cs 468: advanced unix class 6
DESCRIPTION
CS 468: Advanced UNIX Class 6. Dr. Jesús Borrego Regis University. Topics. IA Lab visit was scheduled for today; attempting to reschedule for next week Review of Homework 4 Managing Devices Security Homework 5 Q&A. New disk installation. - PowerPoint PPT PresentationTRANSCRIPT
![Page 2: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/2.jpg)
Topics
•IA Lab visit was scheduled for today; attempting to reschedule for next week
•Review of Homework 4•Managing Devices•Security•Homework 5•Q&A
2
![Page 3: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/3.jpg)
![Page 4: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/4.jpg)
New disk installation
•Attach the drive and reboot to allow system to recognize it ▫sudo fdisk -l
•Partition disk if required▫cfdisk, fdisk, sfdisk, parted, gparted
•Allocate space to the partition without installing a file system▫Note the device name (something like
/dev/sdc1)
4
![Page 5: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/5.jpg)
New disk installation (Cont’d)•Prepare for use:
$ sudo pvcreate /dev/sdc1•Create volume group (vgname)
$ sudo vgcreate vgname /dev/sdc1•Create logical volume
$ sudo lvcreate –l 100%FREE –n volname vgname
•Create file system:$ sudo mkfs –t ext4 /dev/vgname/volname
5
![Page 6: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/6.jpg)
New disk installation (Cont’d)•Create mount point:
$ sudo mkdir mountpoint•Set mount opt, mntpoint:
$ sudo vi /etc/fstab•In /etc/fstab add a line from an existing
file system and modify it•Mount the file system
$ sudo mount mountpoint
6
![Page 7: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/7.jpg)
![Page 8: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/8.jpg)
Hard disks
8
![Page 9: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/9.jpg)
Solid State Disks
9
Source: http://www.ibmsystemsmag.com/power/infrastructure/storage/SSD_benefits/Internal-Structure-of-an-SSD/
![Page 10: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/10.jpg)
Solid State Array Architecture
10 Source: http://www.anandtech.com/show/2738/5
![Page 11: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/11.jpg)
Storage Interfaces
•ATA (Advanced Technology Attachment, aka IDE, Integrated Drive Electronics): hardware controller inside the disk. Has been improved
•PATA (Parallel ATA): disks are connected to motherboard with 40/80 conductor cable
•SATA (Serial ATA): successor of PATA, higher transfer rate, simpler connectivity, hot swapping, optional command queuing
11
![Page 12: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/12.jpg)
Storage Interfaces (Cont’d)
•SCSI (Small Computer System Interface): Not as popular but has a long installation base, allows for multiple disks on a bus, daisy chained
•FC (Fibre Channel): Serial interface for enterprise environments with high speed (fiber)
•USB (Universal Serial Bus) and FW (FireWire): popular for external hard disk connectivity
12
![Page 13: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/13.jpg)
![Page 14: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/14.jpg)
Storage Software
•Unix disk installation is more complex than Windows (plug-and-play)
•See Exhibit B on page 221 (next slide)•Storage device- anything that looks like a
disk•Partition- fixed subsection of a disk; acts as
an independent device•RAID Array- combines multiple devices into
one virtualized device•Volume/Logical volumes- subdivision of disks
14
![Page 15: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/15.jpg)
![Page 16: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/16.jpg)
![Page 17: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/17.jpg)
Attachment
•After connecting the disk, the OS will acknowledge its existence if everything is OK
• Initial POST will detect the disk and list its characteristics
•See example on page 223 of USAH•The new disk will have devices files in /dev•Make sure you know the correct device
when you format
17
![Page 18: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/18.jpg)
![Page 19: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/19.jpg)
Formatting
•All hard disks are preformatted at the factory
•No need to perform a low-level format•Formatting writes address information
and timing marks on the platter▫Indicates sector limits▫Also indicates bad blocks
•Any bad blocks found afterwards may or may not be handled automatically
19
![Page 20: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/20.jpg)
![Page 21: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/21.jpg)
Partitioning
•Partitioning is the lowest level of disk management
•Partitioning divides a disk into separate areas of known size
•Traditional Partitioning: writes a “label” at the beginning of the disk to define blocks included in the partition
•The device driver responsible reads the label and uses table to calculate location of each partition
21
![Page 22: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/22.jpg)
Sample Partitions
22
![Page 23: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/23.jpg)
RAID
•RAID: Redundant Arrays of Inexpensive(independent) Disks
•Distributes/replicates data across multiple disks
•Intent is to avoid data loss and minimize downtime, increasing performance
•Software and Hardware RAID: different issues
•Different RAID levels
23
![Page 24: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/24.jpg)
RAID Levels
