General Linux Concepts Flashcards
Interpreters
– bash interpreter: A shell program, it is used as an interpreter.
> Location: /bin/bash
> starts always with #!
– other Linux interpreters: sh, csh, ksh, zsh, dash
– Windows powershell : Scripting environment
> good for server management
> system admin tasks can be run with cmdlets that are not accessible in cmd
> can pipe objects between cmdlets
– Other interpreters: Python, Ruby, C, Java, Pearl
A directory used to access data on a partition
Mountpoint
○ mount DEVICE MOUNT_POINT
○ mount /dev/sdb3 /opt OR umount /opt
When mounting “test” to the “home” directory it will be under: home/test
View
>df
Logical Volume Manager (LVM)
- can move/mount file systems
- can take snapshots> good for easy backups
- is the layer of obstruction on which the file system sits
- grows flexibly
tar
It is often referred to as a tarball for distribution or backup purposes. So .tar.gz is just a file format.
Tar is often used together with a with a compression method, such as gzip, to create a compressed archive as well as file.tar.gz (or file.tgz).
Use need: distribute the source code of an application or maybe a binary file to execute a program.
Networking with PCAP
PCAP=packet capture also PCAP in general as API for capturing network traffic
There are two libraries:
- libpcap for unix
-Winpcap for windows
In routed environment set interface to “promiscuous” mode, in switched environment set port to “mirrored.
What you can do:
- View Source and destination IP Addresses
- Extract attachment files from PCAP and reconstruct it
Competition: Nmap started Npcap with faster packet capture and security as compare to libpcap
PCAP= file extension (.pcap)
Open .pcap with Wireshark
PAM Basics
Linux’s Privileged Access Management
- Privileges Access Attacks. Elevating privileges>Its easier to attack a system from the inside
- Pluggable Authentication Module (mechanism) in Linux that is CENTRALIZED
Instead of each program quering the /etc/ passsword and etc/shadow file for authentication Linux services and applications go to PAM - lives at
/etc/pam.d OR etc/pam.d login and etc/pam.d/sshd
Linux Account types
- root, the superuser: can do anything, UID=0
- system accounts UID<1000. see in /etc/login.defs. with
>useradd -r system_account_name - chage -l account (shows account aging info to see if account has expired)
Network Security
- Network Services and daemons