Presentation is loading. Please wait.

Presentation is loading. Please wait.

CIS 218 Advanced UNIX 1 User and System Information CIS 218.

Published byEarl Douglas Modified over 8 years ago

Similar presentations

Presentation on theme: "CIS 218 Advanced UNIX 1 User and System Information CIS 218."— Presentation transcript:

1 CIS 218 Advanced UNIX 1 User and System Information CIS 218

2 CIS 218 Advanced UNIX 2 System resources v System resources: cpu, memory, disk, processes (32K or 64K)  Display CPU using: top  Display CPU/Memory using: vmstat  Display disk using: iostat or vmstat  Display disk using: ps –ef, ps aux, ps -aux

3 CIS 218 Advanced UNIX 3 File Systems  Separate areas on disks are placed under different directories called mountpoints  The are displayed with the mount command  Different areas can be formatted with different filesystem formats.  The are displayed with the df command

4 CIS 218 Advanced UNIX 4 /etc/passwd v The password file: root:jheVopR58x9Fx:0:1:The superuser:/:/bin/sh nobody:*:65534:65534::/: stevens:3hKVD8R58r9Fx:224:100: Richard Stevens:/home/stevens:/bin/ksh v Colon separates seven fields:userid, encrypted password, uid, gid, user info (finger), HOME –$ man passwd

5 CIS 218 Advanced UNIX 5 Special /etc/passwd values  root has the user ID 0 v “system” uids less than 100  nobody cannot login, but programs can run as nobody. nobody can only access world readable or writable files  / sbin/nologin used for “daemon” processes that don’t login but used to secure files and directories

6 CIS 218 Advanced UNIX 6 /etc/shadow  Passwords now stored in /etc/shadow  The password is encrypted using crypt() –one-way: there is no known way to decrypt (decode) a password  nobody cannot login, but programs can run as nobody. nobody can only access world readable or writable files

7 CIS 218 Advanced UNIX 7 /etc/shadow  /etc/shadow stores encrypted password strings –only readable by root. suid by login –/etc/passwd contains only ‘ x ’s in its password fields –In older systems pwconv pwconv converts to /etc/shadow usage  This prevents password cracking by copying /etc/passwd and then using ‘guess and test’ –many passwords are very simple unless newer system enforces password xcompleity rules.

8 CIS 218 Advanced UNIX 8 Finger  finger accesses the GECOS field: stevens:3hKVD8R58r9Fx:224:100: Richard &, B232, 555-1111, 555-2222: /home/stevens:/bin/ksh –different fields within GECOS are separated by commas: u user name, office, work and home phone numbers –& is replaced by the capitalised user name

9 CIS 218 Advanced UNIX 9 / etc/group v Lists every group on the system, an optional password, its group ID, and the users who are members: wheel:*:0:root, rachel uucp:*:10:uucp vision:AweHG67Ket4Ds:101:keith, arlin users:*:100: $ man group

10 CIS 218 Advanced UNIX 10 Joining Groups  /etc/group lists group users in addition to the ones who are members because of their /etc/passwd group ID. –e.g. stevens is in users because he has group ID 100  A user can change group with newgrp –usually must be a member of that group –some groups have passwords (e.g. vision )

11 CIS 218 Advanced UNIX 11 Supplementary Group IDs v In earlier UNIXs, each user belonged to one group at a time. –change was possible with newgrp v Current systems use same uid and gid by default for ordinary user ids v Some UNIXs now have supplementary group IDs: –a user can belong to up to 16 additional groups –no longer need to use newgrp (so much)

12 CIS 218 Advanced UNIX 12 v Keeps track of the network addresses for every host on the local network. v Often incomplete since the system can also ask address servers on other machines.  Typical /etc/hosts : 127.0.0.1 localhost 192.100.77.3 ratree.psu.ac.th ratree loghost 192.100.77.5 ns.psu.ac.th ns 203.154.130.11 ratree2.psu.ac.th ratree2 /etc/hosts

