Linux-Essential Root Subdirectories

• bin Contains binary programs also known as an executables, which are programs that are ready to run. Most of the basic Unix commands such as ls and cp are in /bin. However, some of the files in /bin are not in binary format because shell scripts perform the tasks of binaries in modern systems.
• dev Contains device files. 
• etc The core system configuration directory (pronounced EHT-cee). User password, boot, device, networking, and other setup files are here. Many items in /etc are specific to the particular hardware on the machine — for example, the /etc/X11 directory contains the graphics card configuration.
• home Holds personal directories for normal users on the system. Most Unix installations conform to this standard.
• lib An abbreviation for library. In Linux, this directory holds library files containing code that executables can use. There are two types of libraries: static and shared. The /lib directory should contain only shared libraries, but other lib directories such as /usr/lib contain both varieties, as well as other auxiliary files.
• proc Provides system statistics through a directory-and-file interface that you can browse with standard Unix tools. Much of the /proc subdirectory structure on Linux is unique, but many other Unix variants have similar features.
• sbin The place to find system executables. Programs in sbin directories pertain to system management, so regular users usually do not have sbin components in their command paths. Many of the utilities don't work for normal users.
• tmp The place to put smaller temporary files that you don't care much about. Any user may read to and write from /tmp, but they may not have permission to access another user's files there. Some programs use this directory as a workspace. If something is extremely important, don't put it in /tmp. Most distributions clear /tmp when the machine boots, and some even remove its old files periodically. Don't fill /tmp either, because its space is usually shared with something critical (like the rest of /, for example).
• usr Pronounced as "user," but this subdirectory does not contain user files (there have been no user files in /usr on Unix systems long before Linux existed). Instead, /usr is a large directory hierarchy that looks a little like the root. The bulk of the Linux system resides in /usr. Many of the directory names in /usr are the same as in the root and hold the same type of files; /usr/bin and /usr/lib are two examples. The primary reason that the root does not contain the complete system is to keep space requirements low. 
• var The "variable" subdirectory, where programs record runtime information. System logging, user tracking, caches, and other files that system programs create and tend all go into /var. There is a /var/tmp similar to /tmp, but the system doesn't wipe it clean on boot.

Read More

What Is IP Filtering?

IP filtering is simply a mechanism that decides which types of IP packets will be processed normally and which will be dropped or rejected. By dropped we mean that the packet is deleted and completely ignored, as if it had never been received. By rejected we mean that the firewall sends an ICMP response to the sender indicating a reason why the packet was rejected. You can apply many different sorts of criteria to determine which packets you wish to filter. Some examples of these are:

• Protocol type: TCP, UDP, ICMP, etc.
• Port number (for TCP/UPD)
• Packet type: SYN/ACK, data, ICMP Echo Request, etc.
• Packet source address: where it came from
• Packet destination address: where it is going to

It is important to understand at this point that IP filtering is a network layer facility. This means that it doesn't understand anything about the application using the network connections, only about the connections themselves. For example, you may deny users access to your internal network on the default Telnet port, but if you rely on IP filtering alone, you can't stop them from using the Telnet program with a port that you do allow to pass through your firewall. You can prevent this sort of problem by using proxy servers for each service that you allow across your firewall. The proxy servers understand the application that they were designed to proxy and can therefore prevent abuses, such as using the Telnet program to get past a firewall by using the World Wide Web port. If your firewall supports a World Wide Web proxy, outbound Telnet connections on the HTTP port will always be answered by the proxy and will allow only HTTP requests to pass. 

