lab4 harmandeep

docx

School

Sheridan College *

*We aren’t endorsed by this school

Course

CST8102

Subject

Computer Science

Date

Dec 6, 2023

Type

docx

Pages

27

Uploaded by UltraFrog3780

Report
Lab 4 Lesson 10 Exercises - Just answer the questions hilighted in green. It can be done on either ‘server01/02’ or ‘desktop’ VM. 10.1 - Learning Basic Scripting Syntax (answer each question, highlight answers in YELLOW) 1) Input the following into a file called hello.sh: #!/bin/bash # This is a comment! echo Hello World # This is a comment, too! 2) In the script you just created, the top line has a special meaning, what is it? #!/bin/bash This is called shebang. It indicates the path to the interpreter that should be used to exeute the script 3) Make the script executable: chmod a+x hello.sh - then run it # 3a. What do you enter to run it? Give your answer here: ./hello.sh # 3b. Is there another way to do it without making the file have execute permissions (x) – yes or no? If yes, enter your line here: Yes we can execute it by running bash hello.sh Looking at the script, it seems pretty useless because typing this will do the same thing: echo Hello World 10.2 - Variables & Basic Script Operations (highlight answers in YELLOW) NOTE : Since the Bourne Again Shell (Bash) is a superset of sh (the Bourne Shell), all sh commands will also work in bash - but not vice versa. (tldp.org) For each, try your answer first in a script, then paste it in here. A user should be able to take your lines and have it run perfectly on the Linux command line. You do not have to include the #!/bin/bash line in the Q1 - 5 answers. Answer 1-11. 1.) How do you define a variable called x and assign it a value of 10 and print it on screen? Ans.) 2) How do you define a variable called xn and assign it “Linux” and print it on screen? Ans.) 3) How do you print the sum of two numbers, let’s say 6 and 3?
Ans.) 4) How do you define two variables x=20, y=5 then print the division of x and y (i.e. x/y)? Ans.) 5) Modify question #4 and store division of x and y into a variable called z Ans.) 6) Write a script to see current date, time, username and current directory. Ans.) 7) Using the above question, create a menu which allows the user to select either the current date, time, username or current directory. After the script performs the option, it ends. Put your script here: Ans.)
8) Write a script that asks a user what their login name is and writes it to a file called loginname_file . Put your script here: Ans.)
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
9) For the following, create a script using the code below. Give a screenshot of its execution. #!/bin/bash for i in 1 2 3 4 5 do echo "looping .... number $i" done Ans.)
10) For the following, create a script using the code below. Run it, enter 2 strings before quitting. Give a screenshot of its execution. #!/bin/bash INPUT_STRING=hello while [ "$INPUT_STRING" != "bye" ] do echo "Please type something in (bye to quit)" read INPUT_STRING echo "You typed: $INPUT_STRING" done
11) For the following, create a script using the code below. Run it with 5 different inputs. Give a screenshot of its execution. #!/bin/bash while read f do case $f in hello) echo English ;; howdy) echo American ;; gday) echo Australian ;; bonjour) echo French ;; *) echo Unknown Language: $f ;; esac done < myfile 10.3 – Create Cron Jobs – (This can be done using instances of an SSH Client [like ‘Bitvise’] for each user account. Use ‘server01’ or ‘02’.) 1a. Create a cron job that displays the current time to every user’s console at 1 hour intervals. Details: set the first execution time to 4 minutes from now; ex.: if the time now is 1.16 pm, use 1.20 pm, 2nd message comes at 2.20 pm, 3rd one at 3.20 pm and so on (every hour). Look at the ‘ wall ’ command. To test your entry: - open 3 consoles and login with 3 different users - if needed, use mesg command on each console to enable messaging - create your cron job - verify at the specified time that everyone got the message (the current time) Grab screenshots from 2 of your consoles showing the same message sent as a result of your cron job; paste them here: Example:
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
b. Put your cron job entry here: 2a. Create a Cron job that checks for invalid login (user login with wrong password) attempts every 10 minutes. The attempts are logged in /var/log/auth.log. When an invalid attempt is found, copy the message from the log to a file under your home directory. To verify your job works: try 2 invalid login attempts from 2 different users, spaced 15 minutes apart. Paste any log messages you get, right here: Note : The cron daemon does not know your screen display name - ex.: if your display name is /dev/pts0, cron is not told that, so won't display things to your screen. It is better to write output to a file for viewing later. The question does not require you to display to screen - the message written to a file is good enough. b. Put your cron job entry here: 10.4 - LVM The following is a tutorial from https://linuxconfig.org/linux-lvm-logical-volume- manager . It has been adapted for our exercise. Do the steps listed. Additional steps and screenshots you must capture are hilighted in yellow. These steps (in yellow) were added by your teacher because the tutorial author used different disk sizes for his demo. In our steps, use either ‘server01’ or ‘server02’, where you have a disk /dev/sdb, which is 20 gb in size. There are 3 other disks: sdc, sdd and sde …each having 20 gb. You may use them to practice configuration of LVM. Since these steps require superuser privilege, you must precede commands with ‘sudo’. Capture the history of your commands for submission. Linux lvm - Logical Volume Manager Lubos Rendek Contents 1. This is what we are going to do 2. Create Partitions
