Linux Introduction

Linux Introduction

    UNIX is the first Operating system in the world, developed by Kem Thompson and Dennis 
      Ritchie in 1969 at Bell Lab by AT&T Company

            IBM    :           AIX

            SGI     :           IRIX

            Sun     :           Solaris

            Free software foundation organization, they start a project by name GNU. The main 
      aim of this project is to develop such an operating system that can run on any platform.

    In 1991, a student Linuz Torvalds developed a kernel named Linux’s kernel plus GNU 
    application called Linux operating system.

Linux is an open source technology.

Different companies that provide Linux in Market are Redhat, SuSe, Scientific, Centos, and 
Knoppix etc.

FEATURES:

Ø  Linux is the fastest Operating system in the world. It runs 2 to 3 times fast than 
    windows OS.

Ø  Linux is the much secured OS because there is no any problem of virus.

Ø  Linux file format is text format and windows file format is binary format.

Ø  Linux is very reliable OS because kernel of Linux is very stable as compare to 
    windows kernel not crashed easily.

Ø  Kernel of Linux is very small in size it can be stored in floppy.

Ø  Linux uses the x-Window system which is advanced network windowing system. 
     Using this system we can display output of any workstation monitor attached in the network.

ADVANTAGES:

Ø  Virus Proof

Ø  Crash Proof

Ø  Economical

Ø  Multiuser, Multi-Tasking and Multi processing capacity

LOGIN MODES:

Two modes:

1.Text mode (CLI)   - All the commands can be executed 

2.Graphical Mode (GUI)

Login to Text mode we have use (Ctrl+Alt+F1…..F6, F8….F12) (Ctrl+Alt+F7) for Graphical Mode

OPEN SOURCE

       The idea behind Open Source software is rather simple: when programmers can read, distribute
    and change code, the code will mature. People can adapt it, fix it, debug it, and they can do it at a
 speed that dwarfs the performance of software developers at conventional companies. This software
will be more flexible and of a better quality than software that has been developed using the
conventional channels, because more people have tested it in more different conditions than the
 closed software developer ever can.

        The Open Source initiative started to make this clear to the commercial world, and very slowly,
commercial vendors are starting to see the point. While lots of academics and technical people have
already been convinced for 20 years now that this is the way to go, commercial vendors needed
applications like the Internet to make them realize they can profit from Open Source. Now Linux
 has grown past the stage where it was almost exclusively an academic system, useful only to a
handful of people with a technical background. Now Linux provides more than the operating system:
there is an entire infrastructure supporting the chain of effort of creating an operating system,
of making and testing programs for it, of bringing everything to the users, of supplying maintenance,
updates and support and customizations, etcetera. Today, Linux is ready to accept the challenge of
a fast-changing world.

 Please write your valuable comments...

Read More

[facebook src="Uptodatewithme" width="500" height="400" hide-cover="true" posts="true"/]

How Linux is Constructed?

How Linux is Constructed?

The Linux Foundation has published a very well done video that explains the process of creating the Linux kernel. The video also gives some interesting figures on the operating system itself.
Among the interesting figures, we learn for example that every day more than 850,000 phones in Linux are activated, only 9 of 10 supercomputers run on Linux. Google, Twitter, Facebook and Amazon are using Linux.

Read More

[facebook src="Uptodatewithme" width="500" height="400" hide-cover="true" posts="true"/]

Knockd :: Secure your Server connections

Knockd :: Secure your Server connections

Knockd is a small daemon which allows, deny your network connection to your server. The allocated ports on your machine wait for a specific sequence of connections on the ports which you have defined. If the specified sequence is executed in the correct order, the daemon will open the port and allow connection for a certain time on the ssh port.

Thus, from an external point of view the server has no open connection except for customers who have the sequences of port.

Our example will reveal how to set knockd to establish an ssh connection. The firewall configuration in the data center is made so strong that one can not access the servers from the IP address of the office. So we end up with a problem if we want to connect to servers in the data center from home

What solutions do we have? :

Ask someone to turn off the firewall (very bad idea) or add my current IP address in the firewall filters. Shall we connect to the desktop and then the server datacenter network? Again, we’ll have the same problems with the firewall.

In this particular situation, knockd will be very helpful.
To get a better view of our environment, here is the pattern of our network:

In our example, we’ll proceed to its installation on the PostgreSQL server. The installation as usual is relatively easy:

# Apt-get install knockd

Now for the configuration file / etc / knockd.conf:

[OpenSSH]
sequence = 6666,7532,9123
seq_timeout = 5
command = / sbin / iptables-I INPUT-s% IP%-p tcp – dport 22-j ACCEPT
tcpflags = syn

[CloseSSH]
sequence = 9123,7532,6666
seq_timeout = 5
command = / sbin / iptables-D INPUT-s% IP%-p tcp – dport 22-j ACCEPT
tcpflags = syn

To send the right combination, we will use the client software and knock:

$ Knock-v 91.207.12.87 6666 7532 9123

You could also use telnet, netcat, hping, etc. …
This command allows us to create an iptables rule with our current IP address so that we can open access to our server if the correct sequence was accepted by knockd:

$ Iptables-L-n
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT tcp – 81.132.12.38 0.0.0.0 / 0 tcp dpt: 22
ACCEPT tcp – 192.25.206.10 0.0.0.0 / 0 tcp dpt: 22
DROP tcp – 0.0.0.0 / 0 0.0.0.0 / 0 tcp dpt: 22

As we are here now, a rule was added to the server configuration where knockd installed. Now, we can easily connect via ssh from our home with the IP address 81.132.12.38.