The IP filtering rule set is made up of many combinations of the criteria listed previously. For example, let's imagine that you wanted to allow World Wide Web users within the Virtual Brewery network to have no access to the Internet except to use other sites' web servers. You would configure your firewall to allow forwarding of the following:

• Packets with a source address on Virtual Brewery network, a destination address of anywhere, and with a destination port of 80 (WWW)
• Packets with a destination address of Virtual Brewery network and a source port of 80 (WWW) from a source address of anywhere

Note that we've used two rules here. We have to allow our data to go out, but also the corresponding reply data to come back in. In practice, as we'll see in the chapter on IP masquerade and Network Address Translation

Read More

Linux Port Scanning

Listing your open ports and firewall configuration with netstat and
 iptables is a good start for staying on top of unwanted traffic, but
you may want to go a step further with Nmap Network Mapper, a program that
 scans all of the ports on a machine or network of machines, looking for
potential vulnerabilities. Nmap gives you a view from the outside and eliminates
 guessing which ports are open. Most intruders use Nmap, and you can
get it at http://www.insecure.org/.

 Warning  If someone else controls the network that you want to Nmap or
run Nmap from, ask that person if it's all right that you do so. Network
administrators watch for port scans and delight in stomping on any machine
 that runs a scan.


Just run nmap host to run a generic scan on a host. Here's an example scan:

Starting nmap 3.30 http://www.insecure.org/nmap at 2003-08-04 16:25 PDT
Interesting ports on host (10.1.2.2):
The 1636 ports scanned but not shown below are in state: closed
Port       State       Service
9/tcp      open        discard
13/tcp     open        daytime
22/tcp     open        ssh
37/tcp     open        time
111/tcp    open        sunrpc
113/tcp    open        auth
6000/tcp   open        X11

Nmap run completed -- 1 IP address 1 host up scanned in 0.594 seconds

The host in this example probably doesn't have any kind of firewall running,
 because it has quite a few open ports.

Nmap can do much more — have a look at its manual page and the considerable online resources.

 Security Resources
Here are three good security sites:

http://www.sans.org/ Offers training, services, a free weekly newsletter
 of the top current vulnerabilities, sample security policies, and more.

http://www.cert.org/ A place to look for the most severe problems.

http://www.insecure.org/ This is the place to go for Nmap and pointers
 to all sorts of network exploit testing tools. It's much more open and
 specific about exploits than many other sites.

Read More

Configuring IPv6 Networks

At the beginning, IANA gave requestors an entire class A network space thereby granting requestors 16.7 million addressesmany more than necessary. Realizing their error, they began to assign class B networksagain, providing far too many addresses for the average requestor. As the Internet grew, it quickly became clear that allocating class A and class B networks to every requestor did not make sense. Even their later action of assigning class C banks of addresses still squandered address space, as most companies didn't require 254 IP addresses. Since IANA could not revoke currently allocated address space, it became necessary to deal with the remaining space in a way that made sense. One of these ways was through the use of Classless Inter-Domain Routing CIDR

IPv4 space is becoming scarcer by the day. By 2005, some estimates place the number of worldwide Internet users at over one billion. Given the fact that many of those users will have a cellular phone, a home computer, and possibly a computer at work, the available IP address space becomes critically tight. China has recently requested IP addresses for each of their students, for a total of nearly 300 million addresses. Requests such as these, which cannot be filled, demonstrate this shortage. When IANA initially began allotting address space, the Internet was a small and little- known research network. There was very little demand for addresses and class A address space was freely allocated. However, as the size and importance of the Internet started to grow, the number of available addresses diminished, making obtaining a new IP difficult and much more expensive. NAT and CIDR are two separate responses to this scarcity. NAT is an individual solution allowing one site to funnel its users through a single IP address. CIDR allows for a more efficient division of network address block. Both solutions, however, have limitations.

CIDR allows network blocks to be allocated outside of the well-defined class A/B/C ranges. In an effort to get more mileage from existing class C network blocks, CIDR allows administrators to divide their address space into smaller units, which can then be allocated as individual networks. This made it easier to give IPs to more people because space could be allocated by need, rather than by predefined size-of-space. For example, a provider with a class C subnet could choose to divide this network into 32 individual networks, and would use the network addresses and subnet masks to delineate the boundaries. A sample CIDR notation looks like this:

10.10.0.64/29

In this example, the /29 denotes the subnet mask, which means that the first 29 bits of the address are the subnet. It could also be noted as 255.255.255.248, which gives this network a total of six usable addresses.