3. Create physical volumes 4. Create volume group 5. Create Logical Volumes 6. Create File system on logical volumes 7. Edit /etc/fstab 7.1. Mount logical volumes 8. Extend logical volume 9. Remove logical volume This article describes basic logic behind a Linux logical volume manager by showing real examples of configuration and usage. Although Debian Linux will be used for this tutorial, you can also apply the same command line syntax with other Linux distributions such as Red Hat, Mandriva, SuSe Linux and others. This is what we are going to do
Note: Since our /dev/sdb is 20 gb, our partitions will be: sdb1 [7.2 gb] and sdb2 [12.5 gb]. Create Partitions For this Linux lvm example you need an unpartitioned hard disk /dev/sdb. First you need to create physical volumes. To do this you need partitions or a whole disk. It is possible to run pvcreate command on /dev/sdb, but I prefer to use partitions and from partitions I later create physical volumes. Run ‘fdisk’ now to get a snapshot of your disks. Use your preferred partitioning tool to create partitions. In this example cfdisk is used. (Instead, we will use ‘fdisk’ to create the partitions now. Make them 7.2 and 12.5 gb as shown above.).
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Partitions are ready to use. Create physical volumes Use the pvcreate command to create physical volumes. # pvcreate /dev/sdb1 # pvcreate /dev/sdb2 The pvdisplay command displays all physical volumes on your system. # pvdisplay Alternatively the following linux command could be used: # pvdisplay /dev/sdb1
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Q1. Run ‘pvdisplay’ and paste the output here. Create volume group At this stage you need to create a volume group which will serve as a container for your physical volumes. To create a volume group with the name "mynew_vg" which will include /dev/sdb1 partition, you can issue the following linux command : # vgcreate mynew_vg /dev/sdb1 (do this now) To include both partitions at once you can use this command: (skip this one and do the ‘vgextend’ below) # vgcreate mynew_vg /dev/sdb1 /dev/sdb2
Feel free to add new physical volumes to a volume group by using the vgextend command. # vgextend mynew_vg /dev/sdb2 (run the above command)
Q2. Run ‘vgextend’ and ‘vgdisplay’ and paste your output here: Create Logical Volumes From your big cake (volume group) you can cut pieces (logical volumes) which will be treated as partitions for your linux system. To create a logical volume, named "vol01", with a size of 400 MB from the volume group "mynew_vg" use the following linux command : create a logical volume of size 400 MB -L 400 create a logical volume of size 4 GB -L 4G
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
# lvcreate -L 1600 -n vol01 mynew_vg (for our demo, use 1600 MB) With the following example you will create a logical volume with a size of 4GB and with the name vol02:
# lvcreate -L 4000 -n vol02 mynew_vg (run this now) Do ‘lvdisplay’, verify all is correct and paste output here: Q3. Run ‘lvdisplay’ and paste your output for both logical volumes here:
Note the free size in volume group. Paste output from ‘vgdisplay’: NOTE : In the command below, you may use the latest Linux file system type (ext4) for your new logical volumes, by entering: mkfs.ext4 (instead of ‘mkfs.ext3’) Create File system on logical volumes The logical volume is almost ready to use. All you need to do is to create a filesystem.: # mkfs.ext3 -m 0 /dev/mynew_vg/vol01 (use ‘ext4’)
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
the -m option specifies the percentage reserved for the super-user, set this to 0 if you wish not to waste any space, the default is 5%. Edit /etc/fstab Add an entry for your newly created logical volume into /etc/fstab (note that your ‘mount point’ and filesystem ‘type’
will be different). You may choose any directory to mount this volume to – ex.: /mnt/lvm-demo – but first, make sure to create the directory. Mount logical volumes Before you mount do not forget to create a mount point. # mkdir /home/foobar Q4. Run ‘df’ at your new directory after you have mounted the logical volume and paste your output here: Extend logical volume The biggest advantage of logical volume manager is that you can extend your logical volumes any time you are running out of the space. To increase the size of a logical volume by another 3200 MB you can run this command: # lvextend -L + 3200 /dev/mynew_vg/vol01 (run this now)
Q5. Paste your ‘lvextend’ command and its output: The command above does not actually increase the physical size of volume, to do that you need to: # resize2fs /dev/mynew_vg/vol01 Look at the figure below to see what problems you may encounter when extending a volume:
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Q6. Paste your ‘resize2fs’ command and its output: Q7. Paste output here proving that ‘root’ user can write to your new directory: Remove logical volume The command lvremove can be used to remove logical volumes. Make sure that before you attempt to remove logical volumes your logical volume does not have any valuable data stored on it, moreover, make sure the volume is unmounted. # lvdisplay
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
