% CST8207 Week 09 Notes – Midterm #2 % Ian! D. Allen - - [www.idallen.com] % Winter 2014 - January to April 2014 - Updated Sun Mar 16 16:19:05 EDT 2014 Blackboard Down =============== - Blackboard and/or parts of the College network were down this weekend. - The due dates for Assignments 6 and 7 are extended to March 12. - All course notes and practice tests continue to be available through my course home page and the backup course home page. - The Course Linux Server is unaffected (using its public address) and continues to be available. Readings, Assignments, Labs, and ToDo ===================================== - Read (at least) these things (All The Words): - [Week 09 Notes HTML] – this file – **Read All The Words** - [List of Commands You Should Know] - [Video Tutorials on Lynda.com] - Using your [lynda.com] account, watch [Unix for Mac OS X Users] Midterm Test #2 ---------------- - All test and exam dates are posted on the [Course Home Page]. - Midterm #2 takes place Wednesday, March 12 in your lecture. - You must read the [Test Instructions] first. - [170 practice Midterm Test #2 questions] and [12 more practice Midterm Test #2b questions] are available along with an answer keys in the [Class Notes]. See the [Practice Test README] page. - A Quiz on these 170 questions (not the 12 new ones) is available on Blackboard. See the [Week 04 Notes HTML] for how quizzes work. - Midterm Test #2 (Wed Mar 12) covers: - anything from the previous midterm test, especially questions that were not answered correctly, plus: - weekly notes, labs, quizzes, and assignments for Weeks 1 through 8 inclusive. - The emphasis is on material covered since the previous test. - Material in [Assignment #06 HTML] is relevant to this test. - Material in [Assignment #07 HTML] is relevant to this test. Assignments and Lab work this week ---------------------------------- Check the due date for each assignment and put a reminder in your agenda, calendar, and digital assistant. The worksheets are available in four formats: Open Office, PDF, HTML, and Text. Only the Open Office format allows you “fill in the blanks” in the worksheet. The PDF format looks good but doesn’t allow you to type into the blanks in the worksheet. The HTML format is crude but useful for quick for viewing and searching online. - Read All The Words, Do, and then Submit via Blackboard: - Assignment #08 HTML – COMING SOON - Really do **Read All The Words**. You don’t get a second chance to get it right. ### Optional Bonus Assignments – extra marks - [Assignment #03 HTML] – *Optional* BONUS VIM Text Editor Practice - this is an *optional* worksheet for a BONUS assignment using `vim` - Optional Reading: [The VI (VIM) Text Editor] - [Worksheet #06 HTML] – *Optional* VIM Text Editor Practice - this is an *optional* worksheet for a BONUS assignment using `vim` - Optional command-line VIM tutorial: the `vimtutor` program on the CLS. From the Class Notes link on the Course Home Page ================================================= - Review last week. Did you do everything assigned last week? From the Classroom Whiteboard/Chalkboard ======================================== - **Take notes in class!