Week Thirteen Agenda

Week Thirteen Agenda• Announcements

Next weeks agenda:Student Open Source presentationsJuly 30 and August 6Final exam outline has been email to

class• Link of the week• Review week twelve lab assignment• Week eleven expected outcomes• Next lab assignment• Break-out problems• Review True/False Final Exam• Upcoming deadlines• Lab assistance, questions, and comments

Week Thirteen Agenda• Section V1WW ITEC 400 Open Source Presentations• July 30, Week 14

1. Student name: Tina Best• Open source topic:: Fog (week 14)

2. Student name: Tara Paider• Open source topic: Gephi (week 14)

3. Student name: Scott Reed• Open source topic: Android (week 14)

4. Student name: Tom Bebo• Open source topic: Pure FTPd (week 14 )

5. Student name: Colin Ritchason• Open source topic: Wireshark (week 14)

Week Thirteen Agenda6. Student name: Kevin Hoover• Open source topic: Filezilla (week 14)

7. Student name: Jesse Vanslyke• Open source topic: Drupal (week 14)

8. Student name: Kate Elbert• Open source topic: Apache Web Server (week 14)

9. Student name: Ray Carter• Open source topic: Eclipse (week 14)

10. Student name: Lauren Middleton• Open source topic: Amaya (week 14)

Week Thirteen Agenda

• Students are encouraged to email their Power Point presentations to me prior to the class session. Prior to your presentation, I will bring up your Power Point file and advance the slides during the presentation.

Link of the week

HTML Tutorialhttp://www.w3schools.com

Purchase CGI scriptshttp://www.cgiscript.net

"How to Create Your Own Home Page" Home Pagehttp://www.intergalact.com/hp/part3/part3.html

CGI Programming FAQ by Nick Kews http://www.webthing.com/tutorials/cgifaq.html

Introduction to CGI Scriptshttp://linux.die.net/man/3/cgi

Link of the weekCommon

In the sense that there are many programming languages that scripts can be written in and interact with different types of systems. The user isn’t limited to just one way.

GatewayCGI strengths lie in not only what it can do itself, but with it’s potential access it offers to other systems (databases/graphic generators).

InterfaceCGI provides a well-defined way to call up its features. The interface between the CGI script and the Web server is fixed.

Link of the week

Define: CGI (Common Gateway Interface) script

CGI is the standard for interfacing with external applications and information servers. The information servers can be HTTP or Web servers. The CGI scripts provide a more dynamic avenue for information servers to pursue rather than as a HTML file server.

Review Week Twelve Lab Assignment PROCESS STATE CODES (man ps command)

D uninterruptible sleep (usually IO)R runable (on run queue)S sleepingT traced or stoppedZ a defunct ("zombie") process

For BSD formats and when the “STAT" keyword is used, additional letters may be displayed:

W has no resident pages< high-priority processN low-priority taskL has pages locked into memory (for real-time and custom IO)

Use the ps -aux | less command to display the above mentioned codes listed under the STAT column heading.

Review Week Twelve Lab Assignment

PROCESS STATE Code

USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMANDroot 1 0.0 0.0 1424 488 ? S Oct19 0:24 initroot 2 0.0 0.0 0 0 ? SW Oct19 0:00 [migration/0]root 3 0.0 0.0 0 0 ? SW Oct19 0:00 [migration/1]root 4 0.0 0.0 0 0 ? SW Oct19 0:00 [migration/2]root 5 0.0 0.0 0 0 ? SW Oct19 0:00 [migration/3]root 6 0.0 0.0 0 0 ? SW Oct19 0:00 [keventd]root 7 0.0 0.0 0 0 ? SWN Oct19 0:00 [ksoftirqd/0]root 8 0.0 0.0 0 0 ? SWN Oct19 0:00 [ksoftirqd/1]root 9 0.0 0.0 0 0 ? SWN Oct19 0:00 [ksoftirqd/2]root 10 0.0 0.0 0 0 ? SWN Oct19 0:00 [ksoftirqd/3]

VSZ – virtual memory usage of the entire process.RSS – non-swapped physical memory that a task has used.

