Local settings temporary internet files content ie5 wl2c8e1d j0411667 1 jpg
This presentation is the property of its rightful owner.
Sponsored Links
1 / 52

..\..\Local Settings\Temporary Internet Files\Content.IE5\WL2C8E1D\j0411667[1].jpg PowerPoint PPT Presentation

  • Uploaded on
  • Presentation posted in: General

..\..\Local Settings\Temporary Internet Files\Content.IE5\WL2C8E1D\j0411667[1].jpg. Week Ten Agenda. Announcements Link of the week Review supplemental information Review week nine lab assignment Week ten expected outcomes Next lab assignment Break-out problems Upcoming deadlines

Download Presentation

..\..\Local Settings\Temporary Internet Files\Content.IE5\WL2C8E1D\j0411667[1].jpg

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript

Local settings temporary internet files content ie5 wl2c8e1d j0411667 1 jpg

..\..\Local Settings\Temporary Internet Files\Content.IE5\WL2C8E1D\j0411667[1].jpg

Local settings temporary internet files content ie5 wl2c8e1d j0411667 1 jpg

Week Ten Agenda

  • Announcements

  • Link of the week

  • Review supplemental information

  • Review week nine lab assignment

  • Week ten expected outcomes

  • Next lab assignment

  • Break-out problems

  • Upcoming deadlines

  • Lab assistance, questions, and concerns

Link of the week

Link of the week

Protocol Directories

This web site is a protocol directory. It provides a break down of TCP/IP, VoIP, Cellular, and general protocols.


This web site Network Protocol Suite Directory and Index

Sites contains software, books, tools, and services.


Network communication is defined by network protocols.

Link of the week1

Link of the week

Define: Network Protocol serves as a communication language among computing devices. A network protocol facilitates device identification and data transfer. What type of things are determined by a network protocol?

  • Type of error checking to be used.

  • Data compression method to be used.

  • How the sending device will indicate that it has finished sending a message.

  • How the receiving device will indicate that it has received a message.

Review week nine

Review Week Nine

Physical Link


ln small_passwd small_passwd_hard

-rwx---r-x 2 dandrear faculty 402 Mar 1 10:43 small_passwd

-rwx---r-x 2 dandrear faculty 402 Mar 1 10:43 small_passwd_hard

A physical link provides an additional path to the data.

Most all file name entries in a directory are hard links.

Review week nine1

Review Week Nine

Symbolic Link


ln –s small_passwd small_passwd_soft

lrwxrwxrwx 1 dandrear faculty 12 Mar 7 12:22 small_passwd_soft -> small_passwd

Symbolic links allow data to be referenced across different file systems (no restrictions) and serve as another path to access the data.

lrwxr-xr-x 1 root root 22 May 12 2004 grub.conf -> ../boot/grub/grub.conf

lrwxrwxrwx 1 root root 10 Jun 28 2005 rc3.d -> rc.d/rc3.d

Review week nine2

Review Week Nine

“Initializing” or “booting” the machine

The startup process of a computing system is the installation of software. Many pieces of the software are configured into subsystems and are interdependentupon each other.

Both Red Hat Linux and Solaris are based on theUNIX System Vboot up procedure.

Review week nine3

Review Week Nine

Steps involved in the boot procedure

CPU mode is set to RESET

CPU is pre-programmed to begin execution at hex address 0Xfffffff0. Address 0Xfffffff0 is mapped to ROM (Read Only Memory). This ROM (BIOS ) address contains a set of routines that are burnt on the chip.

Review week nine4

Review Week Nine

“Initializing” or “booting” the machine

The I/O routines on the BIOS continue the boot process by reading Track 0, Sector 1 of the hard disk. This is the location of the Master Boot Record (MBR). The size of the MBR is 512 bytes. The MBR contains the disk partition tables, and executable code which is the first part of the boot loader. The MBR is independent of the kernel.

In Linux operating systems, most modern boot loaders (such as LILO or GRUB), users can change which process the kernel spawns at the end of its initialization from the normal default of /sbin/init file.

The boot loader is responsible for loading the kernel into memory. Boot loaders are independent of the operating system and are executable code found inside the MBR. The boot loader must share the 512 bytes with the partition table.

Review week nine5

Review Week Nine


When Unix was written over 40 years ago, one unusual design feature was that every physical device connected to the computer was represented as a file.

There are differences between devices that is apparent. Disk devices are random-access, and others like terminals are sequential-access.

A practical difference is that filesystemscan only be mounted on block devices, not on character ones. For example, tapes are character devices. It is possible to copy the contents of a raw, quiescent (unmounted and not being modified) filesystem to a tape, but you will not be able to mount the tape, even though it contains the same information as the disk.