•The RAID levels specify the exact details of parallelism and redundancy implemented in the array
•Levels refer to the configuration•The higher levels do not necessarily mean
faster or better▫Depend on the application
24
![Page 25: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/25.jpg)
Linear Mode
•Also known as JBOD (Just a bunch of disks)
•Not really RAID•Concatenates the block addresses of
multiple drives to create the illusion of single, larger virtual drive
•There is no data redundancy or performance benefit
25
![Page 26: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/26.jpg)
RAID Level 0
•Used to increase performance•Combines two or more drives of equal
size with stripes alternating between them
•Decreases write and access time•Reliability is inferior to separate disks•Two disks have double the failure rate of
a single drive, for example
26
![Page 27: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/27.jpg)
27
![Page 28: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/28.jpg)
RAID Level 1
•Also known as Mirroring•Writes are duplicated to two or more
drives at the same time•Slower writing•Reads are similar to RAID 0•Prevents data loss when a disk fails
28
![Page 29: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/29.jpg)
![Page 30: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/30.jpg)
RAID 0+1 and 1+0
•Stripes of mirrors or mirrors of stripes•Logical concatenation of RAID 0 and RAID
1•Attempts to obtain performance of RAID 0
and the redundancy of RAID 1
30
![Page 31: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/31.jpg)
![Page 32: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/32.jpg)
RAID 5
•Stripes both data and parity information•Adds redundancy •Improves read performance•More efficient use of disk space than
RAID 1
32
![Page 33: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/33.jpg)
33
![Page 34: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/34.jpg)
RAID 6
•Similar to RAID 5 with two parity disks•RAID 6 can withstand complete failure of
two drives without losing data
34
![Page 35: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/35.jpg)
Disk Failure Recovery
•JBOD and RAID 0 do not help with disk failure•Data must be recovered manually from
backups•Bad disks must be replaced with new ones as
soon as possible•Once the new disk is replaced, data must be
written to new disk▫Not a very fast operation
•Can designate “hot spares” drives to allow swapping of drives when failure occurs
35
![Page 36: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/36.jpg)
RAID5 Drawbacks
•RAID 5 is very popular but has disadvantages•Does not replace regular offline backups• Just protects the system against disk failures•Does not protect against controller failures,
hackers, fires, or other hazards•Does not have great write performance•Prone to corruption•“Write hole”: cannot guarantee that the
blocks are properly updated
36
![Page 37: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/37.jpg)
Logical Volume Management
•Want to manage space in a partition at different times
•Groups storage devices into volume groups•The blocks in the volume group are allocated
to logical volumes – act as disk partitions•Logical volumes are more flexible and
powerful•Logical volumes provide many useful
operations
37
![Page 38: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/38.jpg)
Logical Volume Operations
•Move logical volumes among different physical devices
•Grow and shrink logical volumes on the fly•Take copy-on-write “snapshots” of logical
volumes•Replace on-line drives without interrupting
service• Incorporate mirroring or striping in your
logical volumes
38
![Page 39: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/39.jpg)
![Page 40: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/40.jpg)
File Systems
•After the partitions are set up, we need to load the file system
•UFS: Unix File System•The file system was removed from the
kernel▫To abstract the implementation
•Many file systems are available•See examples in the book (pp. 255-264)
40
![Page 41: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/41.jpg)
Storage Area Networking
•Lower-level system for abstracting storage•Network storage appears as local storage•Clients must provide own file system
implementation to use SAN•SAN can be used for swap areas that do
not require a full blown file system•Not typically used to share files, but to
replace hard disks with centralized storage area
41
![Page 42: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/42.jpg)
![Page 43: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/43.jpg)
Operating System Security
•No OS is 100% safe•Best we can hope is to make our OS
resistant to attack•Architecture stresses easy manipulation
of data in a networked, multiuser environment
•Applications on the OS are developed by many vendors▫Can introduce security vulnerabilities
43
![Page 44: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/44.jpg)
Security Threats
•Social Engineering•Operating System vulnerabilities•Application software vulnerabilities•Configuration Errors•Unpatched software•Attachments in emails•Inside threats
▫Disgruntled employees▫Lack of security policy enforcement
44
![Page 45: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/45.jpg)
Security Tips
•Patch software•Detect and remove unnecessary services•Secure hosts for remote logging•Frequent and proper backups•Virus and worm protection•Trojan Horses, Rootkits•Packet filtering•Vigilance•Intrusion Detection Systems
