Updated: 2017-10-01 17:22 EDT
abcd0001
You will elect a student Class Representative from among your classmates in each of your CST8207 theory classes on Monday September 11 (section 010 and 030) or Tuesday September 12 (section 020). (That’s one student representative elected in each section.)
Students who would like to be candidates for election must be ready to put forward their names in their CST8207 theory class on Monday or Tuesday this week (Week 3).
Details about why this position is important may be found in the Class Representative Job Description PDF.
You may also examine all the related documents.
man
Check the due date for each assignment and put a reminder in your agenda, calendar, and digital assistant. Just like in the Real World, not all due dates are on the same days or at the same times.
Last week, your instructor showed you how to log in to the Course Linux Server and use some simple commands. This week, you will create a file and then transfer the file to your laptop and upload it to Blackboard.
Assignment #02 HTML will have you log in to the CLS, do some simple commands with output redirection, and change your CLS password.
Worksheets are preparation for your assignments. You can’t do the assignments without having done the worksheets first, and you can’t do the worksheets without having first read the Course Notes: 1. Read. 2. Worksheet. 3. Assignment.
Form a small study group to do the worksheets. Each person tries the example given, and you make sure you all get the same answers. Worksheets are not for hand-in; they are not worth marks; the assignments test your knowledge of the lectures and worksheets.
The worksheets are available in four formats: Open Office (ODT), PDF, HTML, and Text. Only the Open Office format allows you “fill in the blanks” in the worksheet. The PDF format looks good but doesn’t allow you to type into the blanks in the worksheet. The HTML format is crude but useful for quick for viewing online.
Do NOT open the Worksheet ODT files using any Microsoft products; they will mangle the format and mis-number the questions. Use the free Libre Office or Open Office programs to open these ODT documents. On campus, you can download Libre Office here.
These first two worksheets require you to have read File System and Pathnames:
PS1, cd, find, less, ls, man, mkdir, passwd, pwd, rmdir
cat, clear, cp, find, fgrep, history, less, man, mv, rm, sleep, touch
Worksheets prepare you for the upcoming assignments.
For full marks, read the Test Instructions (all the words) before your midterm tests. Use the Algonquin Registered Name Game link to test your name before the test. I don’t answer questions about the instructions during the test.
Tests take place in your 50-minute lecture class, not in your lab period. Each midterm test is 45 minutes long and contains approximately 45 multiple-choice questions similar to those found in [Practice Tests and Answers]. You must write the test in the lecture class in which you are registered.
Take notes in class! Keep a pad open on your desk.
This week in lecture we learn about the terminal, the shell, simple output redirection, and using pathnames, especially relative pathnames.
As of 3am Monday September 11, 57 students still have not logged in to the Course Linux Server. You will need to know how to log in to work on Assignment #02 HTML this week. See your lab instructor for help reading all the words.
As I said last week, if you typed your CLS userid or password incorrectly more than about three times, you got your IP address locked out:
Sep 7 15:29:38 Failed password for XXXXXXXX from *.dsl.bell.ca
Sep 7 15:30:15 Failed password for XXXXXXXX from *.dsl.bell.ca
Sep 7 15:31:33 Failed password for XXXXXXXX from *.dsl.bell.ca
Sep 7 15:31:40 Failed password for XXXXXXXX from *.dsl.bell.ca
Sep 7 15:31:49 Failed password for XXXXXXXX from *.dsl.bell.ca
Sep 7 15:32:21 Failed password for XXXXXXXX from *.dsl.bell.ca
Sep 7 15:35:07 Failed password for XXXXXXXX from *.dsl.bell.ca
Sep 7 15:40:08 Failed password for XXXXXXXX from *.dsl.bell.ca
Sep 7 15:40:31 Failed password for XXXXXXXX from *.dsl.bell.ca
Sep 7 15:40:56 Failed password for XXXXXXXX from *.dsl.bell.ca
Sep 7 15:41:14 Failed password for XXXXXXXX from *.dsl.bell.ca
Sep 7 15:41:34 Failed password for XXXXXXXX from *.dsl.bell.ca
Sep 7 15:48:33 refused connect
Sep 8 21:13:39 Invalid user XXXXXXXX (upper-case letter!)
