Linux Homework Quizzes Report

An Introductionto Shell Scripting,

Linux Principles:Networking,Containers and Monitoring
Linux Security Basics

Abdullah Kawa Ali

Stage 2 Daytime
Class A

[Link]
 Lecture 4 An Introduction to
Shell Scripting
Shell scripting is a powerful tool for automating tasks and managing systems in
Linux and Unix environments. This report explores its core concepts,
characteristics, and benefits, especially within a security-focused distribution like
Kali Linux. We will delve into how these scripts enhance efficiency and provide a
foundational skill for aspiring programmers and IT professionals.

1 2

What are Shell Scripts, and how What are the main characteristics
can they be used in Linux and Unix of writing Shell Scripts?
systems?
Key characteristics include
Shell scripts are sequences of interpretability (no compilation
commands executed by the shell needed), portability across Unix-like
(e.g., Bash in Kali Linux). They systems, and direct interaction with
automate repetitive tasks, execute the operating system's commands
complex operations, and integrate and utilities. Scripts are typically
different utilities. In systems like text files, making them easy to
Kali, they are crucial for security create, edit, and share.
auditing, penetration testing, and
system administration.

[Link]
 Automation and Benefits of Shell
Scripting
How can Shell Scripts help automate
and manage systems effectively?

Shell scripts automate routine

administrative tasks like backups, log
management, and user provisioning.
In Kali Linux, they streamline security
scans, exploit execution, and network
monitoring, saving significant time
and reducing human error during
critical operations.

What are the benefits of learning to

write scripts for beginners in
programming?

For beginners, scripting offers a

practical entry into programming. It
teaches problem-solving, logical
thinking, and direct interaction with
the OS. It builds a foundation for
advanced languages and provides
immediate, tangible results, boosting
confidence and understanding of
system mechanics.

Mastering shell scripting is an invaluable skill for any aspiring computer science
or IT student, providing a robust foundation for system administration and
cybersecurity roles.

[Link]
 Understanding Variables in Shell
Scripting
What is the difference between local, global, and Enviromental variables?

Local Variables Global Variables Environment

Variables
Local variables are Global variables are
defined within a accessible throughout Environment variables
specific function or the entire script after are a special type of
block of code. Their their declaration. They global variable that is
scope is limited to are typically defined inherited by child
that block, meaning at the top level of a processes. They store
they cannot be script. While system-wide settings
accessed or modified convenient for sharing and configuration
from outside it. This data, overuse can paths (e.g., PATH,
prevents naming lead to unintended HOME, USER). They
conflicts and helps side effects and make are crucial for
maintain modularity in debugging more configuring the shell
complex scripts. challenging. environment and how
programs behave.

Properly managing variable scope is key to writing robust and predictable shell
scripts, especially when dealing with sensitive information or complex system
interactions in Kali Linux.

[Link]
 Lecture 5 Linux Principles

This report covers fundamental Linux principles crucial for aspiring sysadmins,
focusing on networking, troubleshooting, containers, monitoring, and security.
We'll explore practical applications and common scenarios, drawing insights
from a Kali Linux perspective.

Networking

Explain the difference between TCP and UDP. Why

would you use TCP for email but UDP for a video call?

TCP (Transmission Control UDP (User Datagram Protocol)

Protocol)
UDP is a connectionless protocol
TCP is a connection-oriented protocol that prioritizes speed over reliability.
ensuring reliable, ordered, and error- It sends data packets without
checked delivery of data. It establishing a connection or
establishes a connection, segments guaranteeing delivery order. This
data, acknowledges receipt, and makes it suitable for real-time
retransmits lost packets. Ideal for applications like video calls where
applications where data integrity is minor packet loss is acceptable for
paramount, such as email (SMTP) to continuous, low-latency streaming,
guarantee every part of the message avoiding noticeable delays.
arrives correctly.

[Link]
 Troubleshooting
Troubleshooting: You cannot connect to the internet. Describe the steps you
would take using ping and traceroute?

01 02 03

Check Local Connectivity Verify DNS Resolution Trace Network Path with
with ping with ping traceroute

First, ping [Link] ping [Link] (Google's Use traceroute

(localhost) to ensure your DNS server) to check [Link] to identify
network stack is working. external connectivity. If where traffic is stopping.
Next, ping your default this works but ping Each hop represents a
gateway (router IP) to [Link] fails, your router. The last
confirm local network DNS resolver is likely successful hop indicates
access. If both pass, your misconfigured. Check the point of failure,
issue isn't within your /etc/[Link]. helping pinpoint if the
device or local network. problem is with your ISP,
an intermediate network,
or the destination server.
8

Pro Tip: When troubleshooting, always start from the closest point of failure
and work your way outwards. This systematic approach saves time and
narrows down potential issues efficiently.

