Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
218 Cards in this Set
- Front
- Back
|
What is vi? |
Vi is a screen–oriented text editor originally created for the Unix Operating System.
|
|
|
Where is the name vi derived from?
|
The name vi is derived from the shortest unambiguous abbreviation for the command visual in ex.
|
|
|
What is the hot–key in vi to, from the current cursor location, delete the remainder of the line?
|
Capital D.
|
|
|
What is the hot–key in vi to insert an empty line below current line?
|
Lowercase o.
|
|
|
What does :r filename do in vi?
|
Insert a file after the current line.
|
|
|
What is the File Management Command in vi to write any changes made to the file?
|
:w
|
|
|
What is the File Management Command in vi to write any changes and quit the document?
|
:wq
|
|
|
What is the File Management Command in vi to write quit without writing any changes to the document?
|
:q!
|
|
|
How do you enter Input Mode in vi?
|
The enter this mode, you must hit "i" in command mode.
|
|
|
How do you exit Input Mode in vi?
|
To exit this mode, you must hit "esc", this will bring you back to command mode.
|
|
|
List any options the command has, and what it's purpose is: ls.
|
Options: –l, –a, –R
Purpose: To list the contents of directories. |
|
|
List any options the command has, and what it's purpose is: history.
|
Options: N/A
Purpose: Lists the history of the commands typed in our terminal. |
|
|
List any options the command has, and what it's purpose is: grep.
|
Options: N/A
Purpose: Grep reads either an input file or standard input and matches patterns. |
|
|
List any options the command has, and what it's purpose is: ifconfig.
|
Options: –a, up, down
Purpose: Configures network interfaces on the system. |
|
|
List any options the command has, and what it's purpose is: sudo.
|
Options: N/A
Purpose: Used to perform an action as a super user. |
|
|
List any options the command has, and what it's purpose is: mkdir.
|
Options: N/A
Purpose: Used to create a directory. |
|
|
List any options the command has, and what it's purpose is: touch.
|
Options: N/A
Purpose: Used to update modification times to the current time, also creates empty files if the files do not exist. |
|
|
List any options the command has, and what it's purpose is: cat.
|
Options: N/A
Purpose: Concatenates files and prints on the standard output. |
|
|
List any options the command has, and what it's purpose is: pwd.
|
Options: N/A
Purpose: Prints the name of the current working directory. |
|
|
List any options the command has, and what it's purpose is: cd.
|
Options: N/A
Purpose: Changes directory. |
|
|
List any options the command has, and what it's purpose is: cp.
|
Options: N/A
Purpose: Copies a file from one directory to another. |
|
|
List any options the command has, and what it's purpose is: mv.
|
Options: N/A
Purpose: Moves a file from one directory to another, can also rename a file if no directories are named. |
|
|
List any options the command has, and what it's purpose is: more.
|
Options: N/A
Purpose: Displays contents of a file page lengths at a time. |
|
|
List any options the command has, and what it's purpose is: less.
|
Options: N/A
Purpose: Displays scrollable page lengths of a file a time. |
|
|
List any options the command has, and what it's purpose is: shutdown.
|
Options: –h now
Purpose: Used to shutdown a Linux computer. |
|
|
List any options the command has, and what it's purpose is: logout.
|
Options: N/A
Purpose: Used to logout of an account. |
|
|
List any options the command has, and what it's purpose is: rm.
|
Options: –r, –R
Purpose: Used to remove files or directories. |
|
|
List any options the command has, and what it's purpose is: nano.
|
Options: N/A
Purpose: A text editor that is not native to the CentOS installation. |
|
|
List any options the command has, and what it's purpose is: vi.
|
Options: N/A
Purpose: A programmers text editor |
|
|
List any options the command has, and what it's purpose is: man.
|
Options: N/A
Purpose: Reference manuals located within the Linux installation. |
|
|
List any options the command has, and what it's purpose is: poweroff.
|
Options: N/A.
