450 likes | 584 Views
Week Thirteen Agenda. Announcements Open Source presentations will be on December 12, 2013 (week 14) Final Exam 15-1 will be administered by the Student Learning Center from December 16 through 18. Link of the week Review week twelve lab assignment Week eleven expected outcomes
E N D
Week Thirteen Agenda • Announcements Open Source presentations will be on December 12, 2013 (week 14) Final Exam 15-1 will be administered by the Student Learning Center from December 16 through 18. • Link of the week • Review week twelve lab assignment • Week eleven expected outcomes • Next lab assignment • Break-out problems • Upcoming deadlines • Lab assistance, questions, and comments
Week Thirteen Agenda • Section V1WW ITEC 400 Open Source Presentations • December 9 Week 14 1. Student name: Tina Best • Open source topic:: Fog (week 14) 2. Student name: Tara Paider • Open source topic: Gephi (week 14) 3. Student name: Scott Reed • Open source topic: Android (week 14) 4. Student name: Tom Bebo • Open source topic: Pure FTPd (week 14 ) 5. Student name: Colin Ritchason • Open source topic: Wireshark (week 14)
Week Thirteen Agenda 6. Student name: Kevin Hoover • Open source topic: Filezilla (week 14) 7. Student name: Jesse Vanslyke • Open source topic: Drupal (week 14) 8. Student name: Kate Elbert • Open source topic: Apache Web Server (week 14) 9. Student name: Ray Carter • Open source topic: Eclipse (week 14) 10. Student name: Lauren Middleton • Open source topic: Amaya (week 14)
Week Thirteen Agenda • Students are encouraged to email their Power Point presentations to me at least one hour prior to the class presentation session. This allows me the opportunity to open your Power Point file and verify that it is usable.
Link of the week HTML Tutorial http://www.w3schools.com Purchase CGI scripts http://www.cgiscript.net "How to Create Your Own Home Page" Home Page http://www.intergalact.com/hp/part3/part3.html CGI Programming FAQ by Nick Kews http://www.webthing.com/tutorials/cgifaq.html Introduction to CGI Scripts http://linux.die.net/man/3/cgi
Link of the week Common In the sense that there are many programming languages that scripts can be written in and interact with different types of systems. The user isn’t limited to just one way. Gateway CGI strengths lie in not only what it can do itself, but with it’s potential access it offers to other systems (databases/graphic generators). Interface CGI provides a well-defined way to call up its features. The interface between the CGI script and the Web server is fixed.
Link of the week Define: CGI (Common Gateway Interface) script CGI is the standard for interfacing with external applications and information servers. The information servers can be HTTP or Web servers. The CGI scripts provide a more dynamic avenue for information servers to pursue rather than as a HTML file server.
Review Week Twelve Lab Assignment PROCESS STATE CODES (man ps command) D uninterruptible sleep (usually IO) R runable (on run queue) S sleeping T traced or stopped Z a defunct ("zombie") process For BSD formats and when the “STAT" keyword is used, additional letters may be displayed: W has no resident pages < high-priority process N low-priority task L has pages locked into memory (for real-time and custom IO) Use the ps -aux | less command to display the above mentioned codes listed under the STAT column heading.
Review Week Twelve Lab Assignment PROCESS STATE Code USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 1 0.0 0.0 1424 488 ? S Oct19 0:24 init root 2 0.0 0.0 0 0 ? SW Oct19 0:00 [migration/0] root 3 0.0 0.0 0 0 ? SW Oct19 0:00 [migration/1] root 4 0.0 0.0 0 0 ? SW Oct19 0:00 [migration/2] root 5 0.0 0.0 0 0 ? SW Oct19 0:00 [migration/3] root 6 0.0 0.0 0 0 ? SW Oct19 0:00 [keventd] root 7 0.0 0.0 0 0 ? SWN Oct19 0:00 [ksoftirqd/0] root 8 0.0 0.0 0 0 ? SWN Oct19 0:00 [ksoftirqd/1] root 9 0.0 0.0 0 0 ? SWN Oct19 0:00 [ksoftirqd/2] root 10 0.0 0.0 0 0 ? SWN Oct19 0:00 [ksoftirqd/3] VSZ – virtual memory usage of the entire process. RSS – non-swapped physical memory that a task has used.