Once I finished working on the server, I will send a new sequence to remove the rule added to the iptables filtering:

$ Knock-v 91.207.12.87 9123 7532 6666

Simple and effective 

Everything works fine but we can go a step further by defining a maximum time for starting the ssh connection. Modify our configuration:

/ Etc / knockd.conf:
[OpencloseSSH]
sequence = 6666,8213,12312,9432
seq_timeout = 5
tcpflags = syn
Start_command = / usr / sbin / iptables-I INPUT-s% IP%-p tcp-syn-dport 22-j ACCEPT
cmd_timeout = 25
Stop_command = / usr / sbin / iptables-D INPUT-s% IP%-p tcp-syn-dport 22-j ACCEPT

As you have noticed, we have changed things:

The number of ports for the sequence is now 4 ports. You can define as many ports as you want and also mix with udp and tcp ports (6666.8213: udp, 12312 tcp, 9432: udp);
We set a maximum time of 25 seconds (optional cmd_timeout = 25) to connect us. After 25 seconds, the rule is deleted and you must restart the sequence to connect. Knockd is a fairly simple to use and allows a little more secure Server. In our example, we have configured for ssh but you can configure it to PostgreSQL, mySQL or any other service.

Read More

[facebook src="Uptodatewithme" width="500" height="400" hide-cover="true" posts="true"/]

System & Network Permissions

System & Network Permissions

Linux is a system in which each person who is waiting to connect must have a user name and password. Each file belongs to a user and a group has different permissions (read, write, execute) for users, groups and everyone. By default, when you create a file it automatically belongs to the user and his group. Users are stored in the file / etc / passwd. We can add a user using the adduser command. Similarly, you can delete a user with deluser order. The groups are defined in the / etc / group file and used to define groups of users to define their scope.

Some permissions:

– The “r” read (read)
– Writing “w” (write)
– The execution “x” (execution)

These three states are given in the following order:

– The owner “u” (user)
– Users Group “g” (group)
– All other “o” (other) (that is to say, other users)

Let’s take a small example:

$ Ls-l file
Rwxrw–r – 1 user user 249 Jun 2 7:42 p.m. file

Here, the first indent indicates if file is a file or directory.

If file was a directory, then we would have:

drwxrw-r – 1 user user 249 Jun 2 7:42 p.m. file

The first showing directories “d”. We also have an “l” for a link, etc. Then three groups of three characters corresponding to the user, group and all other users. The letters r, w and x indicates that the file permissions and a dash indicates that he did not. In the previous example, file is read, write and execute (rwx) for the user to read, write (rw) for the group and just read (r -) for all others.

#chmod
We can change the permissions of a file or directory using two notations:

symbolic form:
rwx rx r -
user group other
“U” “g” “o”

digital form in octal (base 8):
rwx rw-r -
421420400
7 6 4

In digital form, the read permission is set to 4, the writing is set to 2 and run 1. Then, using chmod, just additional for each section (user, group and others) the values ​​you want to assign. In the previous example, rwx rw-r – gives us 764. rwx -> 4 +2 +1 = 7, rw -> 4 +2 = 6 and r -> 4. Now try to change permissions using the chmod command. For example:

$ Chmod 0744 file

is rwx r – r -. The first 0 means that in 0744 the number given in octal. To do the same thing in symbolic form, we should have:

$ Chmod u + rwx g+ r o + r file

In fact, we added (+) or subtract (-) the file or directory rights. To change all the permissions (rwx) to the user, group (g) and others (o), we can use ‘a’ (all) that allows you to change all change with one option.

$ Chmod ax file

This removes execute permission to everyone on the “File” file. Chmod can be used recursively using the-R

$ Chmod-R u + rw / path / to / directory

chown:
To change the owner of a file, we have the chown command. We use it as follows:

$ Chown username / path / to / file

change the owner of the file and assigns the user ‘user’. Similarly, we can also change the file group

$ Chown user.group / path / to / file

change the owner of the file and assigns it to user ‘user and group’ group ‘. As the parameter chmod-R can make recursive implementation of the new property (ie directories and sub-directories).
chgrp

This command allows us to change only the group:

$ Chgrp test / path / to / file

change the file group to the ‘test’ group. The argument ‘-R’ makes the recursive application.

Read More

[facebook src="Uptodatewithme" width="500" height="400" hide-cover="true" posts="true"/]