Purpose: Used to shutdown the Linux computer. |
|
|
What is the purpose of the /bin directory?
|
Stores binaries.
|
|
|
What is the purpose of the /etc directory?
|
Stores all configuration files.
|
|
|
What is the purpose of the /media directory?
|
Where all external media is stored.
|
|
|
What is the purpose of the / directory?
|
Root filesystem.
|
|
|
What is the purpose of the /tmp directory?
|
Where all temporary files are located.
|
|
|
What is a software package?
|
A software package is a compressed file that contains scripts, program files. And directories requited to install and run an application. The package also includes a list of software it depends on to run correctly. We could consider these packages similar to a .zip or .rar in windows.
|
|
|
What format do software packages come in in Arch Linux?
|
.tar
|
|
|
What format do software packages come in in CentOS and RedHat?
|
.rpm
|
|
|
What format do software packages come in in Ubuntu?
|
.deb
|
|
|
What command is used to install a package without using a package manager?
|
make install
|
|
|
What is a package manager?
|
A software that allows you to install, upgrade and remove packages. Package managers also allow the ability to easily search for available software
|
|
|
What does yum stand for?
|
Yellowdog updater modified.
|
|
|
List 3 pro's of package managers.
|
(1) Package managers can keep track of all files and folders that are created when installing a package.
(2) Package managers can find all software dependencies and install them. (3) Do not release upgrades. |
|
|
What is a con of package managers?
|
Release upgrades through package managers are not recommended.
|
|
|
What is a software dependency?
|
If we have two pieces of software: Software A and Software B, then for software A to function properly, software B needs to be installed on the computer
|
|
|
What are repositories? (4)
|
(1) Can be on the internet, CD/DVD's
(2) Can be located on your own local network (Company based repositories) (3) Contain software packages (4) Contains pre–compiled software for each specific distribution of Linu |
|
|
What is a commonly used 3rd Party Repo?
|
RPM–Forge.
|
|
|
What is yum dependent on?
|
RPM.
|
|
|
What is RPM? (2)
|
(1) RPM can only process .rpm packages
(2) When YUM is required to process .rpm packages it runs RPM |
|
|
What is the yum command to search for a package?
|
yum search
|
|
|
What is the yum command to list packages?
|
yum list
|
|
|
What is the yum command to list what provides a file?
|
yum what provides
|
|
|
What is the yum command to update packages?
|
yum update
|
|
|
What is the yum command to install a package?
|
yum install
|
|
|
What is the yum command to remove a package?
|
yum remove
|
|
|
What is the rpm command to find if a package is installed?
|
rpm –q
|
|
|
What is the rpm command to list what provides a file
|
rpm –qf
|
|
|
What is the rpm command to update packages?
|
rpm –U
|
|
|
What is the rpm command to install a package?
|
rpm –ivh
|
|
|
What is the rpm command to remove a package?
|
rpm –e
|
|
|
What is apt?
|
Advanced Packaging Tool
– Used in debian based OS's such as Ubuntu. |
|
|
What is pacman?
|
Package Manager used in Arch Linux.
|
|
|
What are the yum commands for group package installs? (3)
|
(1) yum grouplist
(2) yum groupinfo 'groupname' (3) yum groupinstall 'groupname' |
|
|
What is the recommended format of the make & make install command?
|
# make && make install
|
|
|
What must be present to run the make commands?
|
A c compiler must be present to run the make commands.
|
|
|
What is a UID?
|
A number on the operating system that uniquely identifies a user.
|
|
|
What range of UIDs is reserved for anything from ports to programs?
|
0 – 500
|
|
|
What UID do user accounts start at?
|
500 or 1000 depending on the distro.
|
|
|
CentOS, RedHat and OSX all start at what UID?
|
500.
|
|
|
User accounts in any distros should not contain ____________ or ______________.
|
Spaces or capital letters.
|
|
|
How many names do *nix based accounts have?
|
Two.
|
|
|
What are the two names associated with *nix based accounts?
|
1st – login/account name
2nd – real name associated with the account |
|
|
What does BASH stand for?
|
borne again shell.
|
|
|
What are two shells used?
|
BASH and TSH
|
|
|
Where is mail stored?
|
Stored in /var/spool/mail/accountname
|
|
|
Where are logs stored?
|
The same place as mail.
|
|
|
What is the home directory?
|
This is where all the documents, files and scripts that belong to a given user are stored.
