Unit 3 Vocabulary Flashcards
home directory
every user has a “home directory” that bears their username. This is similar in concept to My Documents folder in Windows. (Linux default: /home/username/)
Flags
(to Linux commands) - options to modify command behaviors
Access Control
The selective process of allowing or restricting the availability of a recourse.
Owner
The user that owns the file
Group
A collection of users who have access to the file
Other/World
Everyone else
Read (r)
Read a file or look inside a directory, matrix # - 4
Write (w)
Write or modify a file or modify a directory’s contents matrix # - 2
Execute (e)
Execute or run a file, or go into a directory (using, for example, cd) matrix # - 1
Permission Matrix (drwxrwxrwx)
d = directory or file, 1st rwx = owner permissions, 2nd rwx = group permissions, 3rd rwx = others permissions
.sh
A script that executes commands when ran
Hidden files in Linux (begin with a .)
Hidden files don’t show up for the first ls command, only for ls -a or ls -la (ex: /.hideme)
Open source
Software that is freely available to anyone who wants to use it. Users can modify it and distribute it however they want
GNU Privacy Guard (gpg)
A command-line tool that lets you encrypt files with a variety of encryption algorithms
Shell
A program that allows a user to enter commands to interact with an operating system
Spawned
The act of starting or launching a process. The new process is a child process of a parent process; in other words, a parent process “spawns” a child process.
Background Process
A process in UNIX that runs without user input
Root Directory
In UNIX, the top-most directory denoted as /
Open Systems Interconnection (OSI) model
A collection of many network protocols. It uses abstraction at different levels of detail to define how network components see, interpret, and process network traffic.
Layers 1-7 (lowest first) acronym: Please Do Not Teach Students Pointless Acronyms
Layers 1-7 (lowest first): Physical, Data Link, Network, Transport, Session, Presentation, Application
Security Baseline
A starting point for data analysis. It is the initial data set used in later comparisons
Subnet
A smaller part of a larger network
Reconnaissance
The first phase of ethical hacking, which involves probing the network to understand its structure and to see what services are open and running
Scanning
The second phase of ethical hacking, which involves taking a closer look at the services and software running on the host
Compromise
The third phase of ethical hacking, which involves launching exploits at targeted vulnerabilities to see if they are genuine exposures on the system.
Remediation
The fourth and final phase of ethical hacking where the security professionals fix the system vulnerabilities uncovered in the previous phases.
Nessus
A security tool used to scan a system or network for known vulnerabilities. When a vulnerability is reported or discovered anywhere in the world, the engineers at Nessus add it to their program as a “plug-in”. An example of a vulnerability with a Nessus plug-in is a buggy version of MySQL that permits a DoS attack. Using its list of plug-ins, Nessus scans a system to determine whether this or other vulnerabilities are running on a system.
Metasploit
A collection of tools referred to as a framework. Pen testers use the Metasploit framework to perform penetration tests to help them develop exploits and build custom tests to asses weaknesses and vulnerabilities in a system or network. The Metasploit framework is very powerful and should be used in the most disciplined manner. The framework includes a console, a command line, and a web interface.
Security framework
A security framework is a series of defined processes used to test and expose the security that are in place on a system.
Packet
A general term for a chunk of data
Zenmap
A security tool that is the graphical version of a command-line tool that scans a network for hosts, open ports, and services.
Address Resolution Protocol (ARP)
Used to determine a device’s physical address (usually a MAC address) and map it to an IP address. ARP messages are implemented in layer 2, the data link layer.
Bash format
[user_name]@[machine_name]:[directory]$
beta@PLTW:~/Templates$
User beta is logged in to machine PLTW and the present working directory is Templates in their home folder (~/Templates)
UID
id of the user that launched the process
PID
Process ID of the unique process
PPID
Parent process ID that started or spawned this process
CMD
process or command name, often contains directory path to the executable
ftp port
21
ssh port
22
http port
80