Linux For Beginners

What is Linux?

Linux is an operating system — very much like UNIX BUT NOT UNIX first released 5 October 1991 by Linus Torvalds.Linux is, in simplest terms, an operating system.It is the software on a computer that enables applications and the computer operator to access the devices on the computer to perform desired functions.
The operating system (OS) relays instructions from an application to, for instance, the computer’s processor.The processor performs the instructed task, then sends the results back to the application via the operating system

I will primarily focus on Linux, especially the Ubuntu Backtrack Fedora Distro, which I use as my primary OS on my desktop. Also will have quite a lot on Open Source Software (OSS), Asterisk-Opne Source Telephony, Nteworking , Programming and Technology related news, reviews, trends and what’s up with it today.

Where is Linux?

One of the most noted properties of Linux is where it can be used.
Windows and OS X are predominantly found on personal computing devices such as desktop and laptop computers.Other operating systems, such as Symbian, are found on small devices such as phones and PDAs, while mainframes and supercomputers found in major academic and corporate labs use specialized operating systems such as AS/400 and the Cray OS.

what is Gnome or kde ?

Acronym for GNU Network Object Model Environment. (Pronounced guh-nome.) KDE is simply KDE And it is a graphical user interface (GUI) and set of computer desktop applications for users of the Linux computer operating system. It’s intended to make a Linux operating system easy to use for non-programmers and generally corresponds to the Windows desktop interface and its most common set of applications. In fact, GNOME allows the user to select one of several desktop appearances. With GNOME, the user interface can, for example, be made to look like Windows 98 or like Mac OS.
The main objective of GNOME and KDE is to provide a user-friendly suite of applications and an easy-to-use desktop.

This is How GNOME LOOKS LIKE

Linux user, group, permissions part 2

Hi Today, I am gona Talk about Group’s in Linux and Unix Like Operating System. As i have mentioned in my previous post about User in Linux User Group Permission article So let’s continue in this article about Groups

GROUPs

# User are assigned to a group.
# Each group is assigned to uniqe group ID number (gid).
# Group ID are stored in /etc/group. 
# Each user us given their own private group.
# User can be added to other groups for additional access.
# All users in a group can share files that belongs to the group.
# In the right side figure you can see some reserved number partial listing of the default groups.

/etc/group or /etc/shadow files,

All the groups in you system are located in /etc/group file which is very important file,it is shown in this picture  

Creating a group in Linux

groupadd — Create a new group in you linux or unixl like Operating system.

# groupadd vipullinux.wordpress

This shows that i have created a group name call “vipullinux.wordpress” in my linux O/S which has gid = 1004 as i can see it in /etc/group file.

Modify a group in linux

#groupmod — Modify a group

# groupmod -n vipullinux vipullinux.wordpress

Here i have changed by group name from “vipullinux.wordpress” to “vipullinux” 

Add a user in group

usermod

usermod -g to modify user

usermod -g vipullinux root

Here you can see, i have assigned root user to “vipullinux” group 

For removing group from user

Here in the above picture, I have “root”,”vipullinux”,”hacker” as a group name. And i want to remove “hacker” and “vipullinux” group from my root user account.what i need to do here is,

# usermod -G root root

(i have reassigned group name “root” to my root user.  in this way i have removed “hacker”and “vipullinux” from the above group list  .

Delete group in Linux

groupdel — This will delete the secondary groups but not primary.

Here i have deleted the secondary group call “vipullinux” from this command

# groupdel vipullinux

That’s for today next will be file permission so get prepare for Mathematical class   bye

My main objectives of this Topics is to..

1. Explain the purpose of user and group accounts.
2. Read and set Files permissions.
3. Explain the Linux security model.
So let’s explain each of them.

Introduction to User and Group

Type in a shell # id you will get detils regading user and groups. Root is having 0 (user ID) and having 1002 group ID of bipul and bipul having (user ID) 1002 and group ID 1002.

