, , ,

Day 011 #FromZeroToHacker – Linux Fundamentals: Part 3

Time to power up our Linux Fundamental skills and get hands-on with some common Linux utilities and command that we will use in our day-to-day.

This is the last of the 3-part from our #FromZeroToHacker Linux fundamentals.

Table of contents
Introduction
What I have learnt today?
Stats
Resources

Introduction to Linux Fundamentals

Another long lesson! Probably the longest of the three, but we learnt a lot:

  • We saw how to use terminal text editors such as Nano and VIM
  • General utilities, such as downloading and serving files, creating a quick local server with Python, etc
  • Saw how we can check and manage processes
  • Understood how we can maintain and automate our system with crontabs, package management, and automated logs.

What I have learnt today?

Terminal Text Editors

We haven’t edited text with Linux. Not at least in a proper way: We just used echo TEXT > FILENAME, and that’s not the efficient nor comfortable way to work with files, especially if they are big!

Let’s see some text editors that make our way more comfortable by giving us an improved UI and utilities.

Nano

To create or edit a file using nano, just use nano FILENAME. For example, let’s try the command nano samplefile:

Example of the Linux Nano text editor

We can move up and down with the arrow keys, create a new line with Enter, and we have loads of options at the bottom (Justify text, cut and paste, find…). You can use these options by pressing Control (The ^ symbol) and the indicated letter. For example, to get Help, just press Control + X.

Vim

VIM is way more advanced than nano. It is considered for experts, as it has a lot of advanced features, but once you understand how it works, it will multiply your productivity. Or, as many of us feel, it will feel like hell.

One day I’ll try again, I swear.

Despite taking a long time to become familiar with, VIM includes a great set of features:

  • Highly customisable. You can modify the keyboard shortcuts as you wish
  • Syntax highlighting. Highly useful when you are writing code, and therefore great for software developers.
  • Works on every terminal, where nano may be or may not be installed
  • A lot of resources such as cheat sheets and online tutorials to learn how to use it. Believe, you will need them.

General and useful utilities

Downloading files

A basic skill we need to know as Linux users (and future hackers) is the ability to transfer files. We may want to download a program or an image. Or maybe a script inside the target machine.

One quick way is by using wget URL. This command downloads the file in the URL via HTTP.

Transferring files from your host via SSH

Secure CoPy, or SCP, is a way to securely copy files between two computers via SSH protocol, providing authentication and encryption. It lets you transfer files from one device to another in a bi-directional fashion.

The syntax is a bit long, but it is like this: scp FILENAME REMOTE_USER_NAME@REMOTE_IP:REMOTE_TRANSFERED_FILE.

So, if we want to send the passwords.txt file to the IP 10.10.124.42, with the user admin, this is the command we should use: scp passwords.txt admin@10.10.124.42:/var/passwords.txt

But we can also transfer a file from the remote device. Let’s do the reverse process with the same devices: scp admin@10.10.124.42:/var/passwords.txt passwords.txt.

Serving files from your host

Linux machines come with Python (a great programming language), that includes a module called HTTPServer. This module lets you turn your computer into a web server easily, where you can serve files, to be available to download by another device with curl or wget.

To serve files, simply move to the directory you want to use as root and type python3 -m http.server:

Python web server


For the sake of learning, let’s create a file with text inside in one computer, then we will open a webserver and download that file on a second device:

Transferring files from one computer to another with wget

Processes 101

Processes are programs running in the background of our device. Managed by the kernel, each process has its own ID associated, known as PID.

Viewing processes

We can use the ps command to provide a list of the running processes with some info, such as how much CPU is using, the name of the program, status code, etc:

Using the PS command to view active processes

To see processes run by other users and processes that don’t run from a session (system processes), we provide the aux flag: ps aux.

Using the ps aux command to view all the active processes

As we can see, we have a lot of programs that were running in the background. We also have more columns, having access to more info than just using ps.

Another very useful command is the top command. It gives you real-time statistics about the processes running instead of a snapshot. The statistics refresh every 10 seconds, but also if you use the arrow keys:

Using the top command to view active processes, sorted by usage while refreshing them every 10 seconds

(You can’t see it, as it is just a static image, but it updates every 10 seconds)

Managing processes

We can control the processes by sending signals. For example, we can kill a process with the kill command and the PID: kill PID.

