Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 3 Unix Overview. Figure 3.1 Unix file system.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "Chapter 3 Unix Overview. Figure 3.1 Unix file system."— Presentation transcript:

1 Chapter 3 Unix Overview

2 Figure 3.1 Unix file system

3 Table 3.1 Important Directories in the Unix file system DirectoryPurpose /The root directory /bin or /sbinCritical executables needed to boot the system /devDevice drivers /etcSystem configuration files such as passwords, network addresses and names,system startup scripts /homeUser home directories /libShared libraries used by programs /mntTemporary mount point for file systems /procImages of currently executing processes on the system /tmpTemporary files /usrA variety of critical system files, including system utilities (/usr/bin), and administration executables (/usr/sbin) /varStores varying files such as /var/log, /var/mail

4 Figure 3.2 Unix Architecture

5 Figure 3.3 Relationship between init, inetd, and various network services

6 Sample /etc/inetd.conf file containing services spawned by inetd /etc/inetd.conf file format Service name (port # defined in /etc/services) Socket type (stream or dgram) Protocol (tcp, udp, rpc/tcp, or rpc/udp) Wait status (wait or nowait) Username (service run as) Server program Server program arguments Use of inetd.conf to create backdoor listeners and attack relays

7 Common Unix Administration Tasks  Vulnerability of using “.” in your search path $PATH  Showing all running processes ps –aux ps –aef  Killing/restarting processes kill –HUP pid killall –HUP inetd  /etc/passwd file  Unix permissions rwxrwxrwx chmod command

8 Common Unix Administration Tasks (cont.)  SetUID programs –Executes with permissions of its owner, not of its user –/etc/passwd setUID root r-s--x--x –Creating setUID files #chmod 4741 foo  Finding setUID files  Vulnerability of setUID programs

9 Unix Trust  Authenticating users on behalf of another machine  R-commands –rlogin –rsh –rcp  Weakness of r-commands –Actions based on IP address of trusted machine –Undermining r-commands via IP address spoofing

10 Logs and Auditing  Syslog daemon –Syslogd  /etc/syslog.conf  /var/log –/var/log/messages –/var/log/http  Accounting files –Utmp Records who is currently logged into a system used by who command –Wtmp records all logins and logouts used by last command –lastlog Records time and location of each user’s last login to system

11 Network File System (NFS)  mountd  Nfsd  Share only folders that require sharing  Export files only to hosts requiring access  Carefully assign permissions to shared files  Avoid NFS sharing across the Internet  Alternatives –Secure ftp –IPSec-based VPN

Download ppt "Chapter 3 Unix Overview. Figure 3.1 Unix file system."

Similar presentations

Chapter 2 Booting and Shutting Down Kim Grempler (Sections 2.0 to 2.3) Leon Dague (Sections 2.4 to 2.7)

Chapter 2 Booting and Shutting Down Kim Grempler (Sections 2.0 to 2.3) Leon Dague (Sections 2.4 to 2.7)
Detecting Intruders from log files and traces Special Intruder Detection Systems (IDS) are now a market niche, and there are many products on the market.

Detecting Intruders from log files and traces Special Intruder Detection Systems (IDS) are now a market niche, and there are many products on the market.
153 Configuring and Securing ARPA/Berkeley Services Version A.01 H3065S Module 13 Slides.

153 Configuring and Securing ARPA/Berkeley Services Version A.01 H3065S Module 13 Slides.
Unix Refresher This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited and added material. Dr. Stephen.

Unix Refresher This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited and added material. Dr. Stephen.
Netprog: daemons and inetd1 Daemons & inetd Refs: Chapter 13.

Netprog: daemons and inetd1 Daemons & inetd Refs: Chapter 13.
Homework 5b: Samba. Computer Center, CS, NCTU 2 Network-based File Sharing (1)  NFS (UNIX-based) mountd is responsible for mount request nfsd and nfsiod.

Homework 5b: Samba. Computer Center, CS, NCTU 2 Network-based File Sharing (1)  NFS (UNIX-based) mountd is responsible for mount request nfsd and nfsiod.
Linux and UNIX Overview 1 Linux and UNIX Overview.

Linux and UNIX Overview 1 Linux and UNIX Overview.
Unix Network Programming Chapter 13: Daemon processes and the inetd superserver 22.4.2005 Jani Peusaari.

Unix Network Programming Chapter 13: Daemon processes and the inetd superserver Jani Peusaari.
Daemon Processes and inetd Superserver

Daemon Processes and inetd Superserver
2000 Copyrights, Danielle S. Lahmani UNIX Tools G22.2245-001, Fall 2000 Danielle S. Lahmani Lecture 11.

2000 Copyrights, Danielle S. Lahmani UNIX Tools G , Fall 2000 Danielle S. Lahmani Lecture 11.
Jai, 2004 Incident Response & Computer Forensics Chapter 6 Live Data Collection from Unix Systems Information Networking Security and Assurance Lab National.

Jai, 2004 Incident Response & Computer Forensics Chapter 6 Live Data Collection from Unix Systems Information Networking Security and Assurance Lab National.
Information Networking Security and Assurance Lab National Chung Cheng University Investigating Unix System.

Information Networking Security and Assurance Lab National Chung Cheng University Investigating Unix System.
Information Networking Security and Assurance Lab National Chung Cheng University Live Data Collection from Unix Systems.

Information Networking Security and Assurance Lab National Chung Cheng University Live Data Collection from Unix Systems.
Linux+ Guide to Linux Certification, Second Edition

Linux+ Guide to Linux Certification, Second Edition
CS 497C – Introduction to UNIX Lecture 35: - TCP/IP Networking Tools Chin-Chih Chang

CS 497C – Introduction to UNIX Lecture 35: - TCP/IP Networking Tools Chin-Chih Chang
Network File System (NFS) in AIX System COSC513 Operation Systems Instructor: Prof. Anvari Yuan Ma SID: 105820.

Network File System (NFS) in AIX System COSC513 Operation Systems Instructor: Prof. Anvari Yuan Ma SID:
1 Network File System. 2 Network Services A Linux system starts some services at boot time and allow other services to be started up when necessary. These.

1 Network File System. 2 Network Services A Linux system starts some services at boot time and allow other services to be started up when necessary. These.
Chapter 11 Phase 5: Covering Tracks and Hiding. Attrition Web Site  Contains an archive of Web vandalism attacks

Chapter 11 Phase 5: Covering Tracks and Hiding. Attrition Web Site  Contains an archive of Web vandalism attacks
1 COP 4343 Unix System Administration Unit 16: file server – samba.

1 COP 4343 Unix System Administration Unit 16: file server – samba.
1 Network File Sharing. 2 Module - Network File Sharing ♦ Overview This module focuses on configuring Network File System (NFS) for servers and clients.

1 Network File Sharing. 2 Module - Network File Sharing ♦ Overview This module focuses on configuring Network File System (NFS) for servers and clients.

Similar presentations

Ads by Google