Review Week Twelve Lab Assignment

PROCESS STATE Code/export/home/dandrear>ps ux

USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND

dandrear 9170 0.0 0.0 1580 584 pts/0 S 10:53 0:00 -kshdandrear 9407 0.0 0.1 5820 2232 pts/0 R 12:03 0:00 ps ux

Review Week Twelve Lab Assignment

PROCESS STATE Code/export/home/dandrear>ps –aux | less

USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND

root 26 0.0 0.0 0 0 ? S 2011 4:19 [kswapd0]root 27 0.0 0.0 0 0 ? SN 2011 0:00 [ksmd]root 28 0.0 0.0 0 0 ? S 2011 0:00 [aio/0]root 401 0.0 0.0 2428 8 ? S<s 2011 0:00

/sbin/udevd -droot 612 0.0 0.0 0 0 ? S 2011 0:00

[vmmemctl]dandrear 20749 0.0 0.0 4812 1036 pts/0 R+ 20:23 0:00 ps -auxdandrear 20750 0.0 0.0 4448 784 pts/0 S+ 20:23 0:00 less

Review Week Twelve Lab AssignmentWhat is the function of the cron daemon?

To initiate all timed events. The cron daemon is started at boot time and remains active while the system is operating in multi-user mode. The crond wakes up every minute, exams all stored crontab records, checking to see which command is ready to execute in the current minute. crontab record format: * * * * * Command line<minute> <hour> <day> <month> <day of week> Command line

crontab RestrictionsYou can execute crontab if your name appears in /usr/lib/cron/cron.allow.If the cron.allow files doesn’t exist, you can use crontab if your name isn’t listed in the /usr/lib/cron/cron.deny file. If only cron.deny exists, and is empty, all users can use crontab. If neither file exists, only root user can use crontab.

Review Week Twelve Lab AssignmentWhat is a domain name?

It is a name that refers to a numeric notation (similar to an alias).A name that identifies one or more IP addresses.

What is the function of a Domain Name Service (DNS)?It is a system that resolves names to an IP address(es) of clients. Domain name service is a hierarchical system where the top level domain serving sub-domain clients with names and IP addresses. A DNS is similar to a “phone book”.

The most popular DNS software is generally BIND.

FYI -dos2unix is a function that converts DOS/MAC plain text files into Unix format.

What is the functionality of the “lost+found” directory on a Unix-like system?Usually, there is one directory on every disk partition. Disk errors or incorrect system shutdowns cause files to become lost. This is the directory they can be found in.

Review Week Twelve Lab AssignmentSecurity on UNIX systems

Basic UNIX-like system security is the access modes for files and directories. Default file and directory permission settings are set by the umask variable value. The initial recommended umask setting of 077 would enable all permissions for the directory owner, disabling all permissions for the group, and others.

Base directory values = 777Base file values = 666

Access permissions cannot be granted one way for one user and another way for a different user.

The chmod command should be used to make the final permissions settings once the information is ready for use.

Review Week Twelve Lab AssignmentDirectory Calculation

umask 077

777 111 111 111 (base directory value)

077 000 111 111 (umask value in .profile)

700 111 000 000 (1’s complement)

111 000 000 (default directory permission)

700 (rwx------)

Review Week Twelve Lab AssignmentFile Calculation

umask 077

666 110 110 110 (base file value)

077 000 111 111 (umask value in .profile)

700 111 000 000 (1’s complement)

110 000 000 (default file permission)

600 (rw-------)

Review Week Twelve Lab AssignmentSecurity on UNIX systemsIn a UNIX-like operating system environment, files and

directories are organized in a tree structure with specific access modes.

- File access modes determine the permission bits for file security. Permission bits determine how users can access a file. There are three user access modes used by all UNIX-like operating systems: the owner, the group, and others. Permission access for these groups can be read, write and execute within each user type.

- Directory protection is vital for file security. Administrators and users create “publicly writeable” directories which provide the most opportunities for compromising UNIX security system. Administrators tend to make these”open” for users to move around and access public files and utilities.

- PATH environment variable should be organized with so that system paths are searched first rather than the users current directory. The users current directory should be searched last.

Review Week Twelve Lab AssignmentSecurity on UNIX systems

- Although passwords offer an additional level of security, they lend themselves to computer system compromising. Lack of awareness and responsibility contributes largely to this form of computer insecurity. In summation, the corporate policy must be implemented. Two factor authentication is where a subject provides at least two types of proof of identity.

- Network security is important so limit access to powerful commands like uucp, uux, uucico, and uuxqt commands.

- LANs were designed to transfer files between computers quickly, and security for them should be as consideration today as any other software. IEEE 802.11i specifies the use of the Advanced Encryption Standard (AES). AES is a stronger security algorithm than WEP.

Review Week Twelve Lab AssignmentSecurity on UNIX systems

The Data Encryption Standard (DES) was selected by the National Bureau of Standards as an official Federal Information Processing Standard for the United States in 1976 .

DES is based on a 56 bit key.

DES is now considered insecure for many applications. This action is due to the 56 bit key size being too small.