[Link]
 Containers vs. Virtual Machines
Containers: Why is a Docker container more efficient than a Virtual Machine?

Virtual Machines (VMs) Docker Containers

VMs include a full operating system Docker containers share the host OS
(OS) and hypervisor layer, making kernel, abstracting only the
them heavy and resource-intensive. application layer and its
Each VM runs its own kernel and dependencies. This "process-level
binaries, leading to significant isolation" makes them lightweight,
overhead in terms of RAM, CPU, and fast to start, and highly efficient,
disk space. This isolation comes at consuming fewer resources. They are
the cost of efficiency. ideal for microservices and rapid
deployment.

Monitoring
Monitoring: You run the top command and see the "load average" is
5.0 on a 1-core CPU. What does this mean?

A "load average" of 5.0 on a 1-core CPU means that, on average, five processes are
either running or waiting for CPU time. Since there's only one core, this indicates
severe CPU contention and a heavily overloaded system. For optimal performance,
the load average should ideally be close to or below the number of CPU cores.

Security: SSH Log File

Logs: Which log file would you check if you suspect someone is trying to hack
your SSH password?

If you suspect someone is trying to hack your SSH password, you should check
the /var/log/[Link] file (on Debian/Ubuntu systems) or /var/log/secure
(on Red Hat/CentOS systems). This log records authentication attempts,
including SSH logins, failed password attempts, and user authentications,
providing crucial forensic information.
[Link]
 Lecture 6 Linux Security Basics
Understanding the foundational concepts of Linux security is
paramount for any aspiring cybersecurity professional. This report
delves into key aspects, from defensive systems to user privilege
management and practical firewall configurations.

Explain the difference between IDS and IPS. Which one would you use if you
only want to log suspicious activity without blocking it?

IDS (Intrusion Detection System) IPS (Intrusion PreventionSystem)

An IDS monitors network or An IPS, on the other hand, actively

system activities for malicious analyzes network traffic and takes
activity or policy violations. It immediate action to prevent
primarily functions as an alert identified threats. It's an inline
system, notifying administrators device, capable of dropping
of suspicious events without malicious packets, blocking IP
actively preventing them. Think of addresses, or resetting
it as a silent alarm. connections.

If your objective is to merely log suspicious activity without actively blocking it,
an Intrusion Detection System (IDS) is the tool of choice. It provides the
necessary visibility into potential threats without interrupting legitimate traffic
flow.

[Link]
 Permissions and Privilege
Effective permission management and adherence to the principle of least
privilege are critical for maintaining a robust Linux environment. Misconfigured
permissions or excessive user privileges can create significant vulnerabilities.

Numerical (Octal) Permissions

Write the numerical (octal) permission for: Owner
(Read/Write/Execute), Group (Read/Execute), Others (Read-only)?

Owner:
rwx 4+2+1
=7
Group: r--
4+0+0 = 4

Others: r--
4+0+0 = 4

Principle of Least Privilege

Why is the principle of "Least Privilege" important when creating new user accounts?

The "Principle of Least Privilege" dictates that a user should only have the
minimum necessary access rights to perform their job functions. This is
crucial because it significantly reduces the attack surface. If an attacker
compromises an account with limited privileges, the potential damage they
can inflict on the system is contained.

Locking User Accounts

What is the command to completely lock a user account without deleting their files?

command: sudo passwd -l [username]. This effectively disables

login for the specified user, rendering the account unusable until
unlocked.

[Link]
 Firewall Configuration
A properly configured firewall is your front-line defense against unauthorized
network access. It acts as a digital gatekeeper, controlling incoming and
outgoing traffic based on predefined rules.

On your VM, configure a firewall to block all incoming traffic except port 80 (HTTP).
Take a screenshot of the status command?

For Kali Linux, ufw (Uncomplicated Firewall) is a common tool. Here's the
sequence of commands to achieve the desired configuration:

• sudo ufw enable (if not already enabled)

• sudo ufw default deny incoming (block all incoming by default)
• sudo ufw allow 80/tcp (allow incoming HTTP traffic)
• sudo ufw status verbose (verify the rules)

After executing these commands, your VM's firewall will be configured to block
all inbound connections except those destined for HTTP services on port 80.
This is a fundamental security practice for web servers.

The `ufw status verbose` output confirms the active firewall rules, demonstrating
that incoming connections are denied by default, while traffic on port 80 is
explicitly allowed.

[Link]