14. Final Exam review¶
14.1. How to post the answers in the jupyter notebook.¶
The final exam should be completed on your virtual desktop, and reported in jupyter notebook.
Jupyter notebook installation on the virtual desktop was discussed in the previous lecture.
Create directory Final in your home directory on the virtual desktop:
mkdir Final
Download the exam ipynb file into directory Final:
cd Final
wget http://capone.rutgers.edu/coursefiles/Final_exam_preparation.ipynb
Copy the ipynb file into your desktop#.ipynb:
cp Final_exam_preparation.ipynb $(uname -n)-final.ipynb
Restart the jupyter notebook on your desktop:
pkill -9 jupyter-notebook
jupyter notebook &
Access jupyter notebook through the browser on your virtual desktop by navigating to URL below:
http://localhost:8888
Navigate to folder Final. Open your desktop ipynb file, for example
desktop16-final.ipynb
Complete the final exam exercises. In the beginning and the end, execute the clock in and clock out cells, accordingly.
14.2. Final Exam 2021 sample¶
The exercises are supposed to be done by each student solely on his/her desktop in the Linux lab, D-112. It is allowed to use the lecture notes at https://linuxcourse.rutgers.edu, any printed material, as well as internet published resources. Number of exercises: 5. Each exercise has a maximum score.
You can do the exam continuously for 3 hrs at any time between Thursday 7/8/21 morning time and Friday 7/9/21 before midnight. There are clock in and clock out scripts to start and submit the exam.
Please put your name in the cell below.
Execute the python script in the cell below to clock in when you start working on the exam. When you are done, execute the cell with exam_end() at the bottom to submit your work. If you submit it multiple times, only the last one will be greaded.
Your name: Alexei
Your desktop number: desktop01
#Execute the cell for exam start date and time:
from datetime import datetime
now = datetime.now()
dt_string_start = now.strftime("%d/%m/%Y %H:%M")
print('Exam Start:', dt_string_start)
Exam Start: 07/07/2021 21:23
14.3. 1. Port scan (max score 4)¶
A) Download final2020.tgz from http://capone.rutgers.edu/coursefiles/final2020.tgz by using command wget, and deploy final2020 VM on your desktop.
B) By using command lsof on the VM find out what network services are running, what processes IDs (PIDs) they have, and what ports they open.
C) Find out the IP address of the VM. By using command nmap on the desktop, run TCP port scan for final2020 VM.
Answer:
A)
wget http://capone.rutgers.edu/coursefiles/final2020.tgz
tar -zxvf final2020.tgz
mv final2020.qcow2 KVM/
sudo cp final2020.xml /etc/libvirt/qemu
virsh define /etc/libvirt/qemu/final2020.xml
B)
root@final2020:~# lsof -i -P
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
systemd-n 251 systemd-network 20u IPv4 13945 0t0 UDP final2020:68
systemd-r 256 systemd-resolve 12u IPv4 12264 0t0 UDP localhost:53
systemd-r 256 systemd-resolve 13u IPv4 12265 0t0 TCP localhost:53 (LISTEN)
vsftpd 279 root 3u IPv6 13135 0t0 TCP *:21 (LISTEN)
sshd 280 root 3u IPv4 13238 0t0 TCP *:22 (LISTEN)
sshd 280 root 4u IPv6 13249 0t0 TCP *:22 (LISTEN)
lighttpd 283 www-data 6u IPv4 13663 0t0 TCP *:80 (LISTEN)
lighttpd 283 www-data 7u IPv4 13664 0t0 TCP *:443 (LISTEN)
C)
ip a
192.168.122.10
root@desktop01:~# nmap -sT 192.168.122.10
Starting Nmap 7.60 ( https://nmap.org ) at 2021-07-07 18:36 EDT
Nmap scan report for 192.168.122.10
Host is up (0.000056s latency).
Not shown: 996 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
80/tcp open http
443/tcp open https
MAC Address: 52:54:00:0B:94:F0 (QEMU virtual NIC)
14.4. 2. Iptables (max score 6)¶
A) On the VM, deploy iptables rules to allow SSH and https access from anywhere, while ftp and http from your desktop only. All other ports should be closed.
B) Scan the VM with nmap again to verify that the
SSH, ftp, http, https, andftpports are open for the desktop.C) Start another VM you have, for example, testub. Install nmap on the VM, and scan the TCP ports for final2020. Verify that only SSH and https ports are open.
D) On the VM, flush the iptables rules and redefine the default policy to ACCEPT. Scan the ports on the VM from testub to make sure they are open.
Answer:
A)
#!/bin/bash
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP
iptables -F
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -j ACCEPT
iptables -A INPUT -p icmp -j ACCEPT
iptables -A INPUT -p tcp --dport 21 -s 192.168.122.1 -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -s 192.168.122.1 -j ACCEPT
B)
root@desktop01:~# nmap -sT 192.168.122.10
Starting Nmap 7.60 ( https://nmap.org ) at 2021-07-07 18:58 EDT
Nmap scan report for 192.168.122.10
Host is up (0.00032s latency).
Not shown: 996 filtered ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
80/tcp open http
443/tcp open https
MAC Address: 52:54:00:0B:94:F0 (QEMU virtual NIC)
Nmap done: 1 IP address (1 host up) scanned in 4.92 seconds
C)
root@testub:~# nmap -sT 192.168.122.10
Starting Nmap 7.60 ( https://nmap.org ) at 2021-07-07 19:00 EDT
Nmap scan report for final2020 (192.168.122.10)
Host is up (-0.12s latency).