Review Week Twelve Lab Assignment PROCESS STATE Code /export/home/dandrear>ps ux USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND dandrear 9170 0.0 0.0 1580 584 pts/0 S 10:53 0:00 -ksh dandrear 9407 0.0 0.1 5820 2232 pts/0 R 12:03 0:00 ps ux
Review Week Twelve Lab Assignment PROCESS STATE Code /export/home/dandrear>ps –aux | less USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 26 0.0 0.0 0 0 ? S 2011 4:19 [kswapd0] root 27 0.0 0.0 0 0 ? SN 2011 0:00 [ksmd] root 28 0.0 0.0 0 0 ? S 2011 0:00 [aio/0] root 401 0.0 0.0 2428 8 ? S<s 2011 0:00 /sbin/udevd -d root 612 0.0 0.0 0 0 ? S 2011 0:00 [vmmemctl] dandrear 20749 0.0 0.0 4812 1036 pts/0 R+ 20:23 0:00 ps -aux dandrear 20750 0.0 0.0 4448 784 pts/0 S+ 20:23 0:00 less
Review Week Twelve Lab Assignment What is the function of the cron daemon? To initiate all timed events. The cron daemon is started at boot time and remains active while the system is operating in multi-user mode. The crond wakes up every minute, exams all stored crontab records, checking to see which command is ready to execute in the current minute. crontab record format: * * * * * Command line <minute> <hour> <day> <month> <day of week> Command line crontab Restrictions You can execute crontab if your name appears in /usr/lib/cron/cron.allow. If the cron.allow files doesn’t exist, you can use crontab if your name isn’t listed in the /usr/lib/cron/cron.deny file. If only cron.deny exists, and is empty, all users can use crontab. If neither file exists, only root user can use crontab.
Review Week Twelve Lab Assignment What is a domain name? It is a name that refers to a numeric notation (similar to an alias). A name that identifies one or more IP addresses. What is the function of a Domain Name Service (DNS)? It is a system that resolves names to an IP address(es) of clients. Domain name service is a hierarchical system where the top level domain serving sub-domain clients with names and IP addresses. A DNS is similar to a “phone book”. The most popular DNS software is generally BIND. FYI -dos2unix is a function that converts DOS/MAC plain text files into UNIX format. What is the functionality of the “lost+found” directory on a UNIX-like system? Usually, there is one directory in every disk partition. Disk errors or incorrect system shutdowns cause files to become lost. This is the directory they can be found in.
Review Week Twelve Lab Assignment Security on UNIX systems Basic UNIX-like system security is the accessmodes for files and directories. Default file and directory permission settings are set by the umask variable value. The initial recommended umask setting of 077 would enable all permissions for the directory owner, disabling all permissions for the group, and others. Base directory values = 777 Base file values = 666 Access permissions cannot be granted one way for one user and another way for a different user. The chmod command should be used to make the final permissions settings once the information is ready for use.
Review Week Twelve Lab Assignment Directory Calculation umask 077 777 ---> 111 111 111 (base directory value) 077 ---> 000 111 111 (umask value in .profile) 700 ---> 111000000 (1’s complement) 111 000 000 (default directory permissions) 700 (rwx------)
Review Week Twelve Lab Assignment File Calculation umask 077 666 ---> 110 110 110 (base file value) 077 ---> 000 111 111 (umask value in .profile) 700 ---> 111000000 (1’s complement) 110 000 000 (default file permission) 600 (rw-------)
Review Week Twelve Lab Assignment Security on UNIX systems In a UNIX-like operating system environment, files and directories are organized in a tree structure with specific access modes. • File access modes determine the permission bits for file security. Permission bits determine how users can access a file. There are three user access modes used by all UNIX-like operating systems: the owner, the group, and others. Permission access for these groups can be read, write and execute within each user type. • Directory protection is vital for file security. Administrators and users create “publicly writeable” directories which provide the most opportunities for compromising UNIX security on a system. Administrators tend to make these ”open” for users to move around and access public files and utilities. - PATH environment variable was intended to be organized with system paths being searched first and the user’s current working directory being searched last.
Review Week Twelve Lab Assignment Security on UNIX systems - Passwordsoffer an additional level of system security. They lend themselves to computer system compromising when the strength of the password is not strong. In summation, the adherance to corporate policy must be implemented. Two factor authentication is where a subject provides at least two types of proof of identity. - Network security is important very important when using powerful commands like uucp, uux, uucico, and uuxqt commands. - LAN data transfers should more than just fast and reliable, they should be secure. Secure LAN software is more available than in the recent past. IEEE 802.11i specifies the use of the Advanced Encryption Standard (AES). AES is a stronger security algorithm than WEP.
