Linux and Mac

Operating Systems
VU23214 - Configure and secure networked end points

March 2023 | Certificate IV in Cyber Security

 • Recap from last session
• Linux Operating system installation on a
personal computer is performed
• Structure and characteristics of the

Today’s
Linux operating system environment are
defined
• Linux security applications are identified
topics • Basic system administration using Linux
commands is performed
• Linux commands to enable the personal
computer to communicate with other
devices in a network are defined and
implemented
Windows operating
system

The Windows operating system is a

complex system with many layers of
abstraction and functionality. At a high
level, the operating system can be
broken down into three main
components: the kernel, the shell, and
user mode.

This Photo by Unknown Author is licensed under CC BY-SA

 Security applications work by monitoring
network traffic, scanning files and emails for

Security
malware, encrypting data, blocking unauthorized
access attempts, and alerting users to potential
security threats. By using security applications,

applications users can help to protect their computer and

network from security threats and ensure that
their data and privacy remain secure.
 System Management

Routine system management tasks refer to the regular

maintenance and management activities that are required to
keep a computer or network running smoothly and efficiently.
These tasks are typically performed on a regular basis to
prevent issues from occurring and to ensure that the system is
up-to-date and secure.

This Photo by Unknown Author is licensed under CC BY-SA

Access controls
Access controls for Windows refer to the
mechanisms and policies that are put in place
to restrict access to resources on a Windows-
based system. These controls are used to
ensure that only authorized users are able to
access sensitive data and perform certain
actions on the system. Access controls in
Windows can take various forms, including:
• User accounts
• Permissions
• Group Policy
• Auditing
User Passwords

It's important to choose a strong password that is difficult to

guess, and to avoid using the same password for multiple
accounts. You can also set up additional security features, such
as Windows Hello or a PIN, to further enhance the security of
your system.
Linux origins

Linux is a free and open-source operating system

that was initially developed by Linus Torvalds in
1991 while he was a computer science student at
the University of Helsinki in Finland. Torvalds
originally developed Linux as a hobby project,
inspired by the Unix operating system and the
GNU project, which aimed to create a free and
open-source software ecosystem.

This Photo by Unknown Author is licensed under CC BY-NC-ND

Linux now

Today, Linux is used in a wide range of

applications, from desktop and laptop computers
to servers, supercomputers, and embedded devices
like smartphones and smart appliances. It has
become a key component of the open-source
software ecosystem and has been adopted by many
large companies, including IBM, Google, and
Amazon. The Linux community continues to
develop and refine the operating system, with
regular updates and new releases.

This Photo by Unknown Author is licensed under CC BY-NC-ND

Linux distributions

• There are currently thousands of Linux distributions

available, with varying levels of popularity and
support.
• Some of the most well-known Linux distributions
include Debian, Ubuntu, Fedora, CentOS, Arch
Linux, and OpenSUSE. These distributions differ in
their package management systems, desktop
environments, default applications, and other
features.
• There are also specialized Linux distributions that
are designed for specific purposes, such as Kali
Linux for penetration testing and security, Raspbian
for the Raspberry Pi, and SteamOS for gaming.
Many organizations also create their own
customized Linux distributions for internal use.

This Photo by Unknown Author is licensed under CC BY-NC-ND

Kali Linux

Kali Linux is a specialized Linux distribution

designed for cybersecurity professionals and
enthusiasts. Its primary purpose is to provide
a comprehensive set of tools for penetration
testing, ethical hacking, and security auditing.

Kali Linux includes a wide range of pre-

installed tools and applications for tasks such
as vulnerability assessment, network analysis,
password cracking, and web application
testing. These tools are organized into
categories and can be accessed through a
simple and intuitive interface.

This Photo by Unknown Author is licensed under CC BY-SA

Introduction to Linux and macOS Operating
Systems
• Unix
• Unix is a proprietary operating system written in the C programming language.
• macOS and iOS are based upon the Berkley Standard Distribution (BSD) version of Unix.
• Linux
• Linux operating systems are used in embedded-systems, wearable devices,
smartwatches, cellphones, netbooks, PCs, servers and super computers.
• There are many different distributions (or distros) of Linux, including SUSE®, Red Hat®,
CentOS®, Fedora®, Debian®, Ubuntu®, and Mint®.
• Android, and many OS distributions rely upon the Linux kernel.
• macOS
• The operating system for Macintosh computers is developed from the UNIX kernel, it is
however, a closed source operating system.
• macOS supports remote network installation called NetBoot
Overview of Linux
GUI
Different Linux distributions ship with
different software packages, but users
decide what stays in their system by
installing or removing packages.
The graphical interface in Linux is
comprised of a number of subsystems
that can also be removed or replaced
by the user.
• Ubuntu Linux uses Unity as its
default GUI.
• The Linux GUI has the ability to
have multiple desktops or
workspaces.
Overview of Linux and macOS CLI
In both Linux and macOS, the user can communicate with the
operating system by using the command line interface (CLI).
• To add flexibility, commands (or tools) that support parameters,
options and switches, are usually preceded by the dash (-)
character.