Review Week Twelve Lab Assignment

What is copy-on-write (COW)?It is an optimization strategy mainly used in virtual memory operating systems. Multiple users can be given a pointer to the same resource. When a process creates a copy of itself, the pages in memory that might be modified by either the parent or child process are marked copy-on-write. When one process modifies the memory, the kernel intercepts the operation and copies the memory so that changes in one process’s memory are transparent to the other.

COW is intended to use memory sparing because usage of physical memory utilization increases as data is stored.

Review Week Twelve Lab AssignmentNetwork Services

A variety of services available across a networkNFSRemote login Utilize a Web browser

All network services rely on the ability to convert a host or domain name to an IP address.

DNS are complex. The number of host names and IP addresses in the Internet is very large.

DNS Local contains actual translations for the machines in its local network

DNS Global contains more information about translations.

A single translation could involve several DNS before resolving the IP address.

Review Week Twelve Lab AssignmentFile Systems

UNIX/Linux file system is contained under the root directory denoted by a forward slash “/”.

Users don’t have to worry about the physical locations of files. The file system is transparent to the user.

The system administrator must be familiar with mounting and un-mounting storage space (/mnt).

A file system cannot be utilized unless it has been mounted.

Review Week Twelve Lab AssignmentFile Systems versus Disks

The main task of a file system is to recover stored data to a consistent state after a system crash.

File system must be aware of the disk technology on which they are running to ensure they can reliably deliver the semantics they have promised.

Application(s) interface with file systems and not disks.

Review Week Twelve Lab AssignmentLegacy of File System and Disk Technology

Fsysc system call – writes data (dirty) to disk that requires long-term stability

Track-caching controllers – accumulated the data into large buffers

Tag queuing – each request passed to the disk driver is assigned a unique numeric tagSerialATA is now defined as Native Command Queuing (NCO)Newer disk sizes – the write density for disks

was increased from 512 byte sectors to 4,096 byte sectors. Compatibility – error rate per bit increased.

Old versus new sector sizes.

Review Week Twelve Lab AssignmentOne-Way Encryption (Message Digest 5)

1. MD5 encrypted password (option secret 0)2. MD5 encryption text string (option secret 5)

The optional 0 keyword enables MD5 encryption on a clear text password; the 5 keyword enters an MD5 encryption string and saves it as the user MD5-encrypted secret. MD5 encryption is a strong encryption method which is not retrievable; thus, you cannot use MD5 encryption with protocols that require clear text passwords, such as CHAP

Review Week Twelve Lab AssignmentOne-Way Encryption (Message Digest 5)

MD5 encryption is a one way hash encryption algorithm and cannot be decrypted (except by brute force). MD5 encryption can be compromised using brute force on it. Rainbow tables use a mathematic algorithm so its easier and faster than a common brute force.

And yes, there are tables which can crack MD5, I just don’t know how big they are. Usually if you have a password which is bigger than 15 characters, it takes to much time to create a table for it, and you need a lot of disk space.

So if your password is bigger than 15 characters you are reasonably safe.

Review Week Twelve Lab Assignment

Super Block AttributesContains information about each mounted file system.The super-block is the first block of each

ext2FS/ext3FS partition. It contains important data about the file system, such as its size, free space, etc. (it is similar to the method used by FAT partitions). A partition with a damaged super-block cannot be mounted. Fortunately,

ext2FS/ext3FS keeps several super-block backup copies scattered over the partition.

Most of the information stored in the super-block is considered static. Static information can be critical in recovering data.

Review Week Twelve Lab AssignmentTypes of information found in a super-block Device identifier, inode pointers, block size, file system

type and pointer.

Inode contains information about a file. The name and the inode number are stored in the directory.

Data block are used to store the data in the file. There is a limited amount of space in an inode for pointers.

Number of mounted file systemsThe Linux 2.0 kernel keeps a static array of such

structures to store up to 64 mounted file systems.

A file system must be mounted before it is usable.

.

Review Week Twelve Lab Assignment

usr bin tmp dev

tty03nulldate wc ksh

dandrearjones

.profile bin

foo

Directory tree

/

Review Week Thirteen Lab Assignment Directory Structure

UNIX arranges files and directories in an inverted tree topology.

/proc directory contains a hierarchy of special files which represent the current state of the kernel.

/bin directory contains shells (bash and csh), vi editor, and commands.

/etc directory contains system related configuration files.

/mnt directory is intended to be used as the temporary mount points for mounting storage devices.

Review Week Thirteen Lab Assignment Directory Structure

drwxr-xr-x 6 root root 1024 Dec 29 2005 mnt

/opt directory is where new or untested software is stored.