45
![Page 46: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/46.jpg)
Pluggable Authentication Modules•PAM provides flexible modular control
over authentication tasks•System authentication routines are stored
in a shared library that can be used by applications▫Accessible to programmers also
•Can integrate advances in security into a single location
46
![Page 47: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/47.jpg)
![Page 48: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/48.jpg)
Setuid programs
•Setuid programs are run as the user that owns the executable file
•Programs that run setuid create security issues
•Security holes have been discovered in these setuid commands
•Best practice: scan disks at normal intervals to find new setuid programs
48
![Page 49: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/49.jpg)
Effective use of chroot
•Command chroot restricts a process to a specific directory▫No access to other files outside this
directory•Can provide a false sense of security if not
understood well•Does not relieve administrators from
exercising due diligence in security matters
49
![Page 50: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/50.jpg)
Security Tools
•Nmap: network port scanner
50
![Page 51: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/51.jpg)
Security Tools (Cont’d)
•Nessus: Next generation network scanner
51
![Page 52: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/52.jpg)
SnortIDS
52
![Page 53: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/53.jpg)
Others
•John the Ripper (JTR): Finder of insecure passwords
•Bro: programmable network intrusion detection system
•OSSEC: Host based intrusion detection system
•Wireshark: Network packet analyzer
53
![Page 54: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/54.jpg)
MAC
•Mandatory Access Control is an alternative to Unix access control system
•MAC does not allow users to change permissions
•Permissions are granted based on sensitivity of resource being controlled
•Users can read or write items of same classification or lower, but not of higher
•Mainly used for classified projects
54
![Page 55: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/55.jpg)
Cryptography
•Kerberos: developed by MIT, uses tickets to validate user access
•PGP: Pretty good privacy – uses encryption tools for files, signatures, and to verify origin
•SSH: secure shell; provides cryptographic authentication between two hosts
55
![Page 56: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/56.jpg)
![Page 57: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/57.jpg)
![Page 58: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/58.jpg)
Firewalls
•Filters unwanted packets from leaving or entering a zone
•Scans packet header to determine if it should be allowed access
•Services listen to a predefined port▫Defined in /etc/services
58
![Page 59: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/59.jpg)
59
![Page 60: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/60.jpg)
Service filtering
•Well-known services are associated with a port
•Ports in the range 1-1023 are “privileged” and can only execute as root
•Ports > 1024 are non-privileged•To start, deny inbound connections
▫Allow one at a time for services you want to allow
60
![Page 61: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/61.jpg)
Stateful inspection firewalls
•Inspects traffic flowing through firewalls and compares with what should be being transmitted
•If you open an ftp port connection, you expect data to flow through that port
•Attempts to connect to other ports are dropped
61
![Page 62: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/62.jpg)
Linux Firewalls
•Netfilter packet-handling engine•Command line tool iptables used to filter
network traffic▫Default table: filter▫Consists of chains of rules to filter traffic▫Filter contains three default chains:
FORWARD, INPUT, OUTPUT▫Each packet passes through one of these
chains•Other tables: nat and mangle
62
![Page 63: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/63.jpg)
Linux Firewalls (Cont’d)
•Nat contains chains of rules to control Network Address Translation (NAT)
•Mangle contains chains of rules that modify or alter the contents of network packets outside of NAT
•Mangle is used for special handling, but not typically used in production environments
•USAH pp. 938-939 contain a complete example
63
![Page 64: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/64.jpg)
![Page 65: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/65.jpg)
IPFilter
•Most Unix vendors do not have firewall software▫But can add to the system
•IPFilter is an open source package to supply NAT and stateful firewall services for Unix▫Included in many distributions, and in Linux
•It reads filter rules from configuration file•If multiple matches are found, the last one
wins
65
![Page 66: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/66.jpg)
![Page 67: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/67.jpg)
![Page 68: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/68.jpg)
Sources of Security Information
•CERT: Computer Emergency Response Team, by Carnegie-Mellon University
•SANS: Professional organization sponsoring security conferences and training programs
•ISSA: Information Systems Security Association, a professional organization
