1 CS3695/M6-109 – Network Vulnerability Assessment & Risk Mitigation – Introduction to Unix & Linux

2 Know basic Linux commands, such as: ls, cd,|, more, mkdir, rmdir, touch, rm, cp, su, vi, chmod, w, who, finger Know commands are case sensitive Know the difference between ssh and telnet Introduce vi as an editor Know how permissions work Objectives

3 Linux/Unix What you should know –Linux/Unix commands are arcane and cryptic and often silly looking –Linux command are case sensitive! –Some commands have flags for additional optional control like this: …ls -al or rm -r –You can put multiple commands on the same line: …ls ; pwd –You can auto-complete commands with the tab key –You can correct a bad command with ^^

Linux Distributions

Linux Live CD-ROMs A LiveCD is an operating system (usually containing other software as well) stored on a bootable CD-ROM that can be executed from it, without installation on a hard drive Knoppix Live CDs are widely used in the Linux community It is completely customizable Source: Copyright © by EC-Council EC-Council

6 Connecting to Linux You can telnet or ssh if you want

7 You can get help with the man man for manual pages Windows equivalent: cmd /? cmd –help Windows equivalent: cmd /? cmd –help

Working with Man man [command] –Within man: spacebar/f = forward b = back q = quit / = search forward ? = search backward n = repeat search 8

Reading Files 9 Windows equivalent: type filename Windows equivalent: type filename

10 Linux ls You can list directories with ls Windows equivalent: dir Windows equivalent: dir

11 More on ls Permissions Ownership And group membership Size Date of last Mod Time or year of last Mod Filename Text # of Links First Bit - = file l = link d = directory b = block device (disk drive) c = character device (serial port or terminal)

12 Ownership and Permissions Three levels of ownership and permissions –User –Group –Everyone Within these groups you can specify permissions: Read Write execute File access levels Permissions

13 Who owns what?

14 Change the group association of files and directories chgrp chgrp –R To change the group association of a directory and all of its contents us the –R switch

15 You can change ownership! chown chown –R The –R switch again

16 Change permissions

17 Or Use chmod Or use the chmod command to set the individual levels: --- 7=rwx, 3=-wx, 1=--x

18 Change directories with cd and find yourself with pwd You can change directories and find yourself… –cd to change directory, pwd to display your current directory

19 You can Pipe I/O | and more = one screen at a time Windows equivalent: Same Windows equivalent: Same

20 The redirect > It doesn’t have to go to the screen. Windows equivalent: Same Windows equivalent: Same

21 You can make a directory with mkdir mkdir creates directory Windows equivalent: Same Windows equivalent: Same

22 You can “touch” Make a file with touch Windows equivalent: No real equivalent… Windows equivalent: No real equivalent…

23 You can copy cp is used to copy a file Windows equivalent: copy Windows equivalent: copy

24 You can move files and directories mv is used to move (or rename) a file Windows equivalent: move Windows equivalent: move

25 You can remove files and directories rm and rmdir You must remove everything from the directory to use rmdir Windows equivalent: del Windows equivalent: del

ps ps stands for Process Status –Shows currently running processes –Depending on disto may require a –A to see all processes. 26 Windows equivalent: tasklist If looking for a specific process combine with findstr tasklist | findstr StringValue Windows equivalent: tasklist If looking for a specific process combine with findstr tasklist | findstr StringValue

kill kill is used to terminate a running process Can be used with the optional signal- number for special cases – Some of the more commonly used signals: – 1 HUP (hang up) – 2 INT (interrupt) – 3 QUIT (quit) – 6 ABRT (abort) – 9 KILL (non-catchable, non-ignorable kill) – 14 ALRM (alarm clock) – 15 TERM (software termination signal) 27 Windows equivalent: taskkill taskkill /PID # /F Windows equivalent: taskkill taskkill /PID # /F

awk awk scans each input file for lines that match any of a set of patterns specified The –F option defines the input field separator – An input line is normally made up of fields separated by white space denoted $1, $2, etc –awk -F":" '{ print "User: " $1 “ hash” $2 }' /etc/shadow Gives us user: Student hash: $6jlkfawdp8o7532oiuq5qlijfds Instead of Student:$6jlkfawdp8o7532oiuq5qlijfds:16081:0::: 28 Windows equivalent: No simple equivalent Windows equivalent: No simple equivalent

29 What about that shell? Common Unix shells –Sh: This shell, the original, often called the Bourne shell, not too flexible, great for scripting –Csh and tcsh: The family of shells adds great interactive uses but discards the popular scripting support that sh offers. It favors C “programming” like type syntax –Ksh, bash, zsh: These provide a good mix of scripting and interactive capabilities, bash is very similar to sh and is often referred to as “Bourne again shell”…hence bash Windows equivalent: Command or CMD Windows equivalent: Command or CMD

30 What is my shell? Echo $shell

31 I think you should change your identity su: substitute user –When: to log in as a different user or to start a new login shell To login as a different user –su asr To start a new login shell –su – rharkins {the hyphen will force a new login shell} To return to the previous shell –exit Use su without anything else to get to root (you will be prompted for the root password) –su To perform a single task as root use sudo –sudo tcpdump Windows equivalent: For a command shell: runas /profile cmd Windows equivalent: For a command shell: runas /profile cmd

32 What editor should I use VI: Powerful but very cranky editor. It is universally available, and therefore a good reason to learn it at some time. Literally no help while in the editor so you just have to know it. Two modes…input and command…get used to it. You could …”man vi”…to read help Windows equivalent: edit and notepad NOTE: Both edit and notepad have problems across a network from a command shell Windows equivalent: edit and notepad NOTE: Both edit and notepad have problems across a network from a command shell

33 VI Notice all the nice help you get in this editor!

34 Some VI Help One command to help with vi –As soon as you open vi, use the command :set showmode –This displays which mode you are in…

USE THE vi Cheat Sheet! 35

36 Other Editors PICO: One of the newer UNIX/LINUX editors. Popular because it is easy to use. Usually ships with the pine program…so if you have pine you should have PICO.

37 PICO Much better huh?

38 System info The uname command Windows equivalent: systeminfo Windows equivalent: systeminfo

39 To snoop with who, w, finger Who is logged on to system Windows equivalent: net session Requires admin priv Windows equivalent: net session Requires admin priv

grep is Your Friend grep searches the named input FILEs for lines containing a match to the given PATTERN. By default, grep prints the matching lines –grep –grep host zone.txt 40 Windows equivalent: find Windows equivalent: find

AWK awk - pattern-directed scanning and processing language –scans each input file for lines that match any of a set of patterns specified –each pattern there can be an associated action –Mostly used for pulling out information like grep but allows for more options awk -F":" '{ print "User: " $1 “ hash” $2 }' /etc/shadow 41