Here uid –User ID
Here gid –Group ID

Explanation of root:x:0:1002:root:/root:/bin/bash which is in /etc/passwd

This “root” tells us that we are loggin as root
X signify encrupted password
0 is “uid”, 1002 is “gid”
:root: it is a comment,
/root/ is a directory assigned it,
/bin/bash is shell name which this account has.

Same here vipul,hacker,cracker is a account name
X it’s encrupted password
1005,1003,1004 is a “uid”
0,1004,1005 is a gid
:: It is a comment part which is empty here,
/home/vipul,cracker,hacker is a home directory assigned to it,
/bin/bsh,/bin/sh is shell type which it has.

1. USER

# Every user is assigned a unique user ID number that is called “uid” (user ID). And it is stored in file called passwd in # cat /etc/passwd
# If UID(User ID) is “0″ identifies root.
# In ubuntu user account is normally start at UID 1000 and in Fedora or red hat UID start at 500. 
# User are assigned to home directory (you can find the Home directory here. # cat /etc/passwd | grep “/home” ) and a program that is run when they log in (usually a shell).
# User can’t read write or execute each other files without permission.

In Debian/Ubuntu/ Backtrack

In Backtrack or Ubuntu 10.04 Lucid version. It has user ID “uid” start with 1000+.You can see i have user name with bipul(1002) vipul(1005) hacker(1003) cracker(1004) all starting with 1000 + numbers. And on top you can see 0 for root account.And rest all below 1000 are system user ID Which is in # cat /etc/passwd

How to create New User in you Linux

The root user is responsible for creating account. So Login as root user (or use sudo command) There is Two command which is used to create new user in Linux.

1. useradd
2. adduser

Depending on command line options, the useradd command will update system files (/etc/passwd and /etc/shadow file with password) and may also create the new user’s home directory and copy initial files.for example

1.useradd

This is a fundamental low level tool for user creation. To create user with default configurations use useradd as shown below. To view the default options which i am going to get in the following command with the option -D

# useradd -D

GROUP:
This is the only option which will not be taken as default. Because if you don’t specify -n option a group with same name as the user will be created and the user will be added to that group. To avoid that and to make the user as the member of the default group you need to give the option -n.
HOME
This is the default path for the home directory. Now the home directory will be created as/home/USERNAME.
INACTIVE 
-1 by default disables the feature of disabling the account once the user password has expired. To change this behavior you need to give a positive number which means if the password gets expired after the given number of days the user account will be disabled.
EXPIRE
The date on which the user account will be disabled.
SHELL
Users login shell.That is /bin/sh which i call jail  
SKEL
Contents of the skel directory will be copied to the users home directory.
CREATE_MAIL_SPOOL
According to the value creates or does not create the mail spool.

Now i have created user name call hacker with command

# useradd hacker
# passwd hacker

You can see in figure it has shell /bin/sh and home directory /home/hacker assigned to it.

Set account disable date

useradd -e {yyyy-mm-dd} {username}

# useradd -e 2012-12-31 hacker1

Through this option account hacker1 is going to disable on coming 2012 december 31 

Set default password expiry

The -f {days} option set number of days after the password expires until the account is disabled. (If 0 is specified, the account is disabled immediately after the password expires. If -1 is specified, the account is not be disabled after the password expires.)

# useradd -e 2012-12-31 -f 30 hacker1

2.adduser

In this command it will ask automatically for password and also for comment. as you can see in figure.

To delete a user account

# userdel hacker

it will delete the account 

NEXT WILL BE OF GROUP “HOW TO MAKE GROUP , HOW TO ADD A GROUP AND ASSIGN USER IN GROUP 

Introduction to Cyber Law of India (Part 1)

In Simple way we can say that cyber crime is unlawful acts wherein the computer is either a tool or a target or both

Cyber crimes can involve criminal activities that are traditional in nature, such as theft, fraud, forgery, defamation and mischief, all of which are subject to the Indian Penal Code. The abuse of computers has also given birth to a gamut of new age crimes that are addressed by the Information Technology Act, 2000.