Review Week Twelve Lab Assignment Security on UNIX systems The Data Encryption Standard (DES) was selected by the National Bureau of Standards as an official Federal Information Processing Standard for the United States in 1976 . DES is based on a 56 bit key. DES is now considered insecure for many applications. This action is due to the 56 bit key size being too small. Web sites that are more secure using CGI scripts to generate output dynamically.
Review Week Twelve Lab Assignment What is copy-on-write (COW)? It is an optimization strategy mainly used in virtual memory operating systems. Multiple users can be given a pointer to the same resource. When a process creates a copy of itself, the pages in memory that might be modified by either the parent or child process are marked copy-on-write. When one process modifies the memory, the kernel intercepts the operation and copies the memory so that changes in one process’s memory are transparent to the other. COW is intended to use memory sparing because usage of physical memory utilization increases as data is stored.
Review Week Twelve Lab Assignment Network Services A variety of services available across a network NFS Remote login Utilize a Web browser All network services rely on the ability to convert a host or domain name to an IP address. DNS are complex. The number of host names and IP addresses in the Internet is very large. DNS Local contains actual translations for the machines in its local network DNS Global contains more information about translations. A single translation could involve several DNS before resolving the IP address.
Review Week Twelve Lab Assignment File Systems UNIX/Linux file system is contained under the root directory denoted by a forward slash “/”. Users don’t have to worry about the physical locations of files. The file system is transparent to the user. The system administrator must be familiar with mounting and un-mounting storage space (/mnt). A file system cannot be utilized unless it has been mounted.
Review Week Twelve Lab Assignment File Systems versus Disks The main task of a file system is to recover stored data to a consistent state after a system crash. File system must be aware of the disk technology on which they are running to ensure they can reliably deliver the semantics they have promised. Application(s) interface with file systems and not disks.
Review Week Twelve Lab Assignment Legacy of File System and Disk Technology Fsysc system call – writes data (dirty) to disk that requires long-term stability Track-caching controllers – accumulates data into large buffers then write large frame Tag queuing – each request passed to the disk driver is assigned a unique numeric tag SerialATA is now defined as Native Command Queuing (NCO) Newer disk sizes – the write density for disks was increased from 512 byte sectors to 4,096 byte sectors. Compatibility – error rate per bit increased. Old versus new sector sizes.
Review Week Twelve Lab Assignment One-Way Encryption (Message Digest 5) 1. MD5 encrypted password (option secret 0) 2. MD5 encryption text string (option secret 5) The optional 0 keyword enables MD5 encryption on a clear text password; the 5 keyword enters an MD5 encryption string and saves it as the user MD5-encrypted secret. MD5 encryption is a strong encryption method which is not retrievable; thus, you cannot use MD5 encryption with protocols that require clear text passwords, such as CHAP
Review Week Twelve Lab Assignment One-Way Encryption (Message Digest 5) MD5 encryption is a one way hash encryption algorithm and cannot be decrypted (except by brute force). MD5 encryption can be compromised using brute force on it. Rainbow tables use a mathematic algorithm so its easier and faster than a common brute force.And yes, there are tables which can crack MD5. If a password is bigger than 15 characters, it takes a hacker more time to create the conditions necessary to compromise the password. So, if your password is bigger than 15 characters your level of security is considered safe.
Review Week Twelve Lab Assignment Super Block Attributes Contains information about each mounted file system. The super-block is the first block of each ext2FS/ext3FS partition. It contains important data about the file system, such as its size, free space, etc. (it is similar to the method used by FAT partitions). A partition with a damaged super-block cannot be mounted. Fortunately, ext2FS/ext3FS keeps several super-block backup copies scattered over the partition. Most of the information stored in the super-block is considered static. Static information can be critical in recovering data.
Review Week Twelve Lab Assignment Types of information found in a super-block Device identifier, inode pointers, block size, file system type and pointer. Inode contains information about a file. The name and the inode number are stored in the directory. Data block are used to store the data in the file. There is a limited amount of space in an inode for pointers. Number of mounted file systems The Linux 2.0 kernel keeps a static array of such structures to store up to 64 mounted file systems. A file system must be mounted before it is usable. .
Review Week Thirteen Lab Assignment Directory Structure UNIX arranges files and directories in an inverted tree topology. /procdirectory contains a hierarchy of special files which represent the current state of the kernel. /bindirectory contains shells (bash and csh), vi editor, and commands. /etcdirectory contains system related configuration files. /mntdirectory is intended to be used as the temporary mount points for mounting storage devices.