/home/accountname |
|
|
What is /etc/sudoers?
|
A file that contains all rights that a sudoer user has access to.
|
|
|
What is /etc/shadow?
|
Contains all user passwords in an encrypted format.
|
|
|
What is /etc/passwd?
|
Contains all user accounts on the system.
|
|
|
What is /etc/group?
|
Contains all groups that are on the system.
|
|
|
What is /etc/gshadow?
|
Contains shadow information of the group file.
|
|
|
The user accounts information gets added to the ________________ file.
|
/etc/passwd
|
|
|
What scheme for *nix operating systems work on?
|
UPG sheme.
|
|
|
What does UPG stand for?
|
User Private Group
|
|
|
The users password is stored in the _______________ file.
|
/etc/shadow
|
|
|
The users home directory is created in ________________.
|
/home/accountname
|
|
|
The home directory is a direct copy of what is in the ______________ directory.
|
/etc/skel
|
|
|
What command creates a useraccount bravo.
|
useradd bravo
|
|
|
What command prompts you for a password to the bravo account and expires that password (requiring the user to reset the password).
|
passwd bravo –e
|
|
|
What command changes the real name of the account bravo to "Cai Filiault"?
|
chfn ––full–name 'Cai Filiault' bravo
|
|
|
What is sudo?
|
Sudo is a Unix program that allows users to run programs with the security privileges of another user, typically superuser aka root.
|
|
|
Only users in the _______ or "admin" group are given the ability to use sudo.
|
wheel
|
|
|
How does one gain sudo access?
|
Users will need a current admin to assign them to the group post account creation.
|
|
|
When running ls –la what does the first column indicate?
|
The first column contain a single character the type of file it is representing.
|
|
|
What does d mean for file type?
|
directory (a typical folder)
|
|
|
What does – mean for file type?
|
regular file (a typical file)
|
|
|
What does | mean for file type?
|
symbolic link (a link to another directory).
|
|
|
What does s mean for file type?
|
Unix domain socket (a data communications endpoint for exchanging data between processes executing).
|
|
|
How does one read the output of ls –la?
|
In groups of 3.
|
|
|
What do the groups of 3 represent from the output of ls –la?
|
The first set of 3 = User permissions
The second set of 3 = Group permissions The last set of 3 = Other permissions |
|
|
What does r, w, x, – mean for permission?
|
r = read permission
w = write permission x = execute permission – = no permission |
|
|
What does MySQL stand for?
|
My Structured Query Language.
|
|
|
Who created MySQL and when?
|
Was originally developed in 1994 by David Axmark
|
|
|
What does the M in LAMP server stand for?
|
MySQL.
|
|
|
Until what month/year was MySQL the most popular open source database?
|
March 2014.
|
|
|
What is a database?
|
A database is a collection of one or more tables storing information
|
|
|
What is another name for a row in database terminology?
|
Known as a record.
|
|
|
What is another name for a column in database terminology?
|
Known as a field.
|
|
|
What is the command to install MySQL? (2)
|
yum install mysql mysql–server
mysql_secure_installation |
|
|
What does the command mysql_secure_installation do?
|
The command removes out tables, databases and anonymous user accounts that could leave your server vulnerable.
|
|
|
What is the command to add mysql service to startup? (2)
|
service mysqld start
chkconfig mysqld on |
|
|
What is the command to log into MySQL?
|
mysql –u root –p
|
|
|
What is the –u function of mysql?
|
The –u option allows you to specify an account name when connecting to the server.
|
|
|
What is the –p function of mysql?
|
The –p option when left blank tells the server to request a password from the client.
|
|
|
What is the –P option of mysql?
|
The –P option allows you to specify a port number that the server is residing on. By default mysql server runs on port 3306.
|
|
|
What is the default port for mysql?
|
Port 3306.
|
|
|
What is the –reconnect option of mysql?
|
The –reconnect option reestablishes any connections that may be dropped.
|
|
|
What is the –C option of mysql?
|
The –C option allows you to compress all information that is sent between client and server.
|
|
|
What do mysql commands end with?
|
A semi–colon.
|
|
|
What command is used to select the database we wish to create a table in?
|
use
|
|
|
What does the sql command SELECT do?
|
Used to select tables and show information.