We can categorize Cyber crimes in two ways

The Computer as a Target :-using a computer to attack other computers.

e.g. Hacking, Virus/Worm attacks, DOS attack etc.

The computer as a weapon :-using a computer to commit real world crimes.

e.g. Cyber Terrorism, IPR violations, Credit card frauds, EFT frauds, Pornography etc.

Cyber Crime regulated by Cyber Laws or Internet Laws.

Technical Aspects

Technological advancements have created new possibilities for criminal activity, in particular the criminal misuse of information technologies such as

a. Unauthorized access & Hacking:-

Access means gaining entry into, instructing or communicating with the logical, arithmetical, or memory function resources of a computer, computer system or computer network.

Unauthorized access would therefore mean any kind of access without the permission of either the rightful owner or the person in charge of a computer, computer system or computer network.

Every act committed towards breaking into a computer and/or network is hacking. Hackers write or use ready-made computer programs to attack the target computer. They possess the desire to destruct and they get the kick out of such destruction. Some hackers hack for personal monetary gains, such as to stealing the credit card information, transferring money from various bank accounts to their own account followed by withdrawal of money.

By hacking web server taking control on another persons website called as web hijacking

b. Trojan Attack:-

The program that act like something useful but do the things that are quiet damping. The programs of this kind are called as Trojans.

The name Trojan Horse is popular.

Trojans come in two parts, a Client part and a Server part. When the victim (unknowingly) runs the server on its machine, the attacker will then use the Client to connect to the Server and start using the trojan.

TCP/IP protocol is the usual protocol type used for communications, but some functions of the trojans use the UDP protocol as well.

c. Virus and Worm attack:-

A program that has capability to infect other programs and make copies of itself and spread into other programs is called virus.

Programs that multiply like viruses but spread from computer to computer are called as worms.

d. E-mail & IRC related crimes:-

1. Email spoofing

Email spoofing refers to email that appears to have been originated from one source when it was actually sent from another source. Please Read

2. Email Spamming

Email “spamming” refers to sending email to thousands and thousands of users – similar to a chain letter.

3 Sending malicious codes through email

E-mails are used to send viruses, Trojans etc through emails as an attachment or by sending a link of website which on visiting downloads malicious code.

4. Email bombing

E-mail “bombing” is characterized by abusers repeatedly sending an identical email message to a particular address.

5. Sending threatening emails

6. Defamatory emails

7. Email frauds

8. IRC related

Three main ways to attack IRC are: “verbalâ⦣8218;?Ŧ#8220; attacks, clone attacks, and flood attacks.

e. Denial of Service attacks:-

Flooding a computer resource with more requests than it can handle. This causes the resource to crash thereby denying access of service to authorized users.

Our support will keep you aware of types of Cyber crimes while companies such as www.Lifelock.com can give you the right protection against them.

Examples include

attempts to “flood” a network, thereby preventing legitimate network traffic

attempts to disrupt connections between two machines, thereby preventing access to a service

attempts to prevent a particular individual from accessing a service

attempts to disrupt service to a specific system or person.

Introduction to Cyber Law of India (Part 2)

Distributed DOS

A distributed denial of service (DoS) attack is accomplished by using the Internet to break into computers and using them to attack a network.

Hundreds or thousands of computer systems across the Internet can be turned into “zombies” and used to attack another system or website.

Types of DOS

There are three basic types of attack:

a. Consumption of scarce, limited, or non-renewable resources like NW bandwith, RAM, CPU time. Even power, cool air, or water can affect.

b. Destruction or Alteration of Configuration Information

c. Physical Destruction or Alteration of Network Components

e. Pornography:-

The literal mining of the term ‘Pornography’ is “describing or showing sexual acts in order to cause sexual excitement through books, films, etc.”