While CIDR does deal with the problem in a quick and easy way, it doesn't actually create more IP addresses, and it does have some additional disadvantages. First, its efficiency is compromised since each allocated network requires a broadcast IP and a network address IP. So if a provider breaks a class C block into 32 separate networks, a total of 64 individual IPs are wasted on network and broadcast IPs. Second, complicated CIDR networks are more prone to configuration errors. A router with an improper subnet mask can cause an outage for small networks it serves.

.

Read More

what is IMAP

IMAP, fully documented in RFC 3501, was designed to provide a robust, mobile mail delivery and access mechanism. For more detail on the protocol and how it functions on the network layer, or for additional information on the numerous specification options, please consult the RFC documentation.

POP and IMAP tend to be grouped together or compared, which is a bit unfair since they are dissimilar in many ways. POP was created as a simple mail delivery vehicle, which it does very well. Users connect to the server and obtain their messages, which are then, ideally, deleted from the server. IMAP takes an entirely different approach. It acts as the keeper of the messages and provides a framework in which the users can efficiently manipulate the stored messages. While administrators and users can configure POP to store the messages on the server, it can quickly become inefficient since a POP client will download all old messages each time the mail is queried. This can get messy quickly, if the user is receiving any quantity of email. For users who do not need any kind of portability, or receive little email, POP is probably an acceptable choice, but those seeking greater functionality will want to use IMAP.

Once you've decided that IMAP is for you, there are two primary options. The two main flavors are Cyrus IMAP and the University of Washington IMAP server. Both follow the RFC specification for IMAP and have their advantages and disadvantages. They also use different mailbox formats and therefore cannot be mixed. One key difference between the two is found in Cyrus IMAP. It does not use /etc/passwd for its mail account database, so the administrator does not have to specially add mail users to the system password file. This is more secure option for system administrators, because creating accounts on systems can be construed as a security risk. However, the ease of configuration and installation of UW IMAP often makes it more appealing. In this chapter, we'll primarily focus on the two most common IMAP servers: UW IMAP, because of its popularity and ease of installation, and Cyrus IMAP, because of its additional security features.

 

Once the server software has been downloaded and decompressed, it can be installed. However, because of UW-IMAP's large portability database, it does not support GNU automake, meaning that there isn't a configure script. Instead, a Makefile that relies on user-specified parameters is used. There are many supported operating systems, including a number of Linux distributions. Here's a list of a few of the supported Linuxes distributions:

# ldb   Debian Linux
# lnx   Linux with traditional passwords and crypt( ) in the C library
#        (see lnp, sl4, sl5, and slx)
# lnp   Linux with Pluggable Authentication Modules (PAM)
# lrh   RedHat Linux 7.2
# lsu   SuSE Linux
# sl4   Linux using -lshadow to get the crypt( ) function
# sl5   Linux with shadow passwords, no extra libraries
# slx   Linux using -lcrypt to get the crypt( ) function

The lrh version will probably work on newer Red Hat versions as well. If your distribution isn't listed, try one of the matching generic options. lnp is a good guess for most modern versions of Linux.

To begin the installation of the Cyrus server, download and decompress the latest version. You will need to download both the IMAP and SASL packages.

SASL is the authentication mechanism used by Cyrus IMAP, and will need to be configured and installed first. It is easily built using the standard "configure-make" order.

vlager# cd cyrus-sasl-2.1.15 
vlager# ./configure 
loading cache ./config.cache
checking host system type... i686-pc-linux-gnu
.
creating saslauthd.h
Configuration Complete. Type 'make' to build.
vlager# make 
make  all-recursive
make[1]: Entering directory `/tmp/cyrus-sasl-2.1.15'

Assuming the compile is completed without failure and you've successfully executed the make install, you can now proceed to configuring and installing the Cyrus IMAP server itself.