•ISACA: Information Systems Audit and Control, a professional organization in areas of governance and compliance
68
![Page 69: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/69.jpg)
Installation of Software and Devices•UPU pp641-643
69
![Page 70: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/70.jpg)
Installing Software
•Installed software is typically in /usr/local▫Indicates not from distribution▫Vendors installed in different locations
•Two ways to install software:▫1. create directory and copy all there
(/opt/pianoman)▫2. create directory and copy software
there, but configuration files in a central location (/usr/local/pianoman)
•Impact: PATH modifications
70
![Page 71: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/71.jpg)
Installation best practices
•Allow user to change location▫Avoid hard coding locations
•Use common installation packages (tar, cpio)▫Exist in most versions of Unix▫Can use distribution’s provided packages
Advantage: these are typically better in functionality
Disadvantage: you are tied to that distribution and may have to develop multiple installation packages
71
![Page 72: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/72.jpg)
Installation of Devices
•Install device driver•Determine device’s major and minor
numbers•Use mknod to associate a filename
in”/dev” with the new device▫mknod creates special file in the file system
Can create character or block oriented special file
Can create a named pipe See page 642 in UPU
72
![Page 73: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/73.jpg)
Installation of Terminal Files
73
Name Description
/etc/termcap or /etc/terminfo
Encoded list of every standard terminal’s capabilities and control codes. The Unix editors use the value of the environment variable $TERM to index into this file and fetch your terminal’s characteristics
/etc/sys A list of every terminal on the system, together with the program that should be associated with it when the system is initialized (usually ‘getty”). If the terminal’s type is constant and known, that information is also included
/etc/gettyttab A list of baud rate information that is used by “getty” in determining how to listen to a login command
Figure 15.12. Unix system files containing information about terminals
![Page 74: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/74.jpg)
![Page 75: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/75.jpg)
Network Troubleshooting
•Most used protocol is TCP/IP•Troubleshooting tools are available to
troubleshoot a network•Sample tools: ping, arp, traceroute,
netstat, tcpdump, Wireshark•Understand network protocols
75
![Page 76: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/76.jpg)
Ping
•Simple to use, but useful to detect connectivity problems
•Submits ICMP ECHO_REQUEST packet to a host and waits to see if the host replies
76
![Page 77: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/77.jpg)
SmokePing
•An open source tool used to keep ping packets over time
•Displays the history of each monitored link using front end
•Documents the round trip time of pings over time
•Spikes show transit times of individual packets
77
![Page 78: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/78.jpg)
![Page 79: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/79.jpg)
Traceroute
•Displays the sequence of gateways from which a packet traverses to its destination
•All OS contain a version of traceroute•Syntax:
▫traceroute hostname
79
![Page 80: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/80.jpg)
80
![Page 81: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/81.jpg)
Windows tracert
81
![Page 82: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/82.jpg)
Netstat: network statistics
82
![Page 83: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/83.jpg)
Netstat options
83
![Page 84: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/84.jpg)
![Page 85: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/85.jpg)
Packet Sniffers•Examples: Tcpdump and WireShark
85
![Page 86: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/86.jpg)
![Page 87: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/87.jpg)
Network Management Protocols•SNMP: Simple Network Management
Protocol•Organized in a standard hierarchy•Manager relies on agents to provide
information•Device configuration is stored in a MIB
(Management Information Base)•Attributes are called OIDs (Object Identifiers)•Has simple commands: get next, trap, set,
getnext
87
![Page 88: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/88.jpg)
![Page 89: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/89.jpg)
![Page 90: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/90.jpg)
![Page 91: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/91.jpg)
![Page 92: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/92.jpg)
![Page 93: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/93.jpg)
![Page 94: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/94.jpg)
Homework 5•Download nmap from http://nmap.org•Review the nmap documentation there•Perform a scan of www.regis.edu•Perform a scan of your localhost (172.0.0.1)•Capture the scan and save it to a file•Write a report discussing your findings•Visit the nmap documentation portal and
review the Nmap Reference Guide for more information
94
![Page 95: CS 468: Advanced UNIX Class 6](https://reader034.vdocument.in/reader034/viewer/2022051316/56814a67550346895db78323/html5/thumbnails/95.jpg)
Questions?
95