** Your in-class notes would go here. Real Sysadmin Work ================== - Working directly with Ubuntu developer on software testing: - I installed a proposed `iproute` update to Ubuntu 12.04 “precise” - It broke the `ip route` command - I used the `synaptic` package manager to view the change log and to force-install the previous version of `iproute` - I submitted an email to the developer at 11:39am and a comment on the fix - From: "Ian! D. Allen" Subject: iproute (20111117-1ubuntu2.2) precise broken Date: Sun, 2 Mar 2014 11:39:02 -0500 To: Ubuntu You broke iproute with iproute (20111117-1ubuntu2.2) precise Before, it showed real device interface names: oakS0~$ ip route list 169.254.0.0/16 dev eth3 scope link metric 1000 172.16.174.0/24 dev vmnet8 proto kernel scope link src 172.16.174.1 192.168.2.0/24 dev eth2 scope link src 192.168.2.250 metric 400 192.168.8.0/24 dev eth1 scope link src 192.168.8.250 metric 200 192.168.9.0/24 dev eth0 scope link src 192.168.9.250 metric 100 192.168.84.0/24 dev vmnet1 proto kernel scope link src 192.168.84.1 192.168.100.0/24 dev eth3 proto kernel scope link src 192.168.100.250 192.168.184.0/24 dev vmnet2 proto kernel scope link src 192.168.184.1 216.48.163.96/27 dev eth3 scope link src After, it shows strange "if" names: oakS0~$ ip route list 169.254.0.0/16 dev if12 scope link metric 1000 172.16.174.0/24 dev if10 proto kernel scope link src 172.16.174.1 192.168.2.0/24 dev if2 scope link src 192.168.2.250 metric 400 192.168.8.0/24 dev if3 scope link src 192.168.8.250 metric 200 192.168.9.0/24 dev if4 scope link src 192.168.9.250 metric 100 192.168.84.0/24 dev if8 proto kernel scope link src 192.168.84.1 192.168.100.0/24 dev if12 proto kernel scope link src 192.168.100.250 192.168.184.0/24 dev if9 proto kernel scope link src 192.168.184.1 216.48.163.96/27 dev if12 This breaks anything trying to relate "ifconfig" interface names with "ip route list". - The developer replied by personal email at 13:04, 85 minutes later, saying the patch would not be promoted into the release until fixed. From: Ubuntu To: "Ian! D. Allen" Subject: Re: iproute (20111117-1ubuntu2.2) precise broken Date: Sun, 02 Mar 2014 13:04:56 -0500 Ian, I'm aware the problem. The patch will be rejected in -proposed. https://bugs.launchpad.net/ubuntu/+source/iproute/+bug/1281366 --chris - [*GnuTLS Bug*] - *The exact impact of the vulnerability is still being established, but we should assume that a dedicated attacker can successfully trick an unpatched version of GnuTLS into validating a certificate that is otherwise bogus. This would allow someone with malicious intent to perform a “Man-in-the-Middle” attack by intercepting a TLS connection attempt from your system to a remote server and pretending to be the server with which you are trying to communicate instead.* - [*Access to Linux Training for All*] - *Linux Foundation to Build Massive Open Online Course Program with edX, Increase Access to Linux Training for All* - *The Linux Foundation and edX are partnering to develop a MOOC program that will help address this issue by making basic Linux training materials available to all for free. Previously a $2,400 course, Introduction to Linux will be the first class available as a MOOC and will be free to anyone, anywhere. The Linux Foundation is among a new group of member organizations edX announced today who will contribute courses to the platform.* - Also: - [*Android beats iOS, becomes top tablet OS: Linux rules*] - *Linux is on the roll and even soon to be acquired Nokia is adoption Linux-based Android. After conquering the smartphone space, Android is now dominating the tablet space. According to a new study by Gartner, “the tablet growth in 2013 was fueled by the low-end smaller screen tablet market, and first time buyers; this led Android to become the No. 1 tablet operating system (OS), with 62 percent of the market.”* - [*Dice: How Linux Hiring Compares with the Rest of Tech*] - *In technology, there is a big difference between a position and a career. Linux professionals can take solace in the fact that their skills lend themselves to great long term career prospects, no matter what positions they may hold today.