LINUX - MANAGING FILES AND DIRECTORIES

 LINUX - MANAGING FILES AND DIRECTORIES

Creating Text Files

Create the software list file by using the Vim text editor
# vim software_list.txt
# Press i to enter into insert mode
# Type 
Apache HTTP Server
MySQL
Eclipse
OpenVAS
# Esc
# wq
# cat /software_list.txt






Open the file in Vim and correct a spelling error

  1. Enter vim software_list.txt to open the file. Remember that Vim opens in Command mode.

  2. Use the arrow keys to move the cursor down to the first instance of the text "Friefox".

  3. Position the cursor under the "i" in "Friefox".

  4. Press x to cut the letter "i".

  5. Move the cursor under the letter "F" and press p to paste the cut letter.

  6. Verify that the line now correctly says "Firefox".

Use the search functionality built into Vim to find and correct the other instance of the spelling error

  1. Enter "/Frie" to search for the next occurrence of the misspelled name.

    You use the / to create a command prompt at the bottom of Vim and then you enter the text you wish to search for.

  2. Correct the name so that it says "Firefox".

Fix the casing of one of the software names

  1. Press k to go up line-by-line until you reach the line that says "openVAS" (note the lowercase "o").

  2. Press ^ (Shift+6) to go to the beginning of the line.

  3. Press x to delete the first letter.

  4. Press i to enter Insert mode, then type an uppercase O

  5. Press Esc to exit Insert mode and return to Command mode

Delete a duplicate line and save the file

  1. Press j to go down line-by-line until you reach the second line that mentions "Apache".

  2. Press d twice to delete the entire line.

  3. Enter :wq to write your changes and quit the file

Open the file in GNU nano and make a correction

  1. Enter nano software_list.txt to open the file in the nano text editor.

    The nano text editor is common on many Linux distros. You should know the basics of both Vim and nano.

  2. Use the arrow keys to move to the "Y" under the "Configured?" column for "Eclipse".

  3. Press Delete.

  4. Type N


Remove a duplicate line

  1. Navigate down to the second instance of "LibreOffice".

  2. Press Ctrl+K to cut the duplicate line.

    Note that some of the most common key commands for nano are displayed at the bottom of the window. There are many other key commands as well.

Add another entry to the file

  1. Navigate to the beginning of a new line at the bottom of the file.

  2. Type Apache-Tomcat

  3. Press Tab until the cursor is under the "Version" column.

    You can also use the spacebar for more precise alignment.

  4. Type 9.0.12

  5. Place the cursor under the "Installed?" column and type N

  6. Type N under the "Configured?" column.

  7. Press Ctrl+O "write out" or save you changes to the file.

  8. Press Enter to save the file.

  9. Press Ctrl+X to exit GNU nano.

  10. Enter cat software_list.txt to display the file.

Searching for Files

Search for the location of system log files.

  1. Enter sudo find / -type d -name 'log' to search the root of the filesystem / for a directory d with a name that includes the string log.

  2. Verify that there are several locations on the root volume that contain the word "log".

  3. Enter sudo find / -type f -name 'messages' to search the root of the filesystem / for a file f with a name that includes the string messages.

  4. Verify that the location of the messages log is identified as /var/log/messages

  5. Enter sudo find /var/log -type f -size +100k to search for log files that are greater than 100 KB in size.


























Pick one of the files in the results and enter ls -lh /var/log/[file name] to verify that it is indeed greater than 100 KB in size





Enter sudo find /var/log -type f -mmin -30 to search for log files that have been updated within the last 30 minutes.
Verify that one of the files in the results has a timestamp within the last 30 minutes: 
# sudo ls -l /var/log/audit/audit.log

  1. Enter sudo find /var/log -type f -size 0 -or -size +100k -mmin -30 to search for log files that are either empty or above 100 KB, and have been updated in the last 30 minutes.