Not shown: 998 filtered ports
PORT STATE SERVICE
22/tcp open ssh
443/tcp open https
MAC Address: 52:54:00:0B:94:F0 (QEMU virtual NIC)
Nmap done: 1 IP address (1 host up) scanned in 4.77 seconds
D)
iptables -P INPUT ACCEPT
iptables -F
14.5. 3. Shell scripts (max score 4)¶
Below are two shell scripts. Script
send.sh
#!/bin/bash
ipaddr='192.168.122.11'
port='9092'
echo "provide input file name"
read fname
/bin/cat "$fname" | /bin/netcat -N "$ipaddr" $port
and script receive.sh:
#!/bin/bash
DIR='/home/hostadm'
fname='fileget.out'
port='9092'
if [ -s "$DIR/$fname" ]
then
echo 'file exists'
else
/bin/netcat -N -l "$port" > "$DIR/$fname"
fi
A) What do the scripts do?
B) Put script receive.sh on final2020 VM. Put script send.sh on the desktop, and modify variable ipaddr in the script to match the IP address of final2020. Run both the scripts to send/receive a file between the desktop and final2020 VM.
Answer:
A) send.sh sends data over netcat, receive.sh receives data from netcat, and stores into fileget.out.
B) chmod a+X send.sh, chmod a+x receive.sh, ./receive.sh on final2020. ./send.sh on the desktop
14.7. Exercises for final exam preparation¶
14.8. 5. Shell scripting¶
Consider the following script:
#!/bin/bash
cmmd= /usr/bin/md5sum
for i in $(ls /etc); do
if [ ! -d /etc/$i ] then
$cmmd /etc/$i
fi
done
It fails to run due to a few syntactic errors.
A) Find the errors in the script.
B) Explain what the script does.
Answer:
A) Fixed script:
#!/bin/bash
cmmd=/usr/bin/md5sum
for i in $(ls /etc); do
if [ ! -d /etc/$i ]
then
$cmmd /etc/$i
fi
done
B) Computes md5sun hashes on the files in /etc directory.
14.9. 6. Task scheduling¶
A) Schedule the script to run once on July 9 at 11 pm.
B) Schedule the script to run every Wednesday at 10:15 AM.
Answer:
A)
at -f /home/hostadm/script.sh 2215 Jul 9
B) in /etc/crontab, add:
15 10 * * 3 root /home/hostadm/script.sh
14.11. 9. Password cracking¶
Below are user accounts.
basy:$1$saltsalt$9WRUUPoE8YGh.hHkKg/EP1
jim:$1$saltsalt$RMHBY/dfOK.dm9QkTY5KM1
sam:$1$saltsalt$4OYf3FzwaLsHVuINLQZDK.
A) What encryption algorithm was used to generate the hashes?
B) What is the salt?
C) Try using John the Ripper to crack the hashes.
Answer:
A) md5
B) saltsalt
C)
/usr/sbin/john passwords.txt
Created directory: /home/hostadm/.john
Loaded 3 password hashes with no different salts (md5crypt [MD5 32/64 X2])
Press 'q' or Ctrl-C to abort, almost any other key for status
security (jim)
awesome (sam)
admin1 (basy)
3g 0:00:00:00 100% 2/3 7.894g/s 13928p/s 13928c/s 29244C/s admin..admin1
Use the "--show" option to display all of the cracked passwords reliably
Session completed
14.12. 10. Port scanning¶
Download a VM from http://capone.rutgers.edu/coursefiles/midterm_VM.tgz
Deploy the VM.
A) On the VM, install the following packages: lighttpd, vsftpd, rpcbind, openssh-server.
B) On the desktop, run nmap scanner to see the open ports on the VM.
Answer:
A) apt install lighttpd vsftpd rpcbind openssh-server
B) nmap -sT 192.168.122.10
Starting Nmap 7.60 ( https://nmap.org ) at 2021-07-07 19:32 EDT
Nmap scan report for 192.168.122.10
Host is up (0.000071s latency).
Not shown: 996 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
80/tcp open http
443/tcp open https
MAC Address: 52:54:00:0B:94:F0 (QEMU virtual NIC)
nmap -sU 192.168.122.10
#!/bin/bash
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP
iptables -F INPUT
iptables -F OUTPUT
iptables -F FORWARD
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 1024:65535 -m state --state ESTABLISHED,RELATET -j ACCEPT
14.13. 11. Iptables¶
A) On the VM, deploy iptables rules to allow only SSH access.
B) Scan the VM with nmap again to verify that only the SSH port is open.
Answer:
14.14. 12. Clear iptables rules¶
On the VM, flush the iptables rules and redefine the default policy to ACCEPT.
Scan the ports on the VM to make sure they are open.
Answer:
14.15. 13 NFS mounts¶
A) On final2020 VM install NFS server. export directories
/exports/DD1and/exports/DD2to 192.168.122.188B) On 192.168.122.188 VM, mount dirextories
/exports/DD1and/exports/DD2.C) What users can write in which directories.
Answer:
A) On final2020, we install the NFS server package:
apt install nfs-kernel-server
apt install nfs-common
In /etc/exports, we put the following:
/exports/DD1 192.168.122.188(rw)
/exports/DD2 192.168.122.188(rw)
systemctl restart nfs-kernel-server
B) On testub, run command
apt install nfs-common
showmount -e 192.168.12.10
to see what the directories are exported.
Create mounting points:
mkdir /mnt/DD1
mkdir /mnt/DD2
mount the directories:
mount 192.168.122.10:/exports/DD1 /mnt/DD1
mount 192.168.122.10:/exports/DD2 /mnt/DD2
Check if the directories are mounted:
df -h
C) As hostadm
cd /mnt/DD1
touch file.txt
success
As root:
cd /mnt/DD2
touch file.txt
doesn’t work
user hostadm can write into directory /mnt/DD1
user root can’t write in either /mnt/DD1 or /mnt/DD2