Read More

TCP/IP Firewall

The combined set of protocols is called the Transmission Control Protocol and Internet Protocol TCP/IPprotocol suite.

As a network administrator, it is important that you understand the nature of potential attacks on computer security. We'll briefly describe the most important types of attacks so that you can better understand precisely what the Linux IP firewall will protect you against. You should do some additional reading to ensure that you are able to protect your network against other types of attacks. Here are some of the more important methods of attack and ways of protecting yourself against them:

Unauthorized access

This simply means that people who shouldn't be allowed to use your computer services are able to connect to and use them. For example, people outside your company might try to connect to your company accounting host or to your NFS server.

There are various ways to avoid this attack by carefully specifying who can gain access through these services. You can prevent network access to all except the intended users.

A malicious person who gains access to a computer system may guess system passwords or exploit the bugs and idiosyncratic behavior of certain programs to obtain a working account on that host.

Read More

Linux Software websites

 Linux Software websites

Internet Sites	Description
ftp.redhat.com	Red Hat distribution RPM packages
rpmfind.net	RPM package repository
sourceforge.net	Source Forge open source software repository and development site
freshmeat.net	New Linux software
apps.kde.com	KDE software applications
www.gnome.org	GNOME software applications

Read More

How to create update or remove symbolic or soft link Linux

Symbolic links , Symlink or Soft link in Unix are very important concept to understand and use in various UNIX operating systems e.g. Linux , Solaris or IBM AIX. Symlinks gives you so much power and flexibility that you can maintain things quite easily.I personally feel that along with find, grep and other UNIX commands, command to create soft link and update soft link i.e. ln -s  is also must for any one working in UNIX machine. Whenever I do scripting or write any UNIX script I always write for symlinks rather than pointing to absolute path of directories in UNIX. It gives you flexibility of changing the symlink or soft link without making any change on your tried and tested scripts. I have worked on many different core Java projects which run on Linux and UNIX machine and make extensive use of UNIX symbolic links or symlinks. All my project which are on finance domain and on electronic trading systems have there server running on Linux,  Since speed is major concern in online stock or futures trading where orders has to hit the market within micro seconds Linux server is ideal choice for electronic and fix trading systems and since your server is on UNIX you have to be expert of Unix command to work efficiently and these articles are my result of those effort to learn and share new UNIX commands. In this UNIX fundamental tutorial we will see How to create soft link in UNIX, How to update soft link and Difference between Soft link and Hard link in Unix and Linux. By the way this UNIX command tutorial is  in continuation of my earlier article top networking commands in Unix  and CVS command examples ,  if you haven’t read already you may find some useful information based on my experience in Unix and Linux commands.



First difference between soft link and hard link is that  Unix Soft links are pointers to programs, files, or directories located elsewhere (just like Windows shortcuts) , while Unix Hard links are pointers to programs and files, but NOT directories.
2) Second major difference between UNIX soft link and hard link is that If the original program, file, or directory is renamed, moved, or deleted, the soft link is broken and it will show in red color if you using ls -lrt --color option. On the other hand, If the original program or file is renamed, moved, or deleted, the hard link is NOT broken
3) One not so important difference on soft link vs hard link is that,  If you type ls -F you can see which files are UNIX soft links because they end with @

4)  Another difference between soft link vs hard link is how you create them, To create a soft link called "current" that points to a file or directory called "new_package", use this: ln -s new_package latest  to remember this command always remember that name of soft link comes as last argument. On the other side to create a UNIX hard link called myhardlink.txt that points to a file called myfile.txt, use this: ln myfile.txt myhardlink.txt

5) One more significant difference on soft link and hard link on UNIX or Linux is that, soft link can point to a network mounted directory also. For creating unix soft link remember to use option "-s" with UNIX link command "ln". While, Hard links in UNIX cannot span disk drives, so you CANNOT have a hard link on /dev/hdb that refers to a program or file on /dev/hda

Read More

Common Linux Features?