# lvremove /dev/mynew_vg/vol02 Q8. Paste your ‘lvremove’ and ‘lvdisplay’ commands and their output: You are done part 10.4. Capture your history file of commands done in this part and paste it here.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Lesson 11 Exercises This exercise requires 2 Linux VMs – use ‘server01’ and ‘desktop’. Do all your work on ‘server01’ except where noted. Answer the questions in yellow. 11.1 – Adding rules to iptables ‘Iptables’ is the implementation of a firewall in Linux. There are a couple of ways to add rules to iptables. Execute this command to list the current rules: sudo iptables -L 1. What chains are displayed? Ans.) Most likely on a new install there aren't any rules set up. We can add rules with the -A argument We can delete rules with the -D argument Take a look here: https://help.ubuntu.com/community/IptablesHowTo for some information on the options that you can use for iptables. To allow established sessions to receive traffic: (do this now) sudo iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT Look at “iptables -L” again. The new rules have been added. 2. What chain has been given a rule? Ans.) The chain given a rule is the INPUT chain. 3. What is the target (the value of its 'target' field)? Ans.) The target value is “ACCEPT”. 4. Which protocols are involved in the rule? Ans.) the protocols involved in the rule are tcp and icmp. Next, we will allow login to server01 from desktop using SSH (‘ exit’ closes an SSH session). Then allow website access using the browser. We will do both these steps using the rules below. Do not move on until both these services are working. Allow SSH access now: sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT This will allow any input coming on port 22 (ssh) by using the tcp protocol to be accepted. Allow http traffic too: sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT Allow ping to work as well so add that rule: sudo iptables -A INPUT -p icmp -j ACCEPT To drop traffic, you can use “-j DROP” - drop all the remaining traffic: sudo iptables -A INPUT
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
-j DROP Look at the rules now: sudo iptables -L These rules look pretty good. Let's save them. Keep a copy under your home directory: sudo iptables-save > /etc/iptables-save-yymmdd (use today’s date) sudo iptables-save > /your-home-dir-path/iptables-save-yymmdd Copy & paste your saved iptables rules here: 5. In an earlier lab, you may have added ‘server01’ to the /etc/hosts file in desktop . Remove (or comment out using #) this line(s) now. Test with desktop whether ssh allows you to login to server01 using the hostname – ex.: ssh jack@ server01 - Remember that Ctrl-C can be used to terminate a process. Can you login? [yes/no] NO 6. Explain the result you got. Answer: The result is likely that SSH cannot resolve the hostname server01 to an IP address because DNS is not allowed through the firewall. So far, we’ve accepted these services: ssh, http, and icmp... all others have been dropped. DNS is a service at the ‘Application’ layer of the TCP/IP Network model. That means it has been dropped as well. DNS is needed to do ‘name resolution’ - take a name like ‘eagle-vm’ or ‘sheridancollege.ca’ and resolve it to its corresponding IP address. In this step, DNS was not available, so ‘ssh’ reported the error: ‘Could not resolve hostname...’ 7. Now try login using server01’s IP address – ex.: ssh jack@192.168.33.7 - explain the result you got: This should work because the firewall rules allow SSH traffic on port 22. 8. Switch to server01. In Assignment 2 you added the ‘links’ browser. If you don’t have it, install it now. Access ‘google.ca’ using it. Explain the result: This may not work because the firewall rules do not allow outbound traffic on port 80 (HTTP). Now modify the /etc/iptables-save-yymmdd file and remove the entry for port 22. Take a look at the newly created file /etc/iptables-save-yymmdd. (A second option for managing rules is modifying this file, such as add/remove entries and then restore the file to memory). Restore firewall rules now with: sudo iptables-restore < /etc/iptables-save-yymmdd 10. Try step 7 (above) again and explain the result: This should work again because the rule for SSH on port 22 now is restored. 11. Paste a screenshot of your command and the result:
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Add the rule back (make sure that the rule is listed above the “-A INPUT -j DROP” in the iptables-save file). Do not forget to restore the iptables configuration to memory. 12. How many rules are in your firewall now? We are done looking at ‘iptables’. REMOVE THE IPTABLES RULES now BEFORE PROCEEDING TO WORK ON THE REST OF THE ASSIGNMENT: sudo iptables -F INPUT (then reboot your VM). 11.2 - TCP Wrappers (requires two Linux VMs) 1. Verify: you should be able to ‘ssh’ from desktop into server01 . On server01 , add the desktop IP addresses to ‘/etc/hosts.deny’ with the line: ALL: xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx is the ip address of your desktop – for multiple addresses, separate them with a comma). Save your change. Try to connect from desktop to server01 with ‘ssh’. 2. You should not be allowed to login. Do not move on until you get the error appearing. Consult your teacher if you are stuck here. Put a screenshot of your ‘ssh’ command and its output: 3. On server01 , add all the desktop IPs to /etc/hosts.allow with the line: sshd: xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx is the ip of desktop – use a comma-separated list if needed). Try to connect from desktop to server01 again. Were you successful? Why or why not? 4. Bring up the ‘man’ page for these two files: man 5 hosts.allow (or …deny) - study these pages and be knowing how they are used to allow or deny services. You are done. Hilight answers in YELLOW and submit this document to Slate.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