  2. Verify that these conditions are accurate for at least one of the files.


Manipulating Files and Directories

  1. Enter cp -r /opt/linuxplus/managing_files_and_directories/aups ~ to copy the aups directory to your home directory.

    This copies the aups directory to your home directory, leaving its original location intact.

  2. Enter cd aups to change directories.

  3. Enter ls -l and verify there are five files, three of which are marked as "OLD" and have inconsistent file names.



Create a new directory and move the most recent policy files into it

  1. Enter mkdir ../policies to create a new directory.

  2. Enter mv aup_v1.txt ../policies to move the file.

  3. Enter mv aup_v2.txt ../policies to move the file.

  4. Enter ls -l and verify that these two files are no longer in this directory.

  5. Enter cd ../policies to change to the policies directory.

  6. Enter ls -l and verify that the two recent files are now in this directory.

Create placeholder files for future policies

  1. Enter touch user_sec_policy.txt to create a new empty file named user_sec_policy.txt

    Enter ls -l and verify that a blank file with this name was created.

  2. Use touch to create three more blank files in ~/policies with the following names:

    • server_sec_policy.txt

    • email_policy.txt

    • clean_desk_policy.txt

  3. Enter ls -l and verify that the files exist.
















Delete the aups directory and its contents as it is no longer needed

  1. Enter rmdir ../aups

  2. Verify that you cannot remove this object because it is a directory with contents.

    You need to specify the -R (recursive) option with rm in order to delete non-empty directories.

  3. Enter rm -R ../aups to delete the directory and its contents.

  4. Enter ls .. and verify that the aups directory is gone, as are the old policy files.




Processing Text Files

Sort the software list file by name, then by which packages need to be installed and/or configured.

  1. Enter cd ~ to return to your home directory.

  2. Enter cat software_list.txt to review the column structure of this file.

  3. Enter sort -k1 software_list.txt

    Verify that the list was sorted by the first column, which is the name of each software package. However, the sort operation was not perfect, as the column headers were included. There are several ways to stop this from happening, one of which you'll perform in a later topic.

  4. Enter sort -k3 software_list.txt to sort by the "Installed?" column.

  5. Sort by the "Configured?" column.




Retrieve the word count of the AUP files.

  1. Enter cd policies to change directories.

  2. Enter wc -w aup_v1.txt

    Verify that you can see the word count of version 1 of the AUP policy file.

  3. Enter wc -w aup_v1.txt aup_v2.txt

    Verify that you can see the word counts of both versions of the file, as well as a combined total.

  4. Enter diff aup_v1.txt aup_v2.txt to display the differences between the two files.

    Verify that you are presented with the differences between each file, as well as suggested actions.

    The differences are as follows:

    • 33a34,41 means that after line 33 in the first file (version 1), lines 34–41 from the second file (version 2) need to be added in order for that chunk of text to be the same.

    • The multiple > symbols indicate each line that must be added to the first file in order to be the same as the second file.

    • In other words, the HR lead added this entire new section to version 2 of the policy.

    • 35a44 means that at line 35 in the first file, line 44 from the second file needs to be added in order for the text to be the same.

    • In other words, the HR lead added an entry to the revision history explaining her changes.















Search the authentication log for failed login attempts.

  1. Enter sudo cat /var/log/secure to display the contents of the secure log file.

    Verify that there are many entries in the authentication log.

    Rather than read the entire log or search term-by-term for failure entries, you can use grep to bring all of the relevant information to the forefront with one command.

  2. Enter su - ariley and provide an incorrect password to simulate an authentication failure.

    Do not actually sign in. The purpose of this step is to generate a message in the log file.

  3. Enter sudo grep failed /var/log/secure to search for the string failed in the secure log file.

    Verify that you are presented with all lines in the log containing the text string "failed".








Ceate a hard link between the log files

  1. Enter sudo ln auth/secure year/secure

    This creates a hard link to the file in the auth directory.

  2. Enter ls -l year and verify that a file was created in the year directory.

  3. Enter sudo cat year/secure and verify that its contents are the same as the authentication log.

    You can run diff auth/secure year/secure if you want to be sure.