13 CIS 218 Advanced UNIX 13 /etc/protocols v Stores details about network protocols supported by the system.  Fragment of /etc/protocols : tcp 6 TCP # transmission control protocol : udp 17 UDP # user datagram protocol :

14 CIS 218 Advanced UNIX 14 /etc/services v Stores details on the network services supported by the system –built on top of network protocols  Fragment of /etc/services ftp21/tcp smtp25/tcpmail : irc194/tcp# internet relay chat irc194/udp :

15 CIS 218 Advanced UNIX 15 Login Accounting  /var/run/utmp –records which users are currently logged in –used by who, users, finger, ps –may be located in /var/adm/  /var/log/wtmp –records all logins, logouts, shutdowns, reboots –used by last –may be located in /var/adm/

16 CIS 218 Advanced UNIX 16 last (reboot)  Displays wtmp in an understandable form. v Lists all logins, logouts, etc. since file creation.  $ last | grep boot reboot System boot Fri Aug 15 22:15 reboot System boot Fri Aug 15 15:21 reboot System boot Fri Aug 4 17:24 reboot System boot Fri Aug 4 15:41 continued

17 CIS 218 Advanced UNIX 17 last (user)  $ last rich ttypbmit.usa Tue Aug 19 13:19 still logged in zonkttyp3129.10.1.22 Tue Aug 19 13:12 - 13:14 (00:02) rich ttypalisa.ac.thTue Aug 19 13:11 still logged in zonk ttyp3lennyTue Aug 19 12:06 - 12:21 (00:14) :  $ last rich rich ttypbmit.usaTue Aug 19 13:19 still logged in rich ttypafoo.lisa.ac.th Tue Aug 19 13:11 still logged in rich ttyp0goo.lisa.ac.th Mon Aug 18 11:01 - 11:45 (00:44) rich ftpmit.usaSat Aug 16 00:03 - 00:04 (00:01)

18 CIS 218 Advanced UNIX 18 The System Log: syslog syslogd user process /dev/log UDP port 514 /dev/klog kernel routines Unix domain datagram socket Internet domain datagram socket TCP/IP network syslog() files, console or e-mail Kernel log() $ man syslogd

19 CIS 218 Advanced UNIX 19 Logging Messages  Any program can generate log messages using syslog(). v A log message includes: –the program name, a facility, a priority, and the message text v Example: login: Root LOGIN REFUSED on ttya –sent by an authorization facility ( login ); it is critical

20 CIS 218 Advanced UNIX 20 Some syslog Facilities  NameFacility kern The kernel. user Regular user processes. mail The mail system. lpr The printer system. : auth The authorization system, or programs that ask for user names and passwords (e.g. login, su, getty, ftp ).

21 CIS 218 Advanced UNIX 21 Some Syslog Priorities (levels)  PriorityMeaning emerg Emergency (e.g. crash). alert Fix immediately (e.g. bad db). crit Critical (e.g. hardware error). err Ordinary error. : notice Not an error, but important. : debug Debug messages.

22 CIS 218 Advanced UNIX 22 Other system info commands uptime system since last reboot w who. Lists users, login times, and status. finger Shows personal information. date Shows current date and time. man MANual pages. Complete online reference. ps ProceSses. Show programs are being run. top shows top users of CPU and RAM (see also ps -aux and vmstat) unameDisplay UNIX information iostatdevice utilization vmstatvirtual memory statistics sarsystem activity reporter iostat some systems, displays disk IO activity df (-v) display file system utilization df (-v) display file system utilization dudisplay directory utilization mount display file system mountpoints, type hostnamedisplay the hostname dmesgdisplay OS startup info ulimitsystem resource limits (see /etc/security/limits.conf)

Download ppt "CIS 218 Advanced UNIX 1 User and System Information CIS 218."

Similar presentations

Detecting Intruders from log files and traces Special Intruder Detection Systems (IDS) are now a market niche, and there are many products on the market.