Windows OS Forensics.docx
Digital Forensics Concepts.docx
Lab 9-Lesson 6-Managing Kernel Modules (Activity 6-6)(1)-1.docx
DCOM 212 Lab 05 Web traff Trace Analysis.docx
DTLearner.pdf
14.3.5 Packet Tracer - Basic Router Configuration Review.docx
p1_martingale_report-1.pdf
p1_assess_learners_report.pdf
Midterm_solutions_CS412_Fall_23.pdf
Exploration14.m
HW03.py
Part 2 Privacy and Security Breaches.docx
Recommended textbooks for you
Text book image
EBK JAVA PROGRAMMING
Computer Science
ISBN:9781337671385
Author:FARRELL
Publisher:CENGAGE LEARNING - CONSIGNMENT
Text book image
Microsoft Visual C#
Computer Science
ISBN:9781337102100
Author:Joyce, Farrell.
Publisher:Cengage Learning,
Text book image
LINUX+ AND LPIC-1 GDE.TO LINUX CERTIF.
Computer Science
ISBN:9781337569798
Author:ECKERT
Publisher:CENGAGE L
Text book image
C++ Programming: From Problem Analysis to Program...
Computer Science
ISBN:9781337102087
Author:D. S. Malik
Publisher:Cengage Learning
Text book image
Programming Logic & Design Comprehensive
Computer Science
ISBN:9781337669405
Author:FARRELL
Publisher:Cengage
Text book image
C++ for Engineers and Scientists
Computer Science
ISBN:9781133187844
Author:Bronson, Gary J.
Publisher:Course Technology Ptr
SEE MORE TEXTBOOKS
Recommended textbooks for you
Text book image
EBK JAVA PROGRAMMING
Computer Science
ISBN:9781337671385
Author:FARRELL
Publisher:CENGAGE LEARNING - CONSIGNMENT
Text book image
Microsoft Visual C#
Computer Science
ISBN:9781337102100
Author:Joyce, Farrell.
Publisher:Cengage Learning,
Text book image
LINUX+ AND LPIC-1 GDE.TO LINUX CERTIF.
Computer Science
ISBN:9781337569798
Author:ECKERT
Publisher:CENGAGE L
Text book image
C++ Programming: From Problem Analysis to Program...
Computer Science
ISBN:9781337102087
Author:D. S. Malik
Publisher:Cengage Learning
Text book image
Programming Logic & Design Comprehensive
Computer Science
ISBN:9781337669405
Author:FARRELL
Publisher:Cengage
Text book image
C++ for Engineers and Scientists
Computer Science
ISBN:9781133187844
Author:Bronson, Gary J.
Publisher:Course Technology Ptr
SEE MORE TEXTBOOKS