  1. Enter sudo nano auth/secure

  2. Press Enter to start a new line at the top.

  3. Type BEGIN LOG ##-#### where the hashes are the current month and year.

    For example: BEGIN LOG 01-2019

  4. Press Ctrl+O then ENTER to save.

  5. Press Ctrl+X to quit.

  6. Enter sudo head year/secure and verify that the header you just added was also added to the hard link file.

  1. Enter sudo rm auth/secure

  2. Enter sudo cat year/secure and verify that the hard link file's contents are still intact.

  1. Enter cd ~ to return to your home directory.

  2. Enter sudo ln /backup/log/year/secure auth-log

  3. Verify that the operation failed.

    You cannot create hard links across different file systems, and the home directory and the backup log directory are on different file systems. To get around this, you must create a soft (symbolic) link.




  1. Enter ln -s /backup/log/year/secure auth-log

  2. Enter sudo cat auth-log and verify that your link has the expected log contents.

  1. Enter sudo rm /backup/log/year/secure

  2. Enter sudo cat auth-log and verify that so such file exists.

  3. Enter ls -l and verify that the file is a broken link.

    You should see red text pointing to text with a black background indicating that the link is broken.

  4. Enter rm auth-log to delete the symbolic link.























se output redirection to start adding text to the laptop inventory file.

  1. Enter touch laptop_inv.txt to create a blank file.

  2. Enter echo "User Make Serial No." > laptop_inv.txt

    Separate each column by four spaces.

  3. Enter cat laptop_inv.txt and verify that the text output to the file.





Use output redirection to append text to the file.

  1. Enter echo "jsmith Asus S489124" > laptop_inv.txt

  2. Enter cat laptop_inv.txt and verify that the header was replaced by this new row.

    This is because the > operator replaces any existing text with the provided string. You need to append that text.

  3. Reenter echo "User Make Serial No." > laptop_inv.txt

    Remember, you can press the Up Arrow to return to a command you previously entered.

  4. Enter echo "jsmith Asus S489124" >> laptop_inv.txt

    Again, separate each column by four spaces.

    This time, you're using the append operator >>.

  5. Verify that the file has both the header and the first row.









Use input redirection to replace all instances of a mistyped character in the file.

  1. Enter cp /opt/linuxplus/managing_files_and_directories/laptop_inv.txt laptop_inv.txt

    This will update your copy with a filled-in one.

  2. Examine the file and verify that the Asus serial numbers incorrectly start with the capital letter "S".

  3. Enter tr S 5 < laptop_inv.txt

  4. Verify that the instances of "S" were replaced with "5" and that the file was printed to the CLI.
























Use both input and output redirection at the same time to create a new file with the corrections.

  1. Enter tr S 5 < laptop_inv.txt > laptop_inv_fix.txt

  2. Examine the corrected file and verify that the appropriate correction was made.















Use piping to sort the inventory list without the header.

  1. Enter sort -k1 laptop_inv_fix.txt to sort the contents.

    Observe that, just like sorting the software list earlier, the header is included in the sort when it shouldn't be.

  2. Enter tail -n +3 laptop_inv_fix.txt | sort -k1

    The tail -n +3 command outputs everything after and including the third line, which is when the header ends. You are piping the output of this command to the sort command, which takes it as input.

    Verify that the inventory is now sorted by user name, but does not include the header.




Use the tee command to redirect output to both the CLI and a file at the same time.

  1. Enter sudo ls -lR /backup > backup_report

    Verify that ls didn't print its results to the CLI.

  2. Enter sudo ls -lR /backup | tee backup_report

    Verify that ls did print its results to the CLI.

    This is because piping the ls command to tee instead of doing a stdout redirect ensures that the results will appear at both the CLI and the specified file.

    Examine the backup_report file and verify that it also lists directory information.

Use grep and cut together to make log analysis easier.