We can give signals to kill the process in a different way:

  • SIGTERM – Kill the process, allowing it to do some cleanup tasks beforehand
  • SIGKILL – Kill the process without any cleanup
  • SIGSTOP – Stop or suspend a process

Getting processes and services to start on boot

We can set up our device to start applications on the boot of the system. Web servers, database servers…

By using the command systemctl OPTION SERVICE, we can start, stop, enable, or disable a service on boot. systemctl start apache2 would start apache2 as soon as we start up. Easy, right?

An Introduction to Backgrounding and Foregrounding in Linux

Processes have two states: In the background or in the foreground. A command, for example echo, that you run in our terminal will run in the foreground of our terminal. By adding &, we can make a command run in the background:

Background and foregrounding in Linux

In the first line, we just print the text: It is in the foreground. But in the second line, by adding &, we are telling Linux to run the command in the background, giving us an ID of the process rather than the text, as it is running in the background.

This option is great for long processes that take a lot of time, such as copying big files, because it let us run the command in the background while keeping the terminal available to do more commands without waiting for the transfer to happen.

We can stop it anytime with Control + C.

But at the same time, we can foreground, or move to the front, a process. Instead of &, we can use fg to bring back the process into use, getting the output of the processes.

Maintaining Your System: Automation

Sometimes we want to do periodical actions or tasks, and we are too lazy (as you should) to do each one manually every day, at the same time. Luckily, we have a cron process, which we can interact with via crontabs. Crontab is one of the processes that is started during boot, and it manages cron jobs.

A crontab is a special file with formatting that is recognised by the cron process to execute each line step by step. A crontab requires 6 values:

  • MIN -> What minute to execute at
  • HOUR -> What hour to execute at
  • DOM -> What Day Of the Month to execute at
  • MON -> What MONth of the year to execute at
  • DOW -> What Day Of the Week to execute at
  • CMD -> The actual command to be executed

For example, if we want to backup the Documents folder every 12 hours to the backups folder, we can write 0 *12 * * * cp -R /home/cmnatic/Documents /var/backups/.

We can use an asterisk o wildcard (*) if we don’t wish to provide a value for that specific field.

It may be a bit weird for beginners, especially if you want to make some things more complex than that, but we have resources such as the Crontab Generator that creates a line for you. You can learn more about cronjobs at the site Cron Guru.

Crontabs can be edited by using crontab -e, where you can select an editor (nano, VIM…) to edit your crontab.

Maintaining your system: Package management

Introducing packages and software repos

New software can be found for free in the Linux repository. Developers create new programs and tools which are submitted to the repository and if approved, they will be released.

Managing your repositories (Adding and removing)

Normally, we use the apt command to install software. The apt command is part of the package management software, and it contains a suite of tools that allow us to manage the packages and sources of our software while installing and removing software at the same time.

While we could use installers as dpkg, apt auto-update the repositories when we update our system too.

For example, let’s install Sublime Text, a text editor. But before that, we need to download the GPG key or Gnu Privacy Guard, which checks the integrity of what we download, confirming that we are downloading the software and not some obscure program from the internet.

  1. Download the GPG key:
    wget -qO - https://download.sublimetext.com/sublimehq-pub.gpg | sudo apt-key add -
  2. With the key added to our trusted list, we can add Sublime Text 3 repository to our apt source list.
    • Let’s create a file named sublime-text.list in /etc/apt/sources.list.d.
    • Use a text editor to add and save the Sublime Text 3 repository
      ![[day_011_sublime_text.png]]
    • After we added this entry, we need to update apt to recognise the new entry with apt update.
    • Once updated, we install the software apt install sublime-text.
    • Removing packages is as easy as reversing by using add-apt-repository --remove ppa:PPA_Name/ppa or manually, deleting the file we added previously and using apt remove sublime-text.

Managing your system: Logs

Located in the /var/log directory, logs contain logging information for applications and services running on your system. Your OS automatically manages these logs in a process called rotating.

For example, here we can see:

  • An Apache2 web server
  • Logs for the fail2ban service, used to monitor attempted brute forces
  • The UFW service is used as a firewall
Linux logs

These services and logs are a great way to monitor the health of our system and protect it. The logs for services such as a web server, contain information about every single request, allowing developers and admins to diagnose performance issues or check if an intruder has tried something nefarious.

There are also logs that store information about how the OS is running itself, and actions that are performed by users, such as login attempts.

Stats

From 220.076th to 212.552th. Let’s go!

Here is also the Skill Matrix:

Skill matrix on Linux Fundamentals

Resources

Path: Pre Security

Linux Fundamentals

TryHackMe: Linux fundamentals part 3

Other resources

Nano
VIM
VIM cheat sheet
Crontab Generator
Cron Guru