Linux Up Skill Challenge 02

Posted on by admin

So I am continuing with my journey through the r/linuxupskillchallenge.

Day 6 – Editing with “Vim”

Wow, this editor is weird man! Normal Mode and Insert Mode. I am busy working my way through the vimtutor, and finding it really interesting the decisions and use cases. Starting to understand the creators logic behind all the commands. I found the graphical vi-vim cheat sheet very useful.


Some useful commands:

  • :w myfile <- creates a new file “myfile” from the current open file.
  • :wq <- write (save) and quit
  • gg <- goes to the top of the file
  • G <- goes to the bottom of the file
  • i <- takes you to insert mode
  • escape <- takes you to normal mode
  • V <- put you into visual mode
  • :set number <- shows the line numbers
  • :set nonumber <- remove the numbers
  • dd <- delete a whole line
  • V then select text, then d <- will delete selected the text
  • y <- copy
  • p <- paste
  • u <- undo
  • Cntl+R <- Redo
  • /xxx <- find “xxx”
  • in find hitting ‘n’ goes to next
  • :%s/old/new/gc < search and replace “old” with “new”. g = global and c = will ask to confirm each one

I don’t have great plans to actually becoming a full time sysadmin, so don’t know how much effort I will put into learning vim, but its still really interesting to know.

Day 7 – Installing Apache

Today we installed Apache2 web server. I would share the link, but by the time you are reading this I will probably have cancelled the server subscription. Poked around in the .conf files and modified the /var/www/html/index.html just to remove the default Apache2 webpage.

We played briefly with systemctl to start and stop our apache2 server. Other options include:

  • systemctl restart
  • systemctl status
  • systemctl enable <- makes it run every time we start the server
  • systemctl disable

I was going through the extra reading section, how to use systemctl to manage systemd services and was thinking to myself how can I check what services are enabled? I just assumed I would need to find a file somewhere which would have them all listed. However turns out that when you enable a service it creates a symlink to here /etc/systemd/system/ which I found interesting. However you could also use systemctl list-units to check the active units or systemctl list-unit-files to show you all the units systemd knows about.

Day 8 – Grep

We started looking deeper into processing and viewing text files today using cat, tac, less, head, tail, I really like tail -f which shows live updates to the file. We also dove head first into grep, and some regex to break out the IP addresses in a file.

  • grep “root” /var/log/auth.log | grep “[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}” <- find root, IP attacks
  • grep “root” /var/log/auth.log | grep -o “[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}” <- only the result
  • grep “root” /var/log/auth.log | grep -o “[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}” | sort <- sorts them
  • grep “root” /var/log/auth.log | grep -o “[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}” | sort | uniq <- show unique addresses

414 unique IP addresses have attempted to access my server! Wow

grep stands for Global Regular Expression Print and so as you can see in the name it pretty much tells you that you’re going to need to learn or know how regular expressions work to really harness the full power of grep. Here is a pretty handy beginner tutorial for grep. A straight command like grep hello textfile.txt, will find all the lines that contain the word hello. However like all linux commands we can append some extra commands:

  • grep -n hello textfile.txt <- this will add the line number to the print out
  • grep -i hello textfile.txt <- this will remove the case sensitivity
  • you can also begin to add ‘wild cards’ to the search string
    • ^ – search at the beginning of the line (eg. grep ^he textfile.txt)
    • $ – search at the end of the line (eg. grep $o textfile.txt)
    • . – Search any character (eg. grep .llo textfile.txt)
  • within your regular expression search string you can use
    • [0-9] <- to search any number between
    • [a-c] or [A-C] <- to search ‘case sensitive’ letters between a and c.
  • grep ‘^[g-j]’ textfile.txt <- this would find any like starting with g, h, i and j
  • grep ‘^[g-j]|[G-J]’ textfile.txt <- this would search both cases

I have known about grep since about 2014, but never really had the need to use it… and honestly in my day to day still dont see myself using it much. However it sure is a powerful tool and certainly knowing regex is a super handy tool to have in your toolbox.

It was also recommended that we learn awk and sed. I will have to come back to do a deeper dive into those tools.

Day 9 – Ports, Open or Closed

So finally on day 9 we’re about to install a firewall 🙂 Something I have done nearly automatically since discovering ufw in my first few weeks working on linux. Thankfully linux mint came with it installed so I just needed to enable it. First things first, we had a look at what ports were open using ss -ltpn. Thankfully as expected only 22 for ssh and 80 for web were open. We then installed nmap, which I was quite excited to play with. First things first, lets scan our local system with nmap localhost, to see what it finds. I then went on to nmap my servers IP address and got the same results, however when I tried to nmap my home IP address I got a bunch of errors. This might be due to my ISPs config, not 100% sure to be honest.

So i have played with iptables before, but honestly i did not know what I was doing at all. I was simply trying to get my raspberry pi to share a wifi hotspot as another hotspot, and then later to share the ETH connection over WIFI. So I knew that they controlled how a system managed packets of data. I did not realise that in effect they are how the linux kernal ‘firewalls’ itself. So lets print out the current iptable config with sudo iptables -L, and we got the pretty basic generic iptable ACCEPTing all packets. Time to install ufw, to firewall ourselves and see how it modifies the iptables.

  • sudo apt install ufw <- boom installed
  • sudo ufw allow ssh <- make sure we keep letting ourselves SSH into our server
  • sudo ufw deny http <- in effect this will kill our apache2 server, lets do this for now as a test
  • sudo ufw enable <- and boom its running

running sudo iptables -L now shows a dramatic change in the tables. So many more lines of rules and regulations. Visiting our little rough apache2 website confirms its ‘down’, so sudo ufw allow http, and enable again will bring this back to what we expect to see.

Iptables at first glance sure do look complicated, I am going to try spend some more time wrapping my head around them, since they seem to allow you to do pretty much anything with all the packets of data as they come into your machine.

Day 10 – Cron

This day had to come, cron is well know for its power… so today we looked at what is involved in the cron on a linux system. I have never had much luck with cron, i understand the concepts but for some reason never see my scripts or jobs run as intended.

Cron is a system of automated tasks set to run at specific times. The crontab file allows you specify time, day, the hour, etc. The break down for the timing is quite simple:

.---------------- minute (0 - 59)
| .-------------- hour (0 - 23)
| | .------------ day of month (1 - 31)
| | | .---------- month (1 - 12) OR jan,feb,mar ...
| | | | .-------- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue ...
| | | | |
* * * * * user-name command to be executed

or in one line it is:
# m h dom mon dow user command

If no time is specified they run at midnight, you can also use commands such as @reboot, @hourly, @weekly, @monthly, @yearly, @daily. These events will all be triggered at midnight.

Cron can be found here: /etc/crontab for the system wide crontab however there are multiple crontab down to user level too.

Published by admin

Leave a comment