Sep 8 21:14:41 Failed none for invalid user
Sep 8 23:32:49 Invalid user XXXXXXXX
Sep 8 23:33:12 Failed password for invalid user XXXXXXXX
Sep 8 23:33:30 Failed password for invalid user XXXXXXXX
Sep 8 23:33:44 Failed password for invalid user XXXXXXXX
Sep 8 23:34:53 refused connect
Sep 9 23:13:34 Invalid user XXXXXXX (only 7 characters!)
Sep 9 23:13:48 Failed password for invalid user XXXXXXX
Sep 9 23:14:14 Failed password for invalid user XXXXXXX
Sep 9 23:14:42 Failed password for invalid user XXXXXXX
Sep 9 23:14:51 Failed password for invalid user XXXXXXX
Sep 9 23:17:27 Invalid user XXXXXXX
Sep 9 23:17:43 Failed password for invalid user XXXXXXX
Sep 9 23:18:04 Failed password for invalid user XXXXXXX
Sep 9 23:18:18 Failed password for invalid user XXXXXXX
Sep 9 23:20:00 refused connect
Sep 11 01:53:05 Invalid user david
Sep 11 01:53:19 Failed password for invalid user david
Sep 11 01:53:38 Failed password for invalid user david
Sep 11 01:53:51 Failed password for invalid user david
Sep 11 01:54:28 Invalid user david
Sep 11 01:55:04 Failed password for invalid user david
Sep 11 01:56:44 refused connect
When you are locked out, follow the directions in Course Linux Server for finding out your real IP address and getting it unblocked.
11 students used the wrong file name:
Bad file name: Assignment 1.txt
Bad file name: Multitasking.txt
Bad file name: assignment 01 .txt
Bad file name: assignment 1.txt
Bad file name: assignment.txt
Bad file name: assignment01.txt.txt
Bad file name: assignment1.txt
13 students did not use the exact numbering specified in the assignment.
Please Read All The Words.
As of midnight Wednesday September 14, 127 of 232 students have already finished Assignment #02 HTML with a 10/10 score.
The Course Linux Server [CLS] is on the open Internet, not hidden behind a firewall, and is subject to attacks on its SSH port by people looking to take over the machine. Our job as System Administrators is to prevent that from happening.
In Fall 2016 (September through December 2016) the CLS received over 131,705 attacks on the SSH port, mostly from China. Here are the counts, IP addresses, and country codes of the machines that attacked the CLS more than 500 times last term:
$ ./attack_whois.sh
82482 116.31.116.28 CN
18572 116.31.116.24 CN
13497 116.31.116.23 CN
1547 116.31.116.26 CN
966 68.55.78.69 US
545 221.194.47.229 CN
542 121.18.238.104 CN
532 221.194.47.249 CN
529 221.194.47.208 CN
526 221.194.47.224 CN
518 121.18.238.114 CN
The above output is generated by a shell script that you will be able to write when you successfully complete CST8207. Here are the major attacks for the current term (Fall 2017):
11040 58.218.198.165 CN
5062 58.218.198.166 CN
3493 58.218.198.143 CN
2770 116.31.116.25 CN
522 84.141.23.5 DE
Here are excerpts from attacks in the CLS authorization log file /var/log/auth.log
this week:
Sep 10 20:04:02 Invalid user homepage from 52.64.87.237
Sep 10 21:13:19 Invalid user admin from 71.84.119.143
Sep 10 21:13:20 Invalid user usuario from 71.84.119.143
Sep 11 01:21:44 Invalid user admin from 210.94.133.3
Sep 11 01:46:48 Invalid user pi from 211.248.11.169
Sep 11 05:13:35 Invalid user admin from 18.85.22.204
A whois
lookup of IP address 210.94.133.3
shows that it is part of a network hosted in Seoul, Korea. 211.248.11.169
is also in Korea.
Your careful work in CST8207 is critical to learning how to prevent these types of attacks from compromising the machines you control.
No, you are not allowed to use privileged commands such as sudo
or su
on my Course Linux Server. Use your own Linux virtual machine if you want to play with those commands.
https://www.schneier.com/crypto-gram/archives/2017/0115.html
“For decades, hackers have used techniques such as jump hosts, VPNs, Tor and open relays to obscure their origin, and in many cases they work. I’m sure that many national intelligence agencies route their attacks through China, simply because everyone knows lots of attacks come from China.”
abcd0001
Indexabcd0001
to log in. These are example userids used in the notes that are meant to be replaced with your own login userid. If you try repeatedly to log in to the Course Linux Server from home using a non-existent userid or password, your home IP address will be locked out; see the Course Linux Server notes for help on how to fix this.