This would include pornographic websites; pornographic material produced using computers and use of internet to download and transmit pornographic videos, pictures, photos, writings etc.

Adult entertainment is largest industry on internet.There are more than 420 million individual pornographic webpages today.

Research shows that 50% of the web-sites containing potentially illegal contents relating to child abuse were ‘Pay-Per-View’. This indicates that abusive images of children over Internet have been highly commercialized.

Pornography delivered over mobile phones is now a burgeoning business, “driven by the increase in sophisticated services that deliver video clips and streaming video, in addition to text and images.”

Effects of Pornography

Research has shown that pornography and its messages are involved in shaping attitudes and encouraging behavior that can harm individual users and their families.

Pornography is often viewed in secret, which creates deception within marriages that can lead to divorce in some cases.

In addition, pornography promotes the allure of adultery, prostitution and unreal expectations that can result in dangerous promiscuous behavior.

Some of the common, but false messages sent by sexualized culture.

Sex with anyone, under any circumstances, any way it is desired, is beneficial and does not have negative consequences.

Women have one value – to meet the sexual demands of men.

Marriage and children are obstacles to sexual fulfillment.

Everyone is involved in promiscuous sexual activity, infidelity and premarital sex.

Pornography Addiction

Dr. Victor Cline, an expert on Sexual Addiction, found that there is a four-step progression among many who consume pornography.

1.Addiction: Pornography provides a powerful sexual stimulant or aphrodisiac effect, followed by sexual release, most often through

masturbation.

2.Escalation: Over time addicts require more explicit and deviant material to meet their sexual “needs.”

3.Desensitization: What was first perceived as gross, shocking and disturbing, in time becomes common and acceptable.

4.Acting out sexually: There is an increasing tendency to act out behaviors viewed in pornography.

g. Forgery:-

Counterfeit currency notes, postage and revenue stamps, mark sheets etc can be forged using sophisticated computers, printers and scanners.

Also impersonate another person is considered forgery.

h. IPR Violations:-

These include software piracy, copyright infringement, trademarks violations, theft of computer source code, patent violations. etc.

Cyber Squatting- Domain names are also trademarks and protected by ICANN’s domain dispute resolution policy and also under trademark laws.

Cyber Squatters registers domain name identical to popular service provider’s domain so as to attract their users and get benefit from it.

i. Cyber Terrorism:-

Targeted attacks on military installations, power plants, air traffic control, banks, trail traffic control, telecommunication networks are the most likely targets. Others like police, medical, fire and rescue systems etc.

Cyberterrorism is an attractive option for modern terrorists for several reasons.

1.It is cheaper than traditional terrorist methods.

2.Cyberterrorism is more anonymous than traditional terrorist methods.

3.The variety and number of targets are enormous.

4.Cyberterrorism can be conducted remotely, a feature that isespecially appealing to terrorists.

5.Cyberterrorism has the potential to affect directly a larger number of people.

j. Banking/Credit card Related crimes:-

In the corporate world, Internet hackers are continually looking for opportunities to compromise a company’s security in order to gain access to confidential banking and financial information.

Use of stolen card information or fake credit/debit cards are common.

Bank employee can grab money using programs to deduce small amount of money from all customer accounts and adding it to own account also called as salami.

k. E-commerce/ Investment Frauds:-

Sales and Investment frauds. An offering that uses false or fraudulent claims to solicit investments or loans, or that provides for the purchase, use, or trade of forged or counterfeit securities.

Merchandise or services that were purchased or contracted by individuals online are never delivered.

The fraud attributable to the misrepresentation of a product advertised for sale through an Internet auction site or the non-delivery of products purchased through an Internet auction site.

Investors are enticed to invest in this fraudulent scheme by the promises of abnormally high profits.

l. Sale of illegal articles:-

This would include trade of narcotics, weapons and wildlife etc., by posting information on websites, auction websites, and bulletin boards or simply by using email communication.