• Multiuser — Not only can you have many user accounts available on a Linux system, you can also have multiple users logged in and working on the system at the same time. Users can have their own environments arranged the way they want: their own home directory for storing files and their own desktop interface (with icons, menus, and applications arranged to suit them). User accounts can be password-protected, so that users can control who has access to their applications and data.
• Multitasking — In Linux, it is possible to have many programs running at the same time, which means that not only can you have many programs going at once, but that the Linux operating system can itself have programs running in the background. Many of these system processes make it possible for Linux to work as a server, with these background processes listening to the network for requests to log in to your system, view a Web page, print a document, or copy a file. These background processes are referred to as daemons.
• Graphical User Interface (X Window System) — The powerful framework for working with graphical applications in Linux is referred to as the X Window System (or simply X). X handles the functions of opening X-based graphical user interface (GUI) applications and displaying them on an X server process (the process that manages your screen, mouse, and keyboard).
  On top of X, you use an X-based desktop environment to provide a desktop metaphor and window manager to provide the look-and-feel of your GUI (icons, window frames, menus, and colors, or a combination of those items called themes). There are several desktop environments and several desktop managers to choose from. (Red Hat provides a few desktop managers, but focuses on GNOME and KDE desktop environments.)
• Hardware support — You can configure support for almost every type of hardware that can be connected to a computer. There is support for floppy disk drives, CD-ROMs, removable disks (such as DVDs and Zip drives), sound cards, tape devices, video cards, and most anything else you can think of.
  • Networking connectivity — To connect your Linux system to a network, Linux offers support for a variety of local area network (LAN) boards, modems, and serial devices. In addition to LAN protocols, such as Ethernet (both wired and wireless), all the most popular upper-level networking protocols can be built-in. The most popular of these protocols is TCP/IP (used to connect to the Internet). Other protocols, such as IPX (for Novell networks) and X.25 (a packet-switching network type that is popular in Europe), are also available.
  • Network servers — Providing networking services to the client computers on the LAN or to the entire Internet is what Linux does best. A variety of software packages are available that enable you to use Linux as a print server, file server, FTP server, mail server, Web server, news server, or workgroup (DHCP or NIS) server.
  • Application support — Because of compatibility with POSIX and several different application programming interfaces (APIs), a wide range of freeware and shareware software is available for Linux. Most GNU software from the Free Software Foundation will run in Linux (although some may take a bit of tweaking).
  
  

Read More

What Is an Operating System?

An operating system is made up of software instructions that lie between the computer hardware (disks, memory, ports, and so on) and the application programs (word processors, Web browsers, spreadsheets, and so on). At the center is the kernel, which provides the most basic computing functions (managing system memory, sharing the processor, opening and closing devices, and so on). Besides the kernel, an operating system provides other basic services needed to operate the computer, including:

• File systems — The file system provides the structure in which information is stored on the computer. Information is stored in files, primarily on hard disks inside the computer. Files are organized within a hierarchy of directories. The Linux file system holds the data files that you save, the programs you run, and the configuration files that set up the system.
• Device drivers — These provide the interfaces to each of the hardware devices connected to your computer. A device driver enables a program to write to a device without needing to know details about how each piece of hardware is implemented. The program opens a device, sends and receives data, and closes a device.
• User interfaces — An operating system needs to provide a way for users to run programs and access the file system. Linux has both graphical and text-based user interfaces. GNOME and KDE provide graphical user interfaces, whereas shell command interpreters (such as bash) run programs by typing commands and options.
• System services — An operating system provides system services, many of which can be started automatically when the computer boots. In Linux, system services can include processes that mount file systems, start your network, and run scheduled tasks. In Linux, many services run continuously, enabling users to access printers, Web pages, files, databases, and other computing assets over a network.

Read More

mkdir and rmdir

You can create and remove directories using the mkdir and rmdir system calls.