Most operating systems include a graphical interface.

• Although a command line interface is still present, the OS often
boots into the GUI by default, hiding the command line interface
from the user.
• One way to access the command line interface in a GUI-based
operating system is through a terminal emulator application.
• These applications provide user access to the command line
interface and are often named as some variation of the word
terminal.
Overview of Linux

• A program called a shell interprets the

commands from the keyboard and passes
them to the operating system.
• When a user successfully logs in to the
system, the login program starts the shell.
• Afterwards, an authorized user can begin
interacting with the OS through text-based
commands.
• Users interact with the kernel through a shell.
• The kernel is responsible for allocating
CPU time and memory to processes.
• The kernel also manages the file system
and communications in response to
system calls.
 Linux security applications

Just like in any other operating system, we can use

security applications is to protect the system and its
resources from unauthorized access, attacks, and other
security threats.

These applications include a wide range of tools and

features that help to secure the system and its data,
including firewalls, intrusion detection and prevention
systems, antivirus software, backup tools, encryption
tools, and credential management.

This Photo by Unknown Author is licensed under CC BY-SA-NC

Linux Backup and Recovery

• The process of backing up data refers to creating a

copy (or multiple copies) of data for safekeeping.
• When the backing up process is complete, the copy is
called a backup.
• While backups can be achieved with a simple copy
command, many tools and techniques exist to make
the process automatic and transparent to the user.
• Linux does not have a built-in backup tool.
• However, there are many commercial and open
source backup solutions for Linux such as
Amanda, Bacula, Fwbackups, and Déjà Dup.
Overview of Disk Utilities

• To help diagnose and solve disk-related problems,

most modern operating systems include disk utility
tools.
• Ubuntu Linux includes a disk utility called Disks.
• With Disks users can perform the most common
disk-related tasks including partition management,
mount or unmount, format disks and query
Analysis and Reporting Technology, (S.M.A.R.T.).
Overview of Disk Utilities (Cont.)

• Below are a few common maintenance tasks that can be performed using disk utility software:
• Partition management – When working with computer disks, partitions may need to be
created, deleted or resized.
• Mount or Unmount disk partitions – On Unix-like systems, mounting a partition relates to the
process of binding a partition of a disk or a disk image file (usually a .iso) to a folder location.
• Disk Format – Before a partition can be used by the user or the system, it must be formatted.
• Bad Sector Check –When a disk sector is flagged as bad, it becomes harmless to the OS
because it will no longer be used to store data.
• Many bad sectors could be an indicator of a failing disk.
• Query S.M.A.R.T. attributes – S.M.A.R.T. can detect and report attributes about a disk’s
health.
• The goal of S.M.A.R.T. is to anticipate disk failure, allowing the user to move the data to a
healthy disk before the failing disk becomes inaccessible.
Scheduled Tasks

• Maintenance tasks should be scheduled and performed

frequently to prevent or detect problems early.
• To avoid missing maintenance tasks due to human error,
computer systems can be programmed to perform tasks
automatically.
• Two tasks that should be scheduled and performed
automatically are backups and disk checks.
• In Linux and macOS, the cron service is responsible for
scheduled tasks.
• As a service, cron runs in the background and executes
tasks at specific dates and times.
• Cron uses a schedule table called a cron table that can be
edited with the crontab command
Operating System Updates

Also known as patches, OS updates are released periodically by OS companies to address any
known vulnerability in their operating systems.
• While companies have update schedules, the release of unscheduled OS updates is common when a major
vulnerability is found in the OS code.

Firmware Updates
• Usually held in non-volatile memory, such as ROM or Flash, firmware is a type of software designed to provide low-
level functionality for a device.

Antivirus and Antimalware

• Antivirus and antimalware rely on code signatures to operate.
• Signatures or signature files are files containing a sample of the code used by viruses and malware
• New malware is created and released every day; therefore, the signature files of antivirus and antimalware
programs must be updated just as frequently.
Security
Usernames, passwords, digital certificates, and encryption keys are just a
few of the security credentials associated to a user.
Due to the increasing number of necessary security credentials, modern
operating systems include a service to manage them.
• Applications and other services can then request and utilize the
credentials stored by the security credentials manager service.
Security Credentials Service on Ubuntu
• Gnome-keyring is a security credentials manager for Ubuntu Linux. To
access Gnome-Keyring on Ubuntu Linux, click Dash > Search for Key >
Click Passwords and Keys
Security Credentials Service on macOS
• Keychain is a security credentials manager for macOS. To access
Keychain on macOS, go to Applications > Utilities > Keychain Access
 Linux is a command-line operating system, which
means that many tasks can be performed using text
commands instead of than a graphical user interface.
Here are some common Linux commands and their
uses:
Line 1.cd - Change directory: used to change the current
working directory in the terminal.
command 2.ls - List: used to list the contents of a directory.
3.mkdir - Make directory: used to create a new
line directory.
4.cp - Copy: used to copy files from one location to
another.
5.mv - Move: used to move files or rename them.
6.rm - Remove: used to delete files and directories.
 Administrators use the terminal to monitor and control
users, processes, ip addresses, and other tasks.
• passwd – allows users to change their own
password at the terminal.
• ps - allows users to monitor their own processes.
Linux • kill - allows users to end the processes that they
have started.
Administrative • ifconfig – similar to the Windows ipconfig
Commands command, however this command is deprecated
and the “ip address” command should be used.
• iwconfig - allows users to set and view their
wireless settings.
• chmod - allows users to change the permissions of
files that they own.
 Administrators use the terminal to monitor and control users, processes, ip
Linux addresses, and other tasks.

