mirror of
https://github.com/jackyzha0/quartz.git
synced 2026-03-24 23:15:46 -05:00
vault backup: 2023-03-20 09:24:23
This commit is contained in:
Jet Hughes
parent
34766979c2
commit
d5a53001e0
91
content/notes/06-network-system-administration.md
Normal file
91
content/notes/06-network-system-administration.md
Normal file
@ -0,0 +1,91 @@
|
||||
---
|
||||
title: "06-network-system-administration"
|
||||
tags:
|
||||
- lecture
|
||||
- cosc301
|
||||
---
|
||||
|
||||
|
||||
security awareness
|
||||
- physical and network attacks
|
||||
- [[security]]
|
||||
|
||||
Computer/Internet hazards
|
||||
- SPAM/UCE (Unsolicited Commercial Email)
|
||||
- Phishing
|
||||
- Disk crashes/data loss
|
||||
- Loss of services due to outage
|
||||
- TCP/IP spoofing and sniffing (privacy)
|
||||
- Pornography
|
||||
- Ignorant users
|
||||
- Grumpy (former) employees
|
||||
- Administrators of the untrained kind
|
||||
|
||||
broken symlink
|
||||
- broken symlilnk/softlink can be a risk
|
||||
- If it is pointing to a location that is accessible by an attacker, it ends up retrieving a file belong to the attacker.
|
||||
- If it is a web server, you end up retrieve and present the attacker’s information.
|
||||
- Solution: NO_FOLLOW flag to stop following the symlink.
|
||||
|
||||
Roles in network community
|
||||
- Important roles include users, hosts, network components e.g. routers and operating systems.
|
||||
- Users - should be trained to be aware of the community. Human beings are usually the weakest link.
|
||||
- Host machines - should be allocated different tasks on different server machines
|
||||
- Routers/gateways
|
||||
- affect network security and performance
|
||||
- OS - have different pros and cons
|
||||
- UNIX/Linux, Windows, MAC OS, Netware
|
||||
|
||||
|
||||
Host Management
|
||||
- Shutting down a host
|
||||
- Turn off the power?
|
||||
- Should use command shutdown
|
||||
- shutdown -h time halt the system. time can be now.
|
||||
- shutdown -r time reboot the system
|
||||
- Log files and audits: health barometer of a host
|
||||
- syslogd: a daemon for logging messages. Its configuration file is /etc/syslog.conf
|
||||
- dmesg: check kernel messages
|
||||
- lastlog: check the last login time of every user
|
||||
- syslog under /var/log: the log file of the system
|
||||
- They should be rotated regularly
|
||||
|
||||
User Management
|
||||
- User account
|
||||
- Includes all the files, resources, and info belonging to one user. For commercial systems, it may include billing info.
|
||||
- Create a new account
|
||||
- adduser
|
||||
- Account info: username, password, user id, group id, full name of user, home directory, login shell
|
||||
- In the /etc/passwd file,
|
||||
- Amber:x:1000:100:Amber Dawn:/home/amber:/bin/bash
|
||||
- Check after adding
|
||||
- Involved files
|
||||
- /etc/passwd, /etc/group, /etc/shadow
|
||||
- In /etc/shadow,
|
||||
- Chloe:$2a$05$wa7xVOqOH4lVOrh.qa9ivSX0G0QUCFqbk11YV6:14743:0:99999:7:::
|
||||
- Username:encrypted password:last password change:minimum:expiration:warning:disabled:diabled date:reserved
|
||||
- User login environment
|
||||
- .bash_profile, .bashrc, /etc/profile
|
||||
- Place global files such as profile under /etc
|
||||
- Other scripts can be referred in it
|
||||
- Use env/set to check/set your environment
|
||||
- Paths and prompts
|
||||
- Keep a copy of your shell scripts (initial setups) in order to survive them from upgrade of OS/software
|
||||
- For more detailed info, man bash
|
||||
- Password
|
||||
- Very important for security
|
||||
- Should not be names of persons, books, places, your computer, nor your phone number, birthday, car registration plate, login name, words in dictionaries, keyboard sequence
|
||||
- Should be composed of letters (lower and upper cases), digits, and special characters like $,@
|
||||
- Refer to http://en.wikipedia.org/wiki/Password_strength
|
||||
- passwd imposes similar rules to make passwords secure.
|
||||
- Change frequently
|
||||
- User id and group id
|
||||
- Users should be divided into groups for security reasons, e.g. students, staff, admin
|
||||
- Special users/groups: nobody, mail, ftp
|
||||
- addgroup
|
||||
- In /etc/group,
|
||||
- video:x:33:hzy,paul,kai
|
||||
- Group name:password:group id;list of members
|
||||
|
||||
- Remove a user: deluser – The relevant lines from /etc/passwd, /etc/group, and /etc/shadow will be removed. – It is a good idea to first disable the account before you start removing stuff
|
||||
- Disable a user temporarily – A better way when you are not sure if a user will come back – Way 1: Put an * in the password field of /etc/shadow – Way 2: use passwd -{l|u} username – Way 3: Change the login shell to a script file
|
||||
8
content/notes/07-system-installation.md
Normal file
8
content/notes/07-system-installation.md
Normal file
@ -0,0 +1,8 @@
|
||||
---
|
||||
title: "07-system-installation"
|
||||
tags:
|
||||
- lecture
|
||||
- cosc301
|
||||
---
|
||||
|
||||
|
||||
@ -33,5 +33,5 @@ https://www.cs.otago.ac.nz/cosc301/schedule.php
|
||||
- [x] [[04-scripting-techniques]]
|
||||
- [x] [[05-filesystems]]
|
||||
- [[06-network-system-administration]]
|
||||
-
|
||||
- [[07-system-installation]]
|
||||
# Info
|
||||
|
||||
@ -22,7 +22,7 @@ tags:
|
||||
- [x] [[03-2d-transforms]]
|
||||
- [[04-mosaicing]]
|
||||
- [x] [[05-feature-description-and-matching]]
|
||||
- [ ] [[06-homographies]]
|
||||
- [x] [[06-homographies]]
|
||||
|
||||
# Info
|
||||
|
||||
|
||||
@ -17,9 +17,9 @@ tags:
|
||||
# Lectures
|
||||
- [x] [[01-intro-to-305]]
|
||||
- [x] [[02-intro-pervasive-and-ubiquitious]]
|
||||
- [[03-intro-AR-dev]]
|
||||
- [[04-lens-studio]]
|
||||
- [x] [[03-intro-AR-dev]]
|
||||
- [x] [[04-lens-studio]]
|
||||
- [x] [[05-pervasive-ubiquitious-2]]
|
||||
- [[06-challenges-for-ubicomp-and-intro-to-sensors]]
|
||||
- [x] [[06-challenges-for-ubicomp-and-intro-to-sensors]]
|
||||
|
||||
# Info
|
||||
Loading…
Reference in New Issue
Block a user