Detecting Intruders from log files and traces Special Intruder Detection Systems (IDS) are now a market niche, and there are many products on the market.
Race Condition Zutao Zhu 10/09/09. Outline Race Condition –Some functions –File format of /etc/passwd and /etc/shadow –Input Redirection Format-string.

Race Condition Zutao Zhu 10/09/09. Outline Race Condition –Some functions –File format of /etc/passwd and /etc/shadow –Input Redirection Format-string.
Unix Refresher This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited and added material. Dr. Stephen.

Unix Refresher This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited and added material. Dr. Stephen.
Linux+ Guide to Linux Certification, Second Edition Chapter 14 Network Configuration.

Linux+ Guide to Linux Certification, Second Edition Chapter 14 Network Configuration.
User Account Management WeeSan Lee. Roadmap Add An Account Delete An Account /etc/{passwd,shadow} /etc/group How To Disable An Account? Root Account Q&A.

User Account Management WeeSan Lee. Roadmap Add An Account Delete An Account /etc/{passwd,shadow} /etc/group How To Disable An Account? Root Account Q&A.
Syslogd Tracking system events. Log servers Applications are constantly encountering events which should be recorded –users attempt to login with bad.

Syslogd Tracking system events. Log servers Applications are constantly encountering events which should be recorded –users attempt to login with bad.
Information Networking Security and Assurance Lab National Chung Cheng University Investigating Unix System.

Information Networking Security and Assurance Lab National Chung Cheng University Investigating Unix System.
Linux+ Guide to Linux Certification, Second Edition

Linux+ Guide to Linux Certification, Second Edition
Chapter 3 Unix Overview. Figure 3.1 Unix file system.

Chapter 3 Unix Overview. Figure 3.1 Unix file system.
CS 497C – Introduction to UNIX Lecture 35: - TCP/IP Networking Tools Chin-Chih Chang

CS 497C – Introduction to UNIX Lecture 35: - TCP/IP Networking Tools Chin-Chih Chang
1 Network File System. 2 Network Services A Linux system starts some services at boot time and allow other services to be started up when necessary. These.

1 Network File System. 2 Network Services A Linux system starts some services at boot time and allow other services to be started up when necessary. These.
Linux System Administration LINUX SYSTEM ADMINISTRATION.

Linux System Administration LINUX SYSTEM ADMINISTRATION.
Va-scanCopyright 2002, Marchany Securing Solaris Servers Randy Marchany.

Va-scanCopyright 2002, Marchany Securing Solaris Servers Randy Marchany.
Chapter 3.1:Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access.

Chapter 3.1:Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access.
New SA Training Topic 9: Logging, Monitoring, and Performance  Logging  Windows – “Auditing”  Linux – syslog  Monitoring  MRTG  Big Brother  Performance.

New SA Training Topic 9: Logging, Monitoring, and Performance  Logging  Windows – “Auditing”  Linux – syslog  Monitoring  MRTG  Big Brother  Performance.
Linux Filesystem Management

Linux Filesystem Management
Mid 1960 ’ s - Multics - proposed by AT&T, Honeywell, GE & MIT; funded by DARPA 1969 - Thompson & Ritchie create Unix 1978 to 84 - Bill Joy & Chuck Haley.

Mid 1960 ’ s - Multics - proposed by AT&T, Honeywell, GE & MIT; funded by DARPA Thompson & Ritchie create Unix 1978 to 84 - Bill Joy & Chuck Haley.
System Monitoring and Automation CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University.

System Monitoring and Automation CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University.
Guide to Linux Installation and Administration, 2e1 Chapter 8 Basic Administration Tasks.

Guide to Linux Installation and Administration, 2e1 Chapter 8 Basic Administration Tasks.
ITI-481: Unix Administration Meeting 5. Today’s Agenda Network Information Service (NIS) The Cron Program Syslogd and Logging.

ITI-481: Unix Administration Meeting 5. Today’s Agenda Network Information Service (NIS) The Cron Program Syslogd and Logging.

Similar presentations

Ads by Google