Research shows that number of people employed in this criminal area. Daily peoples receiving so many emails with offer of banned or illegal products for sale.

m. Online gambling:-

There are millions of websites hosted on servers abroad, that offer online gambling. In fact, it is believed that many of these websites are actually fronts for money laundering.

n. Defamation: -

Defamation can be understood as the intentional infringement of another person’s right to his good name.

Cyber Defamation occurs when defamation takes place with the help of computers and / or the Internet. E.g. someone publishes defamatory matter about someone on a website or sends e-mails containing defamatory information to all of that person’s friends. Information posted to a bulletin board can be accessed by anyone. This means that anyone can place

Cyber defamation is also called as Cyber smearing.

Cyber Stacking:-

Cyber stalking involves following a persons movements across the Internet by posting messages (sometimes threatening) on the bulletin boards frequented by the victim, entering the chat-rooms frequented by the victim, constantly bombarding the victim with emails etc.

In general, the harasser intends to cause emotional distress and has no legitimate purpose to his communications.

p. Pedophiles:-

Also there are persons who intentionally prey upon children. Specially with a teen they will let the teen know that fully understand the feelings towards adult and in particular teen parents.

They earns teens trust and gradually seduce them into sexual or indecent acts.

Pedophiles lure the children by distributing pornographic material, then they try to meet them for sex or to take their nude photographs including their engagement in sexual positions.

q. Identity Theft :-

Identity theft is the fastest growing crime in countries like America.

Identity theft occurs when someone appropriates another’s personal information without their knowledge to commit theft or fraud.

Identity theft is a vehicle for perpetrating other types of fraud schemes.

r. Data diddling:-

Data diddling involves changing data prior or during input into a computer.

In other words, information is changed from the way it should be entered by a person typing in the data, a virus that changes data, the programmer of the database or application, or anyone else involved in the process of having information stored in a computer file.

It also include automatic changing the financial information for some time before processing and then restoring original information.

s. Theft of Internet Hours:-

Unauthorized use of Internet hours paid for by another person.

By gaining access to an organisation’s telephone switchboard (PBX) individuals or criminal organizations can obtain access to dial-in/dial-out circuits and then make their own calls or sell call time to third parties.

Additional forms of service theft include capturing ‘calling card’ details and on-selling calls charged to the calling card account, and counterfeiting or illicit reprogramming of stored value telephone cards.

t. Theft of computer system (Hardware):-

This type of offence involves the theft of a computer, some part(s) of a computer or a peripheral attached to the computer.

u. Physically damaging a computer system:-

Physically damaging a computer or its peripheralseither by shock, fire or excess electric supply etc.

v. Breach of Privacy and Confidentiality

Privacy

Privacy refers to the right of an individual/s to determine when, how and to what extent his or her personal data will be shared with others.

Breach of privacy means unauthorized use or distribution or disclosure of personal information like medical records, sexual preferences, financial status etc.

Confidentiality

It means non disclosure of information to unauthorized or unwanted persons.

In addition to Personal information some other type of information which useful for business and leakage of such information to other persons may cause damage to business or person, such information should be protected.

Generally for protecting secrecy of such information, parties while sharing information forms an agreement about he procedure of handling of information and to not to disclose such information to third parties or use it in such a way that it will be disclosed to third parties.

Many times party or their employees leak such valuable information for monitory gains and causes breach of contract of confidentiality.