Review week nine6

Review Week Nine

Define: Linux initrd

The /dev/initrd file is a read-only block device. Device /dev/initrd is a RAM disk that is loaded by the boot loader into memory before the kernel is started. The kernel utilizes this block device for a two phased system boot-up.

During the first phase, the kernel starts up and mounts an initial root filesystem from the contents of the /dev/initrd (RAM disk initialized by the boot loader).

The second phase, additional drivers or other module information are loaded from the initial root device as contents. After loading all modules, a new root filesystem (/etc/fstab) is mounted from a different device.

Review week nine7

Review Week Nine

Block Device

Define: Block device is a device you can read blocks of information. Some block devices are CDROM, hard disk, and floppy disks.

The following dd statement reads one 512 byte record.

dd if=/dev/sda1 of=/dev/null count=1


ls –l /dev/initrd

brw-rw---- 1 root disk 1, 250 Jun 24 2004 initrd

Review week nine8

Review Week Nine

Role of the kernel

Once the drivers have been loaded, execution is turned over to the kernel.

The kernel then executes a series of steps.

- Determines memory size

- Initializes Data Structure

- Mount root partition

- Hardware Configuration

Kernel configures information based on probing the system bus, and querying drivers for information. Devices that are missing drivers are considered disabled.

- Hand crafted/Spontaneous processes.

Review week nine9

Review Week Nine

Linux Kernel Data Structure (task_struct)

The task_struct data structure contains the following fields:

- Process state


returning from system call

processing an interrupt routine

processing a system call



- Processes priority

Review week nine10

Review Week Nine

-Clock ticks (10ms intervals) which the process can continue executing without forced rescheduling.

- Error number of the last faulting system call

- Describe a processes:

original parent, parent, youngest child, younger sibling, and finally older sibling.

- Process ID

- Timing information; for example, the amount of time the process has spent in user mode.

Review week nine11

Review Week Nine

Linux Kernel

The Linux kernel process table is a data structure that describes all processes that currently exist.

The process table is implemented as an array of pointers to task structures.

The kernel process table is limited in size to 512 entries and has its own block size. All Linux blocks are currently 1024 bytes.

Review week nine12

Review Week Nine

Review week nine13

Review Week Nine

Review week nine14

Review Week Nine

Review week nine15

Review Week Nine

Role of the init process

The kernel starts a few spontaneous/handcrafted processes in user space. The origin of the init process is from the kernel and not the fork and execute procedure. The init process has Process ID (PID) of one (1) and a Parent Process ID of zero (0).

The init process is the ultimate parent in the running system and plays an important role in the startup process. All future processes on the system are descendents of the init process.

Once the system processes are created, then the kernels work is basically completed.

Review week nine16

Review Week Nine

The init process performs the following tasks:

Executions the /etc/rc.d/rc.sysinit script

Sets the system clock

Activates the paging process

Starts the RAID devices

Check and mounts other file systems

Executes the /etc/inittab script

Execution of run commands

Switch to multi user mode

After the run commands (rc) have executed, the system is fully operational.

Review week nine17

Review Week Nine

init process

It looks for the file /etc/inittabto see if there is an entry of the type initdefault. The initdefault entry determines the initial run level of the system.

Display: /etc/inittab file

Review week nine18

Review Week Nine

init login process

1. Init process spawns the getty or minigetty process.

2. The getty process invokes the login process. After the user name has been entered, it is passed to the login process.

3. The login process prompts the user for a user password, and verifies it. If authentication is successful, the user’s shell is created.

Otherwise, a failure causes an error message, ends and then init process will respawngetty or minigetty.

4. The user’s preferred shell will be invoked creating a session. Eventually, the user will logout.

Review week nine19

Review Week Nine

Review week nine20

Review Week Nine

In UNIX, a process is a name given to a program being executed by the operating system.

In Linux, that same program is referred to as a task or process. Linux considers both names as the same.

A process consist of:

- Program code, data, and stack

- Open files (stdin, stdout, stderr)

- System data structures

- Environment (terminal type, user login directory, $HOME)

A Linux system will share code and system libraries among processes so that memory can be conserved and only keep one copy of the code is in memory at a time.

Review week nine21

Review Week Nine

Each Linux process is allocated a unique process identifier (PID). The range of PIDs is usually between 2 and 32,768.

Review week nine22

Review Week Nine


A process can be terminated several ways:

- Foreground process by typing Ctl-C

- Background process with PID=n and typing

kill [option] -n

Zombie Process

A child process that terminates before its parent but still has an entry in the process table. This entry still needs to allow the process that started the zombie process to read its exit status.