Administrative • sudo – (Super User Do) grants a user root access without actually changing
their profile.
Commands • chown - allows users to switch both the owner and the group of a file or files.

Requiring Root • apt-get – is used to install and manage software on Debian based Linux
distributions.
Access • shutdown – is used to halt and reboot the operating system.
• dd - (Disk Duplicate) is used to copy files and partitions and create temporary
swap files.
User account commands
adduser: This command is used to create a new user account in Linux. It prompts the user to enter
information such as username, password, and home directory for the new user.
useradd: This command is similar to adduser, but it does not create a home directory for the new
user.
passwd: This command is used to set or change the password for a user account. It prompts the user
to enter and confirm a new password.
usermod: This command is used to modify user account properties, such as the home directory, login
shell, or group membership.
groupadd: This command is used to create a new group in Linux.
userdel: This command is used to delete a user account from the system. It can be used with the -r
option to delete the user's home directory as well.
Creating a new user account
1. Open a terminal window in Linux.
2. Use the "adduser" command to create a new user account. For example, to create a user
named "john", enter the following command:
sudo adduser john (remember you will need root access to create new users)
3. You will be prompted to enter a password for the new user. Follow the instructions on the
screen to enter and confirm the password.
4. You will then be prompted to enter some additional information about the user, such as their
full name and phone number. This information is optional, and you can skip it by pressing
"Enter" for each field.
5. Once you have entered all the required information, the new user account will be created.
You can now log out of the root account by entering the command "exit".
6. To log in as the new user, open a new terminal window and enter the following command:
su - john
Basic Unix File
and Directory
Permissions
To organize the system and reinforce
boundaries within the system, Unix
uses file permissions.
Every file and directory on Unix
systems carries its permissions which
define the actions that the owner, the
group, and others can do with the file
or directory.
The only user who can override file
permissions in Unix is the root user.
Root access is often required before
performing maintenance and
administrative tasks.
file permissions

In Linux, file permissions are used to control who can read, write, or execute a file. There are
three types of permissions: read (r), write (w), and execute (x). These permissions are set for
three different categories of users: owner, group, and others.
• Here is a breakdown of what each permission means:
• Read (r): Allows a user to read the contents of a file.
• Write (w): Allows a user to modify the contents of a file.
• Execute (x): Allows a user to run a file if it is a program or script.
There are also three categories of users:
• Owner: The user who created the file.
• Group: The group that the owner belongs to.
• Others: Any user who is not the owner or a member of the owner's group.
The ls –l command output

• Permission - Defines how the user, group, and other access the files and directories.
• Link - The number of links or the number of directories inside this directory
• User - Displays the username of the owner of the file or the directory.
• Group - Displays the name of the group that owns the file or the directory.
• File Size - Displays the file size in bytes.
• Date and Time - Is the data and time of the last modification.
• File Name - Displays the file or directory name.
 The "chmod" command can be used to modify file
permissions. For example, to give the owner of the
"example.txt" file execute permission, you can use the
chmod following command:
This will add execute permission (indicated by "x")
for the owner (indicated by "u")
 Common networking
commands

In Linux, there are several networking

commands that can be used in the
terminal to manage network settings and
troubleshoot network issues. Here are
some common networking commands in
Linux.
ping

This command is used to

test the connectivity
between two network
devices. The ping command
sends ICMP echo requests
to the specified device and
waits for a response. For
example, to ping a website,
you can use the following
command:
ifconfig

This command is used to

view and configure network
interfaces on a Linux
system. It displays
information about each
network interface, including
IP address, netmask, and
broadcast address. For
example, to view information
about the first network
interface, you can use the
following command:
 This command is used to trace the route that network
traffic takes from one device to another. It displays the
IP addresses of each router that the traffic passes
through on its way to the destination device. For
traceroute example, to trace the route to a website, you can use
the following command:
nslookup

The nslookup command is a

network troubleshooting tool
used in Linux and other
operating systems to query
the Domain Name System
(DNS) to obtain domain
name or IP address
mapping information. It is
used to check the DNS
records of a domain name
and verify that they are
properly configured.
What to do now

• Continue working through Assessment Task 2

• Read through the week 7 material before class next week
• For assessment Task 2 you will now be able to answer all the questions the Linux Host
questions and start the troubleshooting exercises
• Begin the week 6 activities
Finish

Time for a quick break before commencing the activities for this week!