/dev directory is where device files are located that access hardware.

/ directory contains several main directories.

/root directory is reserved for the super-user. drwxr-x--- 4 root root 1024 Nov 16 22:35 root

Review Week Twelve Lab Assignment

Super Block File Manager

ext3 File System

Linux Virtual File SystemKernel

Review Week Twelve Lab AssignmentLinux Virtual File System (VFS)

The purpose of a VFS is to allow client applications to access different types of file systems in a uniform way.

Manages kernel file abstractions in one format for all file systems.

Receive system call requests from user level (e.g. write, open, stat, link).

Interacts with a specific file system based on the mount point traversal

Receive requests from other parts of the kernel, mostly from memory management.

Review Week Twelve Lab AssignmentFile Manager

Is a program that provides a user interface to work with the file system. They are very useful for speeding up interaction with files. The most common operations on files are create, open, edit, print, rename, move, and copy.

Review Week Twelve Lab AssignmentDefine LDAP (Lightweight Directory Access Protocol ):

A set of protocols for accessing information directories. LDAP is considered the simplified version of the X-500 standard. Unlike the X-500 standard, LDAP supports TCP/IP for Internet access.

LDAP Characteristics:

- Relatively Static Data: The data is rarely modified. How often do you change your telephone number?

- Extremely Fast Read Operations - The directory is tuned for high read performance because the data in the directory

is frequently read and rarely written or updated.

- Distributed - The data is located on a number of systems on the network for redundancy, performance, and

scalability.

- Hierarchical -This ensures there is an authoritative source of the data in the directory system.

Week Thirteen Expected Outcomes

Upon successful completion of this module, the

student will be able to:

• Describe the structure and use of Web servers.

• Create and run CGI scripts. • Evaluate a current Web technology

project.

Next Lab AssignmentApache Web Server

Apache Web server is free and distributed as source files by the Apache Software Foundation.

Apache is generally recognized as the world's most popular Web server (HTTP server). Originally designed for UNIX servers, the Apache Web server has been ported to Windows and other network operating systems. The name "Apache" derives from the word "patchy" that the Apache developers used to describe early versions of their software.

apache 31748 27504 0 Mar23 ? 00:00:03 /usr/sbin/httpd

Next Lab Assignment

Describe the structure and use of Web servers. Early Web sites consisted of HTML pages that could only provide data that was written into the HTML page itself. This was sufficient for that time frame.

Currently, Web sites provide dynamic data into an HTML page with the use of CGI scripts.

It is a mechanism for a Web server to be able to interact with an external program. These external programs are CGI scripts.

Next Lab AssignmentDescribe the structure and use of Web servers.

CGI scripts can be written in any programming languages. Perl is the common choice because of its feature richness.

The web is composed of clients and servers. CGI is used on the server to provide additional services and functionality to the client.

Next lab assignmentThe Apache HTTP server must be instructed to locate the CGI

scripts.

Two more pieces of information are needed.1) A program in that directory to be used as a CGI

script.2) A link in an HTML page to your CGI script.

The CGI script itself simply produces output to stdout. The HTTP server captures that output and sends it to the Web browser. The format of the output must be in a form that the Web browser can understand (HTML).

The CGI script creates the HTML page every time it is run.

The data provided to the HTML page can change with each execution of the script. The Web browser reports data dynamically to the user.

Next lab assignmentURL that points to the CGI script.

http://cs.franklin.edu/~dandrear/itec400/CGI/sysInfo.cgi

Apache Web ServerA user can test from a Web browser on the same machine using the host name “localhost.” http://localhost will try to find a Web server on the same machine as the Web browser.

Break-out problems1. Unix commands:

fgbguname –nid

2. Define the function of the umask command and variable.3. What are the file permissions if the umask 027?4. What are the directory permissions if the umask 027?5. What are the base directory permissions?6. What are the base file permissions?7. What is the function of the file manager?8. What is an Apache Web Server?9. What would be considered an advantage of using copy-on-

write?10. What is a Linux Virtual File System?

Upcoming DeadlinesProgramming Assignment 2, 12-1 due July 28, 2013

Archives Exercise, 12-2 due July 28, 2013.

Presentations for Public Domain/Open Source Lab Assignment 13-1 will be July 30 and August 6, 2013.

Programming Assignment 3, 14-1 is due August 10, 2013

Final Exam, 15-1 will be administered at the Student Learning Center, August 5 (Monday) through August 10 (Saturday).

Good luck on the final exam.

Lab assistance

• Questions• Comments• Concerns

• I will be available after this Franklin Live session to discuss any problems and/or concerns regarding lab assignments.