Basic UNIX and LINUX Concepts

9

Introduction to UNIX and LINUXby Nitin Kanoija

UNIX is a multiuser operating system which is available in many flavours like Oracle Solaris, HP UNIX, IBM AIX, Free BSD, and MacOS. It was developed by Ken Thompson and Dennis Ritchie at AT&T Bell Laboratories in the late 1960′s. In 1978 AT&T’s UNIX seventh edition was split off into Berkeley Software Distribution (BSD).This version of the UNIX environment was sent to other programmers around the country, who added tools and code to further, enhance BSD UNIX.

The most important enhancement made to the OS by the programmers at Berkeley was adding networking capability. This enabled the OS to operate in a local area network (LAN). In 1988, AT&T UNIX, BSD UNIX, and other UNIX OSs were folded into what became System V release 4 (SVR4) UNIX. This was a new generation OS, which became an industry standard. The new SVR4 UNIX became the basis for not only Sun and AT&T versions of the UNIX environment, but also IBM’s AIX and Hewlett-Packard’s HP-UX.

UNIX was constructed with following mechanism:

KernelKernel is the core/heart of OS and responsible for all the processing in computer. It manages all the physical resources of the computer including filesystems, CPU, memory, etc.

ShellShell is a command interpreter and act as an interface between the system and the user. Shell accepts the command and pass is to the kernel, which further executes the command. In Oracle Solaris 11 and Oracle Enterprise Linux the default shell is bourn again shell, which is also known as bash.

File SystemFile system is a logical collection of a file and directory on a partition or a disk. It has a root directory, which further contains all files and directories in an operating system. The root directory is identified as /. Each file or directory is identified by its name and a unique identifier known as Inode number.

Figure 1. Directory structure

Basic UNIX and LINUX Concepts

10

ProcessEvery program you run or execute in UNIX/Linux creates a process. When you log in to the system and start the shell. Several processes will be started, depending on the associated programs in login shell. Whenever you execute in command in the shell, it will start a process. And a process can further start another process. In that case the process which has started another process will be known as a parent process. You can use following commands in UNIX/Linux to monitor and manage the process: Ps, top, prstat, pgrep.

Solaris and HP UNIX are widely used flavours of UNIX. Since` UNIX was developed, many features and tools have been added to different flavours of UNIX. Like Journaling file system, ZFS, DTrace, enhanced packaging system like IPS, Solaris Volume manager (which was earlier know as Solstice Disk Suite).

What is Linux?Linux is a UNIX like operating system that evolved from a kernel created by Linus Torvalds when he was a student at the University of Helsinki. When Linus Torvalds was studying at the University of Helsinki, he was using a version of the UNIX operating system called ‘Minix’. Linus and other users sent requests for modifications and improvements to Minix’s creator, Andrew Tanenbaum, but he felt that they weren’t necessary. That’s when Linus decided to create his own operating system that would take into account users’ comments and suggestions for improvements. The main component of Linux is Linux kernel. The first Linux kernel was released by Linus Torvalds on 5th October 1991.

Figure 2. Linus Torvalds

Late in 1991, Linus Torvalds had his kernel and a few GNU programs wrapped around it so it would work well enough to show other people what he had done. And that’s what he did. The first people to see Linux knew that Linus was on to something. At this point, though, he needed more people to help him. Here’s what Linus had to say back in 1991.

People all over the world decided to take him up on it. At first, only people with extensive computer programming knowledge would be able to do anything with that early public version of Linux. These people started to offer their help. The version numbers of Linux were getting higher and higher. People began writing programs specifically to be run under Linux. Developers began writing drivers for different video

Basic UNIX and LINUX Concepts

11

cards, sound cards and other gadgets inside and outside your computer could use Linux. Nevertheless, throughout most of first part of the 1990’s Linux did not get out of the ‘Expert’ level stage. Expert is a term that has evolved to mean anyone who has special expertise in a particular subject. That is, you had to have special expertise in how computers worked to be able to install Linux in those days. Linux, at first, was not for everyone.

