Lab Assessment Questions Answers free essay sample

1. What is the command to view the current Linux Kernel parameters? The command that will allow you to see the Kernel parameters is sysctl –a. 2. What command can you run to list all the kernels available parameters one screen at a time with the ability to move forward and backwards on the output? The command that would you to do accomplish this would be the less /proc/modules 3. What is the purpose of enabling syncookies in the Linux Kernel? The purpose of enabling syncookies in the Linux Kernel is to help prevent a type of DoS attack by dropping connection which can lead to additional SYN messages. 4. When you want to enable a Linux Kernel command and enable it immediately without a physical re-boot of the system, what command must you enable in front of the command parameter? Explain what the following command will do : echo â€Å"1† /proc/sys/net/ipv4/ip_forward The command would enable the kernel along with activating IPv4 forwarding. The system requires a value of either 1 or a 0 with 1 being on and 0 being off. So the command would write the number 1 in the file to activate it. 5. If you wanted to limit the number of files that a user can open simultaneously on the Fedora Core Linux Server to a maximum of 1, what is the command syntax you need to enable in the Linux Kernel? The command to to limit the number of files that a user can open simultaneously is the sysctl -w fs. file-max=1 command. 6. What is the best way to make a system-wide permanent change to the kernel to enable syncookies? To do this you would enable on the TCP protocol by editing the following /etc/sysctl. conf file and add the following line: net. ipv4. tcp_syncookies = 1 7. Given a system that has been freshly installed your boss wants you to make sure it is up to date and locked down at the Kernel level. What steps would you take to verify what modules are loaded into the Kernel and how would you go about locking them down? The command to list all modules that are currently loaded into the Kernel would be the lsmod command. turn of auto loading using following syntax: alias driver-name off 8. What would you enable to set the Kernel to debug mode? Why would someone choose to enable this? Depending on what an administer was attempting to troubleshoot would determine what you would enable to turn on debugging. If a person was trying to troubleshoot CUPS they would enable CUPS and make the changes in the /var/log/debug file. 9. What is the relation between sysctl. conf and the sysctl command? The sysctl command is used to modify kernel parameters at runtime. /etc/sysctl. conf is a text file containing sysctl values to be read in and set by sysct at boot time 10. If you wanted to modify a kernel parameter without editing the sysctl. conf file would it be possible? If yes, please give the example. Yes you can edit the Kernel parameters with out editing the sysctl. conf file by using the sysctl command. Sysctl -n Suppress printing of the field name, only output the field value. Part #2 Implement Best Practices for Secure Software Management Learning Objectives and Outcomes Upon completing this lab, students will learn about the following tasks: †¢Recommend security settings after discovering all installed packages in the kernel to help evaluate the security measures that are necessary †¢Configure the RPM database to add repositories securely for the distribution of software to persons that do not need access to the system directly, only to download any updates or RPMs †¢Verify a source tar ball to determine whether the integrity and contents of the package are what you expect before executing or installing it †¢Use and leverage MD5Sum to verify the integrity of a downloaded software tar ball †¢Use wget to acquire and install third party software onto the Linux system from the Internet Overview In this lab, the students will review all installed software packages and applications in the kernel. From this list, demonstration will show how to verify the source tar ball for application integrity verification when downloading and in stalling new applications. It will then properly secure the RPM services in the Fedora Core Linux Server. The demo will perform steps to discover all installed kernel RPM packages, verify a source tar ball and securely add a third party repository to the RPM database. Use of the MD5Sum for hashing and integrity verification will also be performed. Finally, the students will see how to use â€Å"wget† to review and install third-party applications onto the Fedora Core Linux Server. Lab Assessment Questions Answers 1. Explain the following command: rpm -qf /bin/ls The rpm –qf /bin/ls will show you the output and determine what package that /bin/ls file belongs to. 2. Discuss the purpose of a software repository as it relates to YUM. Software repositories are either a free or license based servers that allow malware free packages and software available for download and install. With an easy command a users is able to connect to these servers and download CUPS or pearl scripting packaging for example. 3. How can one ensure a downloaded tar ball is legitimate and hasnt been tampered with? You can run the checksum test to compare the hashs of what the tar bar is supposed to be and what it is after download. 4. List and explain at least 3 switches available with the tar command that can be useful in extracting and installing a tarball. Three commands wold be tar zxvf makefile. tar. gz cd make file ./install/ 5. What security countermeasure can you enable to verify the integrity of downloaded applications or tar balls before you perform the installation? 6. Explain what hashing is and how does this differ from encryption? Encryption uses random number generators on make a encrypted string of data unreconisable where hashing using a one way cypeher to compress and arbitrary length strings into fixed short strings that are irreversible 7. If you wanted to know which package a certain program belonged to, what command would you run? You find out what package a certain program belonged to you would use the tar xvzf PACKAGENAME. tar. gz command. 8. Once you have downloaded an RPM package, what command would you run if you wanted to extract the files to a directory of your choice? To extract the files to a directory you would use the tar xzvf file. tar. gz command. 9. Where would you find checksum hashes for all installed programs in a Fedora Core Linux Server?