Orphan Process

Is a process that is still executing, but whose parent has died.

An orphan process is eventually adopted by the init process.

Review week nine23

Review Week Nine


Processes go through various process states during their existence. These transitory states are managed by the operating system (OS). The specifics of these process states vary from one OS to another, as well as the state names.

Process states:

  • Created (fork and exec)

  • Waiting(process scheduler - load from secondary storage to main memory)

  • Running(after a process is assigned a processor by a short –term scheduler, context switch is performed)

  • Blocked (waiting for resources - user input or secondary storage input. Then process is moved back to “waiting” state)

  • Terminated(finished execution, waits to be removed from main memory)

Review week nine24

Review Week Nine

Process Summary

In Unix-like operating systems, the kernel is invoked when a process issues a system call.

All processes have owners.

Processes transition through various states.

When an original process (parent) creates or spawns another processes (child), it inherits the file access and execution privileges belonging to the parent (basic frame work of the parent).

Review week nine25

Review Week Nine

Define Thread

The amount of work performed by a process or task.

- A single threaded process is a process only performs one task.

- A multi-threaded process is a process that performs multiple tasks concurrently without incurring additional overhead needed to create a new process.

Review week nine26

Review Week Nine

System run levels

0 - Halt system

1 - System maintenance

2 – Multi-user mode (NFS inoperative)

3 – Full Multi-user mode (remote file sharing state)

4 – unused

5 - X11 (X Window System for graphical desktop environment)

6 - Shutdown

Review week nine27

Review Week Nine

Shutdown command

One commonly issued form of this command is shutdown -h now, which will shut down a system immediately. Another one is shutdown -r now to reboot. Another command format allows the user to specify an exact time or a delay before shutdown: shutdown -h 20:00 will turn the computer off at 8:00 PM, and shutdown -r -t 60 will automatically reboot the machine within 60 seconds (one minute) of issuing the command.

Review week nine28

Review Week Nine

The complete syntax of the Linux version of the command is:

usage: shutdown [-akrhfnc] [-t secs] time [message]

-a use /etc/shutdown.allow

-k don't really shutdown, only warn

-r reboot after shutdown

-h halt after shutdown

-f do a 'fast' reboot (skip fsck)

-F force fsck on reboot

-n do not go through "init" but go down real fast

-c cancel a running shutdown

-t secs delay between warning and kill signal

Review week nine29

Review Week Nine

Kill Command


The command kill sends the specified signal to the specified process or process group. As a precaution, avoid indiscriminate use of the kill command on jobs involving text editors, databases programs, mail programs, or any other program that has a large amount ofuser interaction. The kill command terminates a job without saving any of the user input or program results.

kill –l

Week ten eleven twelve expected outcomes

Week Ten, Eleven, Twelve Expected Outcomes

Upon successful completion of this module, the student will be able to:

Manipulate user accounts.

  • Describe how cron is used to invoke repetitive processes.

  • Manipulate process structure including: A. fork/execute, B. Initialization process, C. Background/foreground, D. PS tool.

  • Explain basic UNIX and Linux security issues.

  • Describe disk and file system structure.

  • Use backup and restore archival operations on a system.

  • Establish network services.

  • Investigate the structure of the LDAP directory using LDAP commands.

Next lab assignment

Next Lab Assignment

Define fork()

Create a new process that is a clone of its parent. The clone reflects only the basic components of the parent, not the parents resource usage, semaphores, and pending signals.

Define exec

Overlay the calling process virtual memory with a new program, and transfer control to it.


Exit with a status, destroying the process.

Parent process waits for exit (or other status change) of a child.

Next lab assignment1

Next Lab Assignment

Password File

Location: /etc/passwd

Field separators: Colon (:)

File format:



dandrear:x:1020:1021:dandrear user:/export/home/dandrear:/bin/bash

Permissions on Einstein:

-rw-r--r-- 1 root root 1636 Aug 16 10:37 /etc/passwd

Next lab assignment2

Next Lab Assignment

Password File

  • Username: It is used when user logs in. It should be between 1 and 32 characters in length.

  • Password: An x character indicates that encrypted password is stored in /etc/shadow file.

  • User ID (UID): Each user must be assigned a user ID (UID). UID 0 (zero) is reserved for root and UIDs 1-99 are reserved for other predefined accounts. Further UID 100-999 are reserved by system for administrative and system accounts/groups.

  • Group ID (GID): The primary group ID (stored in /etc/group file)

  • User ID Info: The comment field. It allow you to add extra information about the users such as user’s full name, phone number etc. This field use by finger command.