|
|
|
What does the sql command UPDATE do?
|
Used to update information that is already in a table.
|
|
|
What does the sql command DELETE do? |
Used to delete records from tables. |
|
|
What does the sql command INSERT do?
|
Used to insert records into a table.
|
|
|
What does the sql command ALTER do?
|
Used to change table structure, add columns, modify them, etc.
|
|
|
What would the command below do?
use mysql; update user set password=NULL where person = “cai |
Selects the mysql database, which contains tables used for mysql to function correctly. Including the user accounts. |
|
|
What is SSH? (5)
|
A tool that allows:
Remote Administrator Remote Copy Remote Software Access Remote Execution of Commands Remote Login |
|
|
What year did data sent between computers become encrypted?
|
1995.
|
|
|
When was SSH developed, by whom, and where?
|
SSH was developed in 1995 by Tatu Ylonen at a university in Finland.
|
|
|
SSH is a protocol that is ____________ ___________ and ____________.
|
cryptographically secure and versatile.
|
|
|
What is the Windows equivalent of SSH?
|
There isn't any.
|
|
|
What 5 tools could help simulate SSH in Windows (but still come up short)?
|
FileZilla
Telnet RDP TeamViewer Logmein |
|
|
What is Layer 1 of SSH called?
|
Transport.
|
|
|
What does the command ssh –C username@hostname do?
|
When running this command, Layer 1 will negotiate compression.
|
|
|
What does the SSH option –C stand for?
|
Compression.
|
|
|
That is the typical compression rate of SSH?
|
If SSH is being compressed its typically 4 times compression.
|
|
|
The transport layer also deals with ____________.
|
Encryption.
|
|
|
What is the –c option of SSH?
|
–c will allow you to specify what cipher you would like to use.
|
|
|
What is the default cipher used for SSH?
|
3des.
|
|
|
What is recommended instead of 3des for a cipher and why?
|
"Blowfish" as it is much faster than 3des and still secure.
|
|
|
Layer 1 also has a ___________________ to make sure that the encrypted data hasn't been tampered with.
|
checksum.
|
|
|
What is Layer 2 of SSH called?
|
User Auth.
|
|
|
What does layer 2 of SSH do?
|
This layer is client driven.
|
|
|
How many modes of authentication does layer 2 have?
|
4 modes of authentication.
|
|
|
What are pre–shared keys?
|
This is when the client has already generated
private and public key pair. The client pre–authenticates with the server ssh–copy–id richard@192.168.1.50 From there on out whenever that user account on that client initiates a connection there no longer needs to exchange keys and prompt for a password. |
|
|
What is Layer 3 of SSH called?
|
Connection layer.
|
|
|
What does Layer 3 of SSH do?
|
This layer is used when you have multiple streams of data.
|
|
|
What 3 streams of data does Layer 3 of SSH handle?
|
The first is Shell.
SCP and SFTP. |
|
|
What does SCP stand for?
|
Secure Copy Protocol.
|
|
|
What does SFTP stand for?
|
Secure File Transfer Protocol.
|
|
|
Why use port forwarding?
|
Port forwarding allows us to use foreign servers/services as if they
are on our own system. |
|
|
What line in your ssh server configuration do you need to change to enable port forwarding?
|
AllowTcpForwarding yes
|
|
|
What is the syntax for port forwarding?
|
ssh –N –f –L::
8000 localhost: 23 192.168.80. |
|
|
What is the –N option of ssh?
|
The –N option tells the ssh client not to execute a command on the other side.
|
|
|
What is the –f option of ssh?
|
The –f option tells the ssh client to run as a background process before executing the remainder of the command (similar to an OS fork)
|
|
|
What is the –L option of ssh?
|
The –L option allows us to enable port forwarding with the following syntax.
|
|
|
What does the command
ssh –C richard@192.168.1.50 do? |
This enables 4 times compression
Use this when you have limited bandwidth |
|
|
What does the command
ssh richard@192.168.1.50 do? |
richard is the user
The @ symbol dictates where it's connecting to 192.168.1.50 is the server IP address This could also be a DNS name |
|
|
What does the command
scp –r MyFiles/ richard@192.168.1.50:Backups/ do? |
scp stands for secure copy protocol
Uses SSH primarily –r is recursive MyFiles/ is a folder Ender is the user on the server @192.168.1.50 means AT that server IP : This is the demarcation point for the file system on the remote server Backups/ is a folder on the remote server |
|
|
What does FTP stand for?
