Any file can be marked as executable, but only files which contain recognisable bash script or compiled code will actually run. Type this to add exe rights to a file: chmod +x

Linux uses the search path (type echo $PATH to see it) to decide where an executable program can be found. Preceding a program with ./ tells Linux to ignore the search path and run the program found in the current directory. Try: ./hello

it works Doesn't work?

rm -i (delete the file) You can also create an empty file this way: touch try this: touch hello1.asm 2.4 Edit the file: vi hello1.asm

vi (vim) is useful to know because it's really old and EVERY version of Linux and Unix has it

Kali also has Leafpad - a GUI vi commands: editor similar to notepad.exe or I - toggle between insert and replace mode - go back to command mode or - delete characters : - enter a command e.g. :w - write file :q - quit file :wq - write and then quit a file

COS30015 Lab 1 (week 1)

Page 6

Name: ______________________________________ Student ID:______________ Try editing hello1.asm with leafpad. You can start it from the command line: leafpad hello1.asm

Add in this code:

This is assembly language (AT&T syntax). _start is the main(), %eax if the function (system) call number (syscall). the movl lines are loading parameters. int calls the "syscall".

.section .data text: .ascii "Hello assembly\n\0" .globl _start _start: movl $4, %eax movl $0, %ebx movl $text, %ecx movl $16, %edx int $0x80 movl $1, %eax int $0x80

$4 means write(…) $1 means exit()

:wq to save Assemble: as -o hello1.s hello1.asm Link: ld -o hello1 hello1.s

Explain the command syntax here: as -o ld -o

Set permission: chmod +x hello1 Run: ./hello1 What type of file is this? Try file hello1

ELF 32bit LSB exe, Intel 80386

2.5 Linux Directories are equivalent to Windows folders. mkdir rmdir

2.6 Which of these commands can you access? Write down what they do. locate ifconfig

these all find files on the computer. which finds commands. updatedb updates the file location database locate finds all files (too much),

COS30015 Lab 1 (week 1)

find -name finds exact match which finds the path used for a command

Name: ______________________________________ Student ID:______________ updatedb & find find / -name ifconfig find / -name msf > temp && more temp (this takes a while) which ifconfig If you were refused permission, you could try 'su' (substitute user) to escalate your privileges to root. the root password type in su root toor (logs you in as a the root user) sudo allows you to run root commands as a temporary root user.

Note: su is not a user name. It only works after you have logged in. It changes your current user name to root (default) or whatever you type after su. e.g. su -changes you to root, su jim – changes you to jim. You still need the password.

You need to type in your non-root password.

3. Shut down 3.1 Try these: exit - logs you out of the su shell (halt - shuts the Linux VM down. –but this leaves the VM running with the OS shut down. Then use the VMWare menu - Player – Power – Shut down guest. Not so good) While in Linux, try poweroff – the best way to shut down halt –p does the same as poweroff. If poweroff doesn't work, try sudo poweroff 3.2 If you get this: There are stopped jobs. You have left a process running – use ps –l to see what it is

the process that is still running

then type

COS30015 Lab 1 (week 1)

Page 8

Name: ______________________________________ Student ID:______________ fg

where is the name of the process you started (what you typed to run it)

to bring the process into the foreground. e.g. fg cat Stop it the correct way: Ctrl+C for most programs

look for this If this doesn't work, use ps to get the PID number, and try kill where is the PID of the process you want to kill

4. NETWORKING without DNS (optional: try after the lab) Instructions for testing your HOSTS file: 1. You will need to have the DNS client service running in Windows, and administrator access (to \windows\system32). 2. If you want to use HOSTS to map a public site, you may have to bypass your ISP's proxy which may cache DNS replies. Change your browser settings to "no proxy" or "direct connection" or something similar. If it is a site on your ISP's domain or your own domain, the proxy server will not be used. 3. Open a console window (START Run cmd) and ping a domain you want to create a hosts entry for. 4. Note the IP address. 5. Open C:/Windows/system32/drivers/etc/HOSTS (XP/Vista, Win7, 8) in a text editor. You may need to run as… Administrator to do this. 6. Scroll down to the bottom of the file and type in the IP address followed by the fully qualified domain name (e.g. host.domain.com), or the short version you want to use. 7. Save the file 8. Refresh the local DNS service cache: ipconfig -flushdns 9. Open a browser and type in the domain name or the short version and see if it takes you there. You should be redirected to the IP address you added to the HOSTS file. Try pinging a blocked site to get its IP address. Add it to your hosts file to see if you can bypass the blocked list.

COS30015 Lab 1 (week 1)

Page 9

Name: ______________________________________ Student ID:______________ To use your HOSTS file to block domains, add the loopback address 127.0.0.1 followed by the domain name to your HOSTS file.

If it doesn't work, you probably have Windows 8.0. I'm sorry.

host/ domain name:

IP you will get it to redirect to:

COS30015 Lab 1 (week 1)

Page 10...