#include <sys/types.h>
#include <sys/stat.h>
int mkdir(const char *path, mode_t mode);


The mkdir system call is used for creating directories and is the equivalent of the mkdir program. mkdir
makes a new directory with path as its name. The directory permissions are passed in the parameter
mode and are given as in the O_CREAT option of the open system call and, again, subject to umask.

#include <unistd.h>
int rmdir(const char *path);

The rmdir system call removes directories, but only if they are empty. The rmdir program uses this
system call to do its job.

Read More

The Shell as a Programming Language

Now that you’ve seen some basic shell operations, it’s time to move on to some actual shell programs. There
are two ways of writing shell programs. You can type a sequence of commands and allow the shell to execute
them interactively, or you can store those commands in a file that you can then invoke as a program.
Interactive Programs
Just typing the shell script on the command line is a quick and easy way of trying out small code fragments,
and is very useful while you are learning or just testing things.

Read More

What Is a Shell?

Before jumping in and discussing how to program using a shell, let’s review the shell’s function and the
different shells available for Linux. A shell is a program that acts as the interface between you and the Linux
system, enabling you to enter commands for the operating system to execute. In that respect, it resembles the
Windows command prompt, but as mentioned earlier, Linux shells are much more powerful. For example,
input and output can be redirected using < and >, data piped between simultaneously executing programs
using |, and output from a subprocess grabbed by using $(...). On Linux it’s quite feasible to have multiple
shells installed, with different users able to pick the one they prefer.

You can check the version of bash you have with the following command:
$ /bin/bash --version
GNU bash, version 3.2.9(1)-release (i686-pc-linux-gnu)
Copyright (C) 2005 Free Software Foundation, Inc.

Read More

What is Shell Script

Normally shells are interactive. It means shell accept command from you (via keyboard) and execute them. But if you use command one by one (sequence of 'n' number of commands) , the you can store this sequence of command to text file and tell the shell to execute this text file instead of entering the commands. This is know as shell script.

Read More

The Role of the Device Driver

As a programmer, you are able to make your own choices about your driver, and
choose an acceptable trade-off between the programming time required and the flexibility
of the result. Though it may appear strange to say that a driver is “flexible,” we
like this word because it emphasizes that the role of a device driver is providing
mechanism, not policy.

The distinction between mechanism and policy is one of the best ideas behind the
Unix design. Most programming problems can indeed be split into two parts: “what
capabilities are to be provided” (the mechanism) and “how those capabilities can be
used” (the policy). If the two issues are addressed by different parts of the program,
or even by different programs altogether, the software package is much easier to
develop and to adapt to particular needs.

For example, Unix management of the graphic display is split between the X server,
which knows the hardware and offers a unified interface to user programs, and the
window and session managers, which implement a particular policy without knowing
anything about the hardware. People can use the same window manager on different
hardware, and different users can run different configurations on the same
workstation. Even completely different desktop environments, such as KDE and
GNOME, can coexist on the same system. Another example is the layered structure
of TCP/IP networking: the operating system offers the socket abstraction, which
implements no policy regarding the data to be transferred, while different servers are
in charge of the services (and their associated policies). Moreover, a server like ftpd
provides the file transfer mechanism, while users can use whatever client they prefer;
both command-line and graphic clients exist, and anyone can write a new user interface
to transfer files.

Read More

The kernel

The kernel is a piece of software that, roughly speaking, provides a layer between the hardware and the application programs running on a computer. In a strict, computer-science sense, the term 'Linux' refers only to the kernel - the bit that Linus Torvalds wrote in the early 90s.

The kernel of UNIX is the hub of the operating system: it allocates time and memory to programs and handles the filestore and communications in response to system calls.
As an illustration of the way that the shell and the kernel work together, suppose a user types rm myfile (which has the effect of removing the file myfile). The shell searches the filestore for the file containing the program rm, and then requests the kernel, through system calls, to execute the program rm on myfile. When the process rm myfile has finished running, the shell then returns the UNIX prompt % to the user, indicating that it is waiting for further commands.

Read More