  • Home directory: The absolute path to the directory the user will be in when they log in. If this directory does not exists then users directory becomes /

  • Command/shell: The absolute path of a command or shell (/bin/bash). Typically, this is a shell. Please not it does not have to be a shell.

Next lab assignment3

Next Lab Assignment

Shadow File

Location: /etc/shadow

Field separators: Colon (:)

File format:




Permissions on Einstein:

-r-------- 1 root root 1107 Sep 5 15:24 /etc/shadow (Permission denied)

Next lab assignment4

Next Lab Assignment

Shadow File

  • User name : It is your login name

  • Password: It your encrypted password. The password should be minimum 6-8 characters long including special characters/digits

  • Last password change (last changed): Days since Jan 1, 1970 that password was last changed

  • Minimum: The minimum number of days required between password changes i.e. the number of days left before the user is allowed to change his/her password

  • Maximum: The maximum number of days the password is valid (after that user is forced to change his/her password)

  • Warn : The number of days before password is to expire that user is warned that his/her password must be changed

Next lab assignment cont

Next Lab Assignment (cont)

  • Inactive : The number of days after password expires that account is disabled

  • Expire : days since Jan 1, 1970 that account is disabled i.e. an absolute date specifying when the login may no longer be used

  • Unused field:

Next lab assignment5

Next Lab Assignment

Group File

Location: /etc/group

Field separators: Colon (:)

File format:

Group name:Password:GID:User_list




Permissions on Einstein:

-rw-r--r-- 1 root root 833 Aug 16 10:37 group

Next lab assignment6

Next Lab Assignment

Group File

Group name: Name of the group.

Password: The group password would be encrypted. If this field is empty, no password is needed.

GID: The numerical group ID and/or unique group identifier.

User_list: All the group member's user names, separated by commas.

Next lab assignment7

Next Lab Assignment

Next lab assignment8

Next Lab Assignment

Next lab assignment9

Next Lab Assignment

Next lab assignment10

Next Lab Assignment

Linex Security Features

Network daemon – Linux uses xinetd to monitor all configured ports and starts system resources usage only on-demand, since the daemons aren’t running all the time. Security and resource usage is the main objective..

Chroot jail – Utilized by Linux and UNIX OS to create an artificial root directory. Creating a temporary root directory prevents a program from accessing or modifying files outside the directory hierarchy starting at its root. Chroot affects only the current process and its child processes.

The files need to be placed in the jail directory (such as /users) in directories that mimic their placement in the root (/) file system. So you need to copy all required files. For example, /usr/bin/rssh is located on / file system. If your jail is located at /users, then copy /usr/bin/rssh to /users/usr/bin/rssh.

Next lab assignment11

Next lab assignment

SELinux developed by the U.S. National Security Agency (NSA), implements Mandatory Access Control (MAC) in the Linux kernel. MAC enforces security policies that limit what a user or program can do. It defines a security policy that controls some or all objects, such as files, devices, sockets, and ports, and some subjects like processes. Utilizing SELinux, you can grant a process only those permissions it needs to be functional.

TCP Wrapper is part of the client/server model, and can be used with any daemon that is linked against libwrap.a, and relies on the /etc/hosts.allow and /etc/hosts.deny files as the basis of a simple access control language. This access control language defines rules that selectively allow clients to access server daemons on a local system based on the client’s address and the daemon the client tries to access.

Next lab assignment12

Next lab assignment

Security Features

iptables utility builds and manipulates network packet filtering rules in the Linux kernel. You can use iptables to create a firewall that protects a system from outside intruders.

Break out problems

Break-out problems

1. Kill -l

2. What is a zombie process?

3. What files are updated on a Linux system when a new user is added?

4. fork()

5. What information is stored in the /etc/passwd file?

6. What information is stored in the /etc/shadow file?

7. What information is stored in the /etc/group file?

8. What is a background process?

9. What is a foreground process?

10. What is an orphan process?

11. What function does the kernel perform?

12. nice command

13. init process

Upcoming deadlines

Upcoming Deadlines

Lab Assignment 9-1, Startup/Shutdown is due November 14, 2010.

Lab Assignment 10-1, Account Script /LDAP paper is due November 21, 2010.

Lab Assignment 10-2, Process Exercise is due November 21, 2010.

Lab Assignment 11-1, Knoppix File System Exercise is due November 28, 2010.

Final exam outline will be available on November 28, 2010.

Lab assistance questions and answers

Lab assistance, questions and answers




I will be available after this Franklin Live session to discuss any problems and/or concerns regarding lab assignments.

  • Login