* - *When it comes to Linux skills, hiring is robust and a priority. 46 percent of hiring managers suggest Linux skills are mission critical for the year ahead. On Dice, employers advertise more than 11,000 Linux related positions on any given day. At that level of demand, Linux professionals can truly define their own career roadmaps.* - [*$7,000-per-month tech interns*] - *Glassdoor releases a list of the highest-paying companies for interns and (surprise, surprise) most of them are tech companies.* - HTTP pathname attack on my server, recorded in `/var/log/apache2/access.log`: 10.100.11.149 - - [07/Mar/2014:09:42:50 -0500] "GET ..\\\\..\\\\..\\..\\\\..\\..\\\\..\\..\\\\\\boot.ini HTTP/1.1" 400 542 "-" "Mozilla/5.0 (compatible; Nmap Scripting Engine; http://nmap.org/book/nse.html)" 10.100.11.149 - - [07/Mar/2014:09:42:51 -0500] "GET \\\\..%2f..%2f..%2f..%2fboot.ini% ../ HTTP/1.1" 400 542 "-" "Mozilla/5.0 (compatible; Nmap Scripting Engine; http://nmap.org/book/nse.html)" 10.100.11.149 - - [07/Mar/2014:09:42:51 -0500] "GET index.html?../../../../../boot.ini HTTP/1.1" 400 542 "-" "Mozilla/5.0 (compatible; Nmap Scripting Engine; http://nmap.org/book/nse.html)" 10.100.11.149 - - [07/Mar/2014:09:42:51 -0500] "GET index.html?..\\..\\..\\..\\..\\boot.ini HTTP/1.1" 400 542 "-" "Mozilla/5.0 (compatible; Nmap Scripting Engine; http://nmap.org/book/nse.html)" 10.100.11.149 - - [07/Mar/2014:09:42:51 -0500] "GET ///..%2f..%2f..%2f..%2fboot.ini HTTP/1.1" 404 532 "-" "Mozilla/5.0 (compatible; Nmap Scripting Engine; http://nmap.org/book/nse.html)" 10.100.11.149 - - [07/Mar/2014:09:42:51 -0500] "GET /..%5C..%5C%5C..%5C..%5C%5C..%5C..%5C%5C..%5C..%5Cboot.ini HTTP/1.1" 404 547 "-" "Mozilla/5.0 (compatible; Nmap Scripting Engine; http://nmap.org/book/nse.html)" 10.100.11.149 - - [07/Mar/2014:09:42:52 -0500] "GET /..\\/..\\/..\\/boot.ini HTTP/1.1" 404 532 "-" "Mozilla/5.0 (compatible; Nmap Scripting Engine; http://nmap.org/book/nse.html)" 10.100.11.149 - - [07/Mar/2014:09:42:52 -0500] "GET /..\\/\\..\\/\\..\\/\\boot.ini HTTP/1.1" 404 535 "-" "Mozilla/5.0 (compatible; Nmap Scripting Engine; http://nmap.org/book/nse.html)" 10.100.11.149 - - [07/Mar/2014:09:42:52 -0500] "GET /\\../\\../\\../boot.ini HTTP/1.1" 404 532 "-" "Mozilla/5.0 (compatible; Nmap Scripting Engine; http://nmap.org/book/nse.html)" 10.100.11.149 - - [07/Mar/2014:09:42:52 -0500] "GET ////..\\..\\..\\boot.ini HTTP/1.1" 404 529 "-" "Mozilla/5.0 (compatible; Nmap Scripting Engine; http://nmap.org/book/nse.html)" 10.100.11.149 - - [07/Mar/2014:09:42:52 -0500] "GET /..\\..\\..\\..\\\\..\\..\\\\..\\..\\\\\\boot.ini HTTP/1.1" 404 548 "-" "Mozilla/5.0 (compatible; Nmap Scripting Engine; http://nmap.org/book/nse.html)" 10.100.11.149 - - [07/Mar/2014:09:42:53 -0500] "GET /../../../../../../../etc/passwd HTTP/1.1" 400 542 "-" "Mozilla/5.0 (compatible; Nmap Scripting Engine; http://nmap.org/book/nse.html)" 38.99.132.228 - - [08/Mar/2014:07:31:26 -0500] "GET /../../../../../../../../../../../ HTTP/1.1" 400 510 "-" "-" 38.99.132.228 - - [08/Mar/2014:07:31:28 -0500] "GET /d2q570tkets04eh10zr/../index.html HTTP/1.1" 200 778 "-" "-" 38.99.132.228 - - [08/Mar/2014:07:31:28 -0500] "GET /../index.html HTTP/1.1" 400 510 "-" "-" 38.99.132.228 - - [08/Mar/2014:07:31:28 -0500] "GET /index.html.............. HTTP/1.1" 404 541 "-" "-" 38.99.132.228 - - [08/Mar/2014:07:34:34 -0500] "GET /demo/../%3f.jsp HTTP/1.0" 404 522 "-" "-" 38.99.132.228 - - [08/Mar/2014:07:34:34 -0500] "GET /demo/../index.jsp::$DATA HTTP/1.0" 404 533 "-" "-" 38.99.132.228 - - [08/Mar/2014:07:34:54 -0500] "GET /demo/../fls17_jsp/index.jsp::$DATA HTTP/1.0" 404 543 "-" "-" 38.99.132.228 - - [08/Mar/2014:07:34:34 -0500] "GET /demo/../jsp/index.jsp::$DATA HTTP/1.0" 200 8404 "-" "-" 38.99.132.228 - - [08/Mar/2014:07:34:54 -0500] "GET /demo/../jsp/index.jsp::$DATA HTTP/1.0" 200 8404 "-" "-" 38.99.132.228 - - [08/Mar/2014:07:35:14 -0500] "GET /demo/../jsp/index.jsp HTTP/1.0" 200 8404 "-" "-" 38.99.132.228 - - [08/Mar/2014:07:39:17 -0500] "GET /demo/..