Linux was initially developed as a free Operating system for x86 based computers. It was then developed further for more computer hardware platforms. It is one the leading operating systems on Servers, such as mainframe computers and super computers. Programmers around the world contribute to add more features to different flavours of Linux. Because Linux is an open source operating system, programmer can use the source code and develop their own Linux flavour. Different Linux can be downloaded from number of websites such as:

Centos (www.centos.org)

Fedora (www.fedoraproject.org)

Redhat (www.redhat.com)

SUSE (www.suse.com)

Ubuntu (www.ubuntu.com)

Figure 3. Centos

Who should use UNIX/Linux?Companies or system administrators, who have big servers in their environment and need stability, scalability, security and high performance for their servers they should use UNIX/Linux operating systems. UNIX/Linux operating system uses very less resources in comparison to any other operating systems. UNIX/Linux has got many enhanced security features like SELinux, IP tables, TCP wrappers, ACLs, Dtrace and many more.

How to start terminal in Oracle Solaris 11?To open a terminal window in Oracle Solaris 11, right click on the „Desktop” and left click on ‚Open Terminal’ option in the menu.

http://www.centos.org/http://www.fedoraproject.org/http://www.redhat.com/http://www.suse.com/http://www.ubuntu.com/

Basic UNIX and LINUX Concepts

12

Figure 4. Oracle Solaris 11 Desktop Menu

An Oracle Solaris 11 Terminal window will then appear with a $ prompt, then you can start entering the commands.

Figure 5. Terminal window

Basic UNIX and LINUX Concepts

13

Oracle Solaris 11 Desktop:

Figure 6. Oracle Solaris 11 Desktop

Installation Options for Oracle Solaris 11 (Flavour of UNIX)You have several alternatives for where to install Oracle Solaris 11:

• Inside a virtual machine on top of your existing operating system

• On the bare metal (physical machine) as a standalone operating system

• On the bare metal alongside your existing operating system(s) (multiboot / dual boot scenario)

Installing Oracle Solaris 11 inside a Virtual Machine with Live CDThe easiest way to start using Oracle Solaris 11 is to install it into a virtual machine on top of host operating system running on physical machine. Figure below shows Oracle Solaris 11 installed on Apple OS X using Oracle VM Virtual Box.

Basic UNIX and LINUX Concepts

14

Figure 7. Oracle Solaris on Apple OS X

Oracle Solaris 11 will recognize the virtualized devices that the virtual machine provides. If you run Oracle Solaris 11 in full-screen mode, you might actually forget that there’s another operating system running behind.

The one drawback to this approach is that you need enough memory to run two operating systems simultaneously – a minimum of 2 GB is recommended for good performance. You should also allow a minimum of 7 GB of disk space to install the operating system in virtual machine.

Oracle VM VirtualBox is a free-to-download virtualization application that can run on Microsoft Windows, Apple OS X, Linux, and Oracle Solaris x86 as host platforms, and supports most of the flavour of Linux like Redhat & Oracle Enterprise Linux as guest OS. It also supports Oracle Solaris as one of its many guests. Oracle makes it easy to try this approach by offering a number of preinstalled virtual machines for Oracle VM VirtualBox as appliances and VM templates that are focused towards a specific use, for example, to evaluate the developer tools that are available on Oracle Solaris 11.

After you have booted off the Live Media, the installation process is straightforward. Simply click the Install Oracle Solaris icon on the desktop to launch the graphical installer, shown in Figure 8.

Figure 8. The Oracle Solaris 11 Graphical Installer

Basic UNIX and LINUX Concepts

15

As you can see from above Figure, the installation process is simple and asks some basic questions before installing a fixed set of packages. After Oracle Solaris has successfully been installed, you can easily customize the installation by using the Package Manager.

After the installation process is complete, you can reboot into your new Oracle Solaris environment or review the Oracle Solaris installation log, as shown in Figure 9.

Figure 9. Reviewing the Installation Log

Now you are ready to lounche your work.