|
File Transfer Protocol.
|
|
|
What is FTP?
|
FTP is a client–server based protocol. Where multiple clients can connect to a single server. This protocol allows for the transfer of data (ie files) from server to client and client to server. The method of authentication used for FTP is username password. Although FTP does allow for an anonymous login if the user configured it to do so.
|
|
|
When was FTP made and by whom?
|
FTP was originally written by Abhay Bhushan in 1971.
Was rewritten in 1980 for TCP/IP And again in 1995, 1997 and 1998 These revisions added much needed security extensions and IPv6 Support |
|
|
What is the purpose of FTP?
|
FTP servers are used for many things, updating websites, transferring files to and from co–workers etc. FTP servers can be used for backups.
|
|
|
What ports does FTP run on? (2)
|
FTP runs on both port 20 and 21. port 20 is used for data transfer where port 21 is used for commands.
|
|
|
What port does the FTP client use?
|
The client that connects to the server may choose a random port N and begin communication. After the data port has been established the server will then communicate commands with the clients N+1 port.
|
|
|
How good is FTP Protocol security?
|
Although FTP requests a username and password, the data that is sent over port 20 is sent in plain text. Allowing any person with the right “technical know how” to observe this username and password and potentially compromise the contents of the FTP server.
|
|
|
What are the two transfer modes that FTP has?
|
FTP has two transfer modes which are ASCII and Binary.
|
|
|
What is ASCII mode?
|
ASCII mode looks only looks at the last 7 bits of data and assumes the document being transferred is in an ASCII format (ie, .txt, .js, .html etc.
|
|
|
What is Binary mode?
|
Binary mode transferred all 8 bits of data and ensures that the document is sent correctly with no missing data. This should be used for anything that is not an ASCII file. (compressed files, pdf, picutures, etc)
|
|
|
Is SFTP just FTP running over SSH?
|
No. SFTP is a newly developed protocol.
|
|
|
What does SFTP stand for?
|
SSH File Transfer Protocol.
|
|
|
What is SFTP?
|
SFTP is an extension of the SSH protocol that allows you to have all the same functionality of FTP but with the security of SSH.
SFTP is included in the OpenSSH package and is available for use after installing SSH. |
|
|
When was SFTP developed?
|
SSH was developed in 1995 by Tatu Ylönen at a university in Finland. Two years later with the help of Sami Lehtinen he created SFTP.
|
|
|
What port does SFTP run on?
|
Port 22, the same port as SSH.
|
|
|
What commands install the virtual ftp server service and the ftp client so that we are able to connect?
|
sudo yum install vsftpd
sudo yum install ftp |
|
|
After installing the vsftpd software we then need to ensure the service is started, configured, and set to start when the computer turns on.
To enable the service/daemon we need to run the following command: ______________________________ |
sudo service vsftpd start
|
|
|
What command makes sure that the FTP service starts when the computer reboots?
|
sudo chkconfig vsftpd on
|
|
|
What is chrooting?
|
Chrooting allows you to create what is often called a “padded cell” or a “jail” for the user that is FTPing to your server. When you enable chroot, it alters what the user is able to see/do to your operating system structure. The / directory now becomes that users home directory.
In other words, the user is only ever able to see the home directory of the account that they logged into. They can't change around the server and “snoop” at what you have. |
|
|
What is /etc/vsftpd/ftpusers?
|
This is a file of users that are not able to use FTP (like a banned list for accounts).
|
|
|
What is /etc/vsftpd/userlist?
|
Is a file of users that either exclusively allowed of not allowed to log into FTP.
|
|
|
What is the difference between /etc/vsftpd/ftpusers and /etc/vsftpd/userlist?
|
The difference is userlist will not prompt for a password before denying the user.
|
|
|
What is the command to reboot the ftp service?
|
sudo service vsftpd restart
|
|
|
What is the FTP command to download a file from the server?
|
Get
|
|
|
What is the FTP command to upload a file to the server?