  1. Enter sudo grep 'password check failed' /var/log/secure

    This prints all instances of the text "password check failed" from the authentication log. However, it also prints every single part of the line, much of which isn't relevant and just adds to the noise.

  2. Enter sudo cut /var/log/secure -d " " -f5-12

    The cut command, using the -d option, trims each line using a space as a delimiter. The -f5-12 option specifies the range of the delimiter to extract. So, you're only extracting approximately the middle chunk of each line. However, you're still seeing every line of the log.

  3. Enter sudo grep 'password check failed' /var/log/secure | cut -d " " -f5-12

    Verify that you extracted all lines matching the provided string, as well as only the portion of the line that is relevant to your needs.











Comments

Post a Comment

Popular posts from this blog

Install Gophish and Start Your Phishing Campaign

Image
Install Gophish on Kali Linux and Start Your Phishing Campaign  Installing go programming language # source ~/.bashrc # sudo apt install -y golang # sudo vim helloworld.go  # go run helloworld.go # sudo vim ~/.bashrc Add the following paths to the end of the file export GOPATH=/root/go-workspace export GOROOT=/usr/local/go PATH=$PATH:$GOROOT/bin/:$GOPATH/bin Installing gophish using pre-built binaries Download the  gophish installer  and extract the contents of the zip file # unzip gophish-v0.11.0-linux-64bit.zip -d /home/kali/Downloads/gophish Give Gophish necessary permissions Give the gophish the necessary permissions to run without permission restrictions: # sudo chmod +x gophish Running gophish # ./gophish Logging into gophish  Go to the admin server at https://127.0.0.0:3333. Setting up gophish sending profile New Sending Profile Note : Create an application-specific password on Gmail. First, enable 2-step verification: Send Test Email Received the test em...
Read more

Hướng dẫn cách đọc và hiểu thông số firewall - tường lửa

Image
  Hướng dẫn cách hiểu thông số firewall - tường lửa 17/01/2021 09:00 Chắc hẳn trong chúng ta khi tìm hiểu các mẫu mã và thông số firewalls (tường lửa) để mua cho công ty, ai cũng thấy bối rối khi đọc các thông số kỹ thuật. Vậy làm cách nào để có thể hiểu được các thông số cơ bản của firewalls? Firewall Throughput Thông thường, chỉ số này được ghi là Mbps (megabits per second) hoặc Gbps (gigabits per second). Đây chính là lượng traffic có thể đi qua tường lửa tài một thời điểm. Thông số này có vẻ quan trọng, nhưng thực ra nó...không có ý nghĩa gì lắm. Thực ra con số này chỉ là con số thô, chỉ đo lượng traffic đi qua firewall mà không tính đến việc quét virus, lọc nội dung (content filtering), ngăn chặn xâm nhập (intrusion prevention), kiểm tra thất thoát dữ liệu và các bước tương tự. Con số còn có thể thay đổi theo giao thức (protocol) và kích cỡ gói tin (packet). Thông số Throughput thậm chí quan trọng hơn cho việc chia lớp mạng nội bộ (network segmentation). Khi tường lửa được sử ...
Read more

How to install GVM/OpenVAS to scan vulnerabilities on Kali Linux?

Image
How to install GVM/OpenVAS to scan vulnerabilities on Kali Linux? First, you need to upgrade your Kali Linux environment. Before conducting an upgrade, it is recommended that you enter the following command so that the list of available packages and their versions is updated beforehand (without installing or upgrading any packages): # sudo apt-get update After that, installing newer versions of the packages you have (As mentioned previously, because the lists have bee updated, the package manager is aware of available updates for the software you have installed): # sudo apt full-upgrade -y Note: you can use the combo command " apt-get update && apt-get upgrade"  to do both steps after each other. After that, install gvm or openvas (opevas used to be the name for this scanning tool, and it was then changed to gvm. Currently, openvas refers to scan engine. However, if you choose to install opevas, it will refer to gvm): # sudo apt install gvm Then, check the prerequisit...
Read more