About the AuthorNitin Kanoija has 8+ years of experience in IT industry with core expertise in Unix/Linux and Veritas. He is currently working as Senior Corporate Trainer with Koenig Solutions Ltd. Nitin posses vast experience on Unix/Linux, Oracle Virtualization & Clustering technologies and has also handled several projects which demand in-depth knowledge of Unix/Linux and clustering. Nitin is Sun Certified System Administration Certification (SCSA) & Sun Certified Network Administration Certification (SCNA).

CoverTable of ContentsDear PenTest Readers,Introduction to UNIX and LINUXInstallation Options for Oracle Solaris 11 (Flavour of UNIX)

Introduction to Unix KernelAnatomy of a processIn SummarySystem calls

UNIX BasicsHistory Of UnixWhat Is Unix?Unix Basics – StructureDirectory StructureDesign: An Extensible KernelAccessing A Unix SystemThe Unix ProcessesSignalsConsoleDumb TerminalsSmart TerminalsNetwork-Based Access ModesSHELLSShell scriptsDirectory CommandsThe Unix File SystemConclusion

Unix Basics – for Security ProfessionalsKey Functionalities of UNIX Operating systems

Basic Buffer Overflow Exploitations and Local Attacks Under the Linux EnvironmentPrerequisitesLimitationsIntroductionBasic Linux AttacksBasics of Local AttacksBuffer Overflow Attacks on Stack and Heap: Control HijackingFurther ReadingBonus

Automation and ScriptingWhat is Scripting?Shell ScriptingBasic Input/Output OperationsFlow ControlSystem VariablesRegular ExpressionsUseful Commands

Introduction to Configuring Host-based Firewalls under LinuxThe history of host-based firewall options with in LinuxStarting from the Beginning. Linux IptablesMaking life easier. UFW and Ubuntu The new kid on the block. Fedora’s firewalldConclusion

Logic Value Management from ZeroPrevious TheoryInstalationConfigurationCrear Filesystem in Logical VolumeLogical Volumen ResizingAdding a New Disk to The System

DNS SecurityDNSDNS Functioning Attacks Specially Directed At The DnsDNS Security Extensions (DNSSEC)DNS Security ThreatsNow We Point Out On Security Implementations (Configurations)Chroot DNS DirectoriesDNS Protection With Ip TablesDNSSEC (DNS Security IN BIND 9)DNSCRYPTConclusion

Securing DNS and Web ServersPlanning your installationCompile from sourceBIND ChrootSecuring BINDSecuring HTTPDConclusion

Security Angle for Open Source OSConfiguration ChecksPatches & PackagesSecure SSH ConfigurationSecuring “xinetd” Network ServicesOther ServicesLoggingFile & Directory PermissionsSystem Access/Authentication/AuthorizationUser Accounts & EnvironmentTry Implementing DNS Secure TransactionAvoiding Security Issues Apache HTTP ServerUp-to-date softwareConclusion

Predicting Security Threats with SplunkBig Data in a NutshellWhat is Splunk?Splunk Search The App Search BarReports and Statistics TabSplunk Search Processing Language (SPL)Splunk Search Command ExamplesSplunk Approach in Security Threats PreventionConclusion

Securing and Hardening the Linux Operating SystemOperating System InstallationFilesystem SecurityPackagesRunning ServicesChecking PermissionsBoot-time SecurityAdditional Process HardeningNetwork Stack HardeningTCP WrappersHost-based FirewallLoggingAccess to cron/atSSH ConfigurationOther Security MattersFurther ConsiderationsConclusion

Job Management Basic/Immediate Job HandlingDelayed (Batch) Job HandlingScheduling JobsScriptingConcurrencyLoggingConclusion

Signals and Interrupt HandlersHow do we send a signal to a process?What is an interrupt mask?Conclusion

Privacy and Anonymity Techniques Today. The Internet is a Serious Business TORVPN SERVICESSINGING UPWhat To Look For Where To Go

ISO 27001:2013 What Has Changed?The differences between ISO 27001:2005 and ISO 27001:2013How to move from ISO 27001:2005 to 27001:2013Conclusion