|
Put
|
|
|
What does the FTP command Type do?
|
Allows you to change the ftp type (ascii or binary).
|
|
|
What does the FTP command Size do?
|
shows the file size.
|
|
|
What is the FTP command to list the files and directories? (2) \
|
Dir
Ls |
|
|
What FTP command allows you to create a directory?
|
Mkdir
|
|
|
What FTP command allows you to remove an empty directory?
|
Rmdir
|
|
|
For a full list of all commands available please use the _________ command in the FTP client software.
|
the ? Command.
|
|
|
Tunneling FTP over SSH is called __________.
|
FTPS. |
|
|
What is a firewall?
|
A piece of software or hardware that controls incoming and outgoing network traffic.
|
|
|
A firewall filters traffic based upon a given ______ _______.
|
rule set
|
|
|
What does a firewall separate?
|
A firewall separates trusted and untrusted networks.
|
|
|
Where are firewalls used? (3)
|
1. Routers
2. Computers 3. Watchdog devices |
|
|
What types of firewalls will I encounter in Linux? (3)
|
1. IP Tables
2. system–config–firewall–tui 3. UFW |
|
|
What does UFW stand for?
|
Uncomplicated firewall.
|
|
|
What is UFW?
|
Is used on debian based distro's and was designed to be an easy
to use and understand command line firewall. This is another front end software that runs on IPTables. |
|
|
What are IPTables?
|
Is comprised of the nefilter kernel module and the Iptables software. The software works upon tables and chains that allow you the customize when and where traffic is either permitted or denied.
|
|
|
What is system–config–firewall–tui?
|
GUI Version of IPTables
This software is the most commonly used command line GUI of IPTables. |
|
|
IPtables is built upon tables and chains that filter all network traffic 3 chains: (3)
|
1. Input: traffic originating from another computer destined to our computer.
2. Output: traffic originating from out computer destined for another computer. 3. Forward: traffic passing through the computer (if your computer is acting as a router). |
|
|
________ __________ are added to each of these chains. When this is matched, it either ACCEPTs or DROPs the packet.
|
Filtering rules.
|
|
|
What is bastion host?
|
A bastion host is defined as a "hardened server" that is exposed to foreign networks and grants access to our own.
|
|
|
What is server hardening?
|
Server hardening is the process of installing and configuring software to make a server as secure as possible.
|
|
|
Server hardening includes the following 6 things.
|
1. Installing patches
2. Enhance security on sudo access 3. Understanding logs and how to maintain them (chattr +a logs) 4. Securing SSH 5. Remove FTP and other insecure software 6. Disable Root Account |
|
|
What 4 pieces of software are used to harden a server?
|
1. Tripwire
2. Snort 3. SSHGuard 4. AppArmor |
|
|
What 2 server hardening softwares to do use in this class?
|
1. Tripwire
2. Snort |
|
|
What 2 commands do we run to ensure that the server is up to date so that any exploit that may be present for the server is patched?
|
sudo yum update
sudo yum upgrade |
|
|
_______ is the Linux equivalent of the attrib command in DOS.
|
Chattr
|
|
|
What does the chattr –i flag do?
|
The –i flag allows us to set a file to immutable. This means the file unable to be altered, renamed, or have a shortcut created to it.
|
|
|
What does the chattr –a flag do?
|
The –a flag allows the administrator to make a file append mode only. This option is perfect for log files.
|
|
|
After changing the file permissions we can view the alterations using the ___________ command.
|
lsattr
|
|
|
What is the command to disable root account?
|
sudo passwd –l root
|
|
|
What is the command to enable root account?
|
sudo passwd –u root
|
|
|
What is Tripwire?
|
Tripwire is an Intrusion Detection System (IDS). Think of Tripwire as a house alarm. Only notifying you if your house has been broken into. The problem with IDS's is they only deter criminals, They do not prevent them. Please note that tripwire is not support by Redhat.
Tripwire keeps a database about information on all core files in the operating system. Then once a day does a scan for these files and sees if anything has changed. After the scan has completed tripwire emails you the results. |
|
|
What is Snort?
|
Snort is a real time intrusion prevention system (IPS): This is the same type of security that is used in bank vaults. |