Review Week Thirteen Lab Assignment Directory Structure drwxr-xr-x 6 root root 1024 Dec 29 2005 mnt /optdirectory is where new or untested software is stored. /devdirectory is where device files are located that access hardware. /directory contains several main directories. /rootdirectory is reserved for the super-user. drwxr-x--- 4 root root 1024 Nov 16 22:35 root
Review Week Twelve Lab Assignment Linux Virtual File System (VFS) The purpose of a VFS is to allow client applications to access different types of file systems in a uniform way. Manages kernel file abstractions in one format for all file systems. Receive system call requests from user level (e.g. write, open, stat, link). Interacts with a specific file system based on the mount point traversal Receive requests from other parts of the kernel, mostly from memory management.
Review Week Twelve Lab Assignment File Manager Is a program that provides a user interface to work with the file system. They are very useful for speeding up interaction with files. The most common operations on files are create, open, edit, print, rename, move, and copy.
Review Week Twelve Lab Assignment Define LDAP (Lightweight Directory Access Protocol ): A set of protocols for accessing information directories. LDAP is considered the simplified version of the X-500 standard. Unlike the X-500 standard, LDAP supports TCP/IP for Internet access. LDAP Characteristics: - Relatively Static Data: The data is rarely modified. How often do you change your telephone number? - Extremely Fast Read Operations - The directory is tuned for high read performance because the data in the directory is frequently read and rarely written or updated. - Distributed - The data is located on a number of systems on the network for redundancy, performance, and scalability. - Hierarchical -This ensures there is an authoritative source of the data in the directory system.
Week Thirteen Expected Outcomes Upon successful completion of this module, the student will be able to: • Describe the structure and use of Web servers. • Create and run CGI scripts. • Evaluate a current Web technology project.
Next Lab Assignment Apache Web Server Apache Web server is free and distributed as source files by the Apache Software Foundation. Apache is generally recognized as the world's most popular Web server (HTTP server). Originally designed for UNIX servers, the Apache Web server has been ported to Windows and other network operating systems. The name "Apache" derives from the word "patchy" that the Apache developers used to describe early versions of their software. apache 31748 27504 0 Mar23 ? 00:00:03 /usr/sbin/httpd
Next Lab Assignment Describe the structure and use of Web servers. Early Web sites consisted of HTML pages that could only provide data that was written into the HTML page itself. This was sufficient for that time frame. Currently, Web sites provide dynamic data into an HTML page with the use of CGI scripts. It is a mechanism for a Web server to be able to interact with an external program. These external programs are CGI scripts.
Next Lab Assignment Describe the structure and use of Web servers. CGI scripts can be written in any programming languages. Perl is the common choice because of its feature richness. The web is composed of clients and servers. CGI is used on the server to provide additional services and functionality to the client.
Next lab assignment The Apache HTTP server must be instructed to locate the CGI scripts. Two more pieces of information are needed. 1) A program in that directory to be used as a CGI script. 2) A link in an HTML page to your CGI script. The CGI script itself simply produces output to stdout. The HTTP server captures that output and sends it to the Web browser. The format of the output must be in a form that the Web browser can understand (HTML). The CGI script creates the HTML page every time it is run. The data provided to the HTML page can change with each execution of the script. The Web browser reports data dynamically to the user.
Next lab assignment URL that points to the CGI script. http://cs.franklin.edu/~dandrear/itec400/CGI/sysInfo.cgi Apache Web Server A user can test from a Web browser on the same machine using the host name “localhost.” http://localhost will try to find a Web server on the same machine as the Web browser.
Break-out problems 1. Unix commands: fg bg uname –n id 2. Define the function of the umask command and variable. 3. What are the file permissions if the umask 027? 4. What are the directory permissions if the umask 027? 5. What are the base directory permissions? 6. What are the base file permissions? 7. What is the function of the file manager? 8. What is an Apache Web Server? 9. What would be considered an advantage of using copy-on-write? 10. What is a Linux Virtual File System?
Upcoming Deadlines Programming Assignment 2, 12-1 due December 1, 2013 Archives Exercise, 12-2 due December 1, 2013. Presentations for Public Domain/Open Source Lab Assignment 13-1 will be December 9 and 16, 2013. Programming Assignment 3, 14-1 is due December 15, 2013 Good luck on the final exam .
Lab assistance • Questions • Comments • Concerns • I will be available after this Franklin Live session to discuss any problems and/or concerns regarding lab assignments.