Special techniques such as Social Engineering are commonly used to obtain confidential information.

ns working

Contd 2

1

Lol packets are moving like Bullet So here is Question? How i did this :p. it’s really simple i made a small script in TCL language, which is basically design to stimulate UDP packet’s from node 0 to node 1 via one Link. Let me explain you..but Before check Below Fundamental’s for writing tcl script for Network simulator-2 I have devided this codes into 6 parts with each explanation 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 set ns [new Simulator] set nf [open out.nam w] $ns namtrace-all $nf proc finish {} {         global ns nf         $ns flush-trace         close $nf         exec nam out.nam &         exit 0 } $ns at 3.0 "finish" set n0 [$ns node] set n1 [$ns node] $ns duplex-link $n0 $n1 1Mb 10ms DropTail $ns run 1. we need to create a simulator object something like this. 1 set ns [new Simulator] 2.Now we need to open a file for writing that is going to be used for the nam trace data.First line open a file ‘out.nam’ for writing and give it to file handle ‘nf’ 1 set nf [open out.nam w] In this code we are telling simulator object that we created above to write all simulation data that is going to be relevant for nam into this file 1 $ns namtrace-all $nf 3.This is to add a ‘finish’ procedure that closes the trace file and start nam 1 2 3 4 5 6 7 proc finish {} {         global ns nf         $ns flush-trace         close $nf         exec nam out.nam &         exit 0 } 4.This one tell simulator object to execute the ‘finish’ procedure after 3.0 seconds of simulation time 1 $ns at 3.0 "finish" 5. This code tells the simulator object to connects the nodes n0 and n1 with duplex link with a bandwidth 1 Megabit,a delay of 10ms Drop tail (A simple queue management algorithm used by internet routers to decides when to drop packets  ) 1 $ns duplex-link $n0 $n1 1Mb 10ms DropTail 6.This is a last line finally starts the simulation 1 $ns run Now save the above script with .tcl extansion, and Open a terminal type 1 ns filename.tcl You will se something like this NOW to send a data on two nodes via one link, we need to do certaine things 1.Create a UDP agent. 2.Create a CBR traffic source. 3.Create NULL agent which act as a traffic sink 4.Connect the two agent with each other. 5.Fixe the time when to send and stop a data. 1.Create a UDP agent and attach it to node n0 1 2 set udp0 [new Agent/UDP] $ns attach-agent $n0 $udp0 2.Create a CBR traffic source and attach it to udp0 1 2 3 4 set cbr0 [new Application/Traffic/CBR] $cbr0 set packetsize_ 500 $cbr0 set interval_ 0.005 $cbr0 attach-agent $udp0 3.The next lines creates a null agent which acts as traffic sink and attach it to node n1 1 2 set null0 [new Agent/null] $ns attach-agent $n1 $null0 4. Now we are going to connect two agents with each other 1 $ns connect $udp0 $null0 5 NOw to fix a time by telling CBR agent when to send data and when to stop sending a data by following code 1 2 $ns at 0.5 "$cbr0 start" $ns at 4.5 "$cbr0 stop" So here is a complete code 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 #Create a simulator object set ns [new Simulator] #Open the nam trace file set nf [open out.nam w] $ns namtrace-all $nf #Define a 'finish' procedure proc finish {} {         global ns nf         $ns flush-trace     #Close the trace file         close $nf     #Execute nam on the trace file         exec nam out.nam &         exit 0 } #Create two nodes set n0 [$ns node] set n1 [$ns node] #Create a duplex link between the nodes $ns duplex-link $n0 $n1 1Mb 10ms DropTail #Create a UDP agent and attach it to node n0 set udp0 [new Agent/UDP] $ns attach-agent $n0 $udp0 # Create a CBR traffic source and attach it to udp0 set cbr0 [new Application/Traffic/CBR] $cbr0 set packetSize_ 500 $cbr0 set interval_ 0.05 $cbr0 attach-agent $udp0 #Create a Null agent (a traffic sink) and attach it to node n1 set null0 [new Agent/Null] $ns attach-agent $n1 $null0 #Connect the traffic source with the traffic sink $ns connect $udp0 $null0  #Schedule events for the CBR agent $ns at 0.5 "$cbr0 start" $ns at 4.5 "$cbr0 stop" #Call the finish procedure after 5 seconds of simulation time $ns at 5.0 "finish" #Run the simulation $ns run Now save it with some name with .tcl extension,and again Open a terminal Type 1 ns filename.tcl