//WEB-INF/ HTTP/1.0" 404 526 "-" "-" 38.99.132.228 - - [08/Mar/2014:07:39:17 -0500] "GET /demo/../index.jsp::$DATA HTTP/1.0" 404 533 "-" "-" 38.99.132.228 - - [08/Mar/2014:07:39:37 -0500] "GET /demo/../fls17_jsp/index.jsp::$DATA HTTP/1.0" 404 543 "-" "-" 38.99.132.228 - - [08/Mar/2014:07:39:17 -0500] "GET /demo/../jsp/index.jsp::$DATA HTTP/1.0" 200 8404 "-" "-" 38.99.132.228 - - [08/Mar/2014:07:39:37 -0500] "GET /demo/../jsp/index.jsp::$DATA HTTP/1.0" 200 8404 "-" "-" 38.99.132.228 - - [08/Mar/2014:07:39:57 -0500] "GET /demo/../jsp/index.jsp HTTP/1.0" 200 8404 "-" "-" 38.99.132.228 - - [08/Mar/2014:07:43:19 -0500] "GET /demo/..//META-INF/ HTTP/1.0" 404 527 "-" "-" 38.99.132.228 - - [08/Mar/2014:07:43:19 -0500] "GET /demo/../index.jsp::$DATA HTTP/1.0" 404 533 "-" "-" 38.99.132.228 - - [08/Mar/2014:07:43:39 -0500] "GET /demo/../fls17_jsp/index.jsp::$DATA HTTP/1.0" 404 543 "-" "-" 38.99.132.228 - - [08/Mar/2014:07:43:19 -0500] "GET /demo/../jsp/index.jsp::$DATA HTTP/1.0" 200 8404 "-" "-" 38.99.132.228 - - [08/Mar/2014:07:43:39 -0500] "GET /demo/../jsp/index.jsp::$DATA HTTP/1.0" 200 8404 "-" "-" 38.99.132.228 - - [08/Mar/2014:07:43:59 -0500] "GET /demo/../jsp/index.jsp HTTP/1.0" 200 8404 "-" "-" ![Take Notes in Class] -- | Ian! D. Allen - idallen@idallen.ca - Ottawa, Ontario, Canada | Home Page: http://idallen.com/ Contact Improv: http://contactimprov.ca/ | College professor (Free/Libre GNU+Linux) at: http://teaching.idallen.com/ | Defend digital freedom: http://eff.org/ and have fun: http://fools.ca/ [Plain Text] - plain text version of this page in [Pandoc Markdown] format [www.idallen.com]: http://www.idallen.com/ [List of Commands You Should Know]: 900_unix_command_list.html [Video Tutorials on Lynda.com]: 910_lynda_index.html [lynda.com]: https://lyceum.algonquincollege.com/Lynda [Unix for Mac OS X Users]: http://wwwlyndacom.rap.ocls.ca/Mac-OS-X-10-6-tutorials/Unix-for-Mac-OS-X-Users/78546-2.html [Test Instructions]: 000_test_instructions.html [170 practice Midterm Test #2 questions]: practicetest2.pdf [12 more practice Midterm Test #2b questions]: practicetest2b.pdf [Practice Test README]: PRACTICE_TEST_README.html [The VI (VIM) Text Editor]: 300_vi_text_editor.html [*GnuTLS Bug*]: http://www.linux.com/news/featured-blogs/203-konstantin-ryabitsev/765302-what-is-the-gnutls-bug-and-how-to-protect-linux-system-from-it [*Access to Linux Training for All*]: http://www.linuxfoundation.org/news-media/announcements/2014/03/linux-foundation-build-massive-open-online-course-program-edx [*Android beats iOS, becomes top tablet OS: Linux rules*]: http://www.muktware.com/2014/03/android-beats-ios-becomes-top-tablet-os-linux-rules/22051 [*Dice: How Linux Hiring Compares with the Rest of Tech*]: https://www.linux.com/news/featured-blogs/200-libby-clark/763971-dice-how-linux-hiring-compares-tech-market [*$7,000-per-month tech interns*]: http://news.cnet.com/8301-17938_105-57619716-1/$7000-per-month-tech-interns-are-making-bank-says-report/ [Take Notes in Class]: data/remember.jpg "Take Notes in Class" [Plain Text]: week09notes.txt [Pandoc Markdown]: http://johnmacfarlane.net/pandoc/