UNIX 101 Class Notes

From NYC Resistor Wiki
Jump to navigation Jump to search
UNIX 101 Class Notes
  1. Home


This class is intended as an introduction to UNIX, and UNIX like operating systems. It is geared towards novices, and first time users. The goal is to provide a basic understanding of key concepts, and establish a firm basis for continued personal growth on the platform.


For portions 1 - 5 I will provide shell access to 3 machines. 1 OSX, 1 Solaris, and 1 Linux For portion 6 we will work with an ubuntu live disk. ( or OSX? ) - Does ubuntu GUI work well on Macs? Can we reasonably expect people to come with X11 compat mode installed on their macs in advance? Is trying to cover both a worthwhile endeavor?

1. Introduction

    a) What is UNIX?  ( Open Group / Posix Standards     What is GNU? What is Linux? )
    b) History of UNIX  ( Different branches of the UNIX operating system tree and their origins )
    c) Current State of UNIX world

2. The command line

    a) The shell.  What is it?  ( sh, csh, ksh, bash, tcsh, zsh, .... )
    b) Execution
    c) The process tree ( ps )
    d) Simple view of permissions ( Users, Groups, Who is charlie root? )

3. Directory Structure

    a) Directories and Files ( cd , ls and toggles )
    b) Datastructures and Architecture in Memory
    c) Permissioning and ACLs
    d) Directory Naming convention
    e) Hard Links versus Symlinks
    f) Mounts ( Devices, Network Fileshares, Loopbacks, and Files )
    g) Device files ( What in the holy hell is urandom and why is it shouting at me? )

4. The kernel for dummies

    a) Booting what the hell is this shit?
    b) dmesg ( device messages )
    c) procfs ( the proc filesystem )
    d) modules ( modprobe, insmod, depmod, rmmod )

5. The Basics

    a) core commands, grep, cat, echo, more, less, find, locate, sed, awk - ( toolbox )
    b) the editors ( vi / vim, ed / jed, emacs, nano / pico )
    c) what is a shell script?
  • Optional Section* Networking
    Networking in UNIX, is ENTERPRISE. 
    Interfaces and how to access them.
    ifconfig, netstat, tcpdump, ethereal / wireshark, nmap

6. The GUI

    a) X11 - X.org, XFree86, Aqua?, Motif?....
    b) How to work with X - Permissioning, X Forwarding, Executing in X from Shell remotely, GL? Remote Display?  Dual Display?
    c) Window Managers ( What the hell is KDE?  Gnome?  Enlightenment?  Blackbox?  Fluxbox... Jesusbox... )
    d) Apps, and how we can execute them.
    e) You may be familiar with ( firefox, thunderbird, vlc, arduino, processing, zomg..... )
    f ) Things you may NOT be familiar with ( xscreensave-demo, mplayer, fsv, blah blah blah )
  • Optional Section *

Intermediate UNIX commands

    a) ssh ( client, daemon, pub / priv key auth, tunneling )
    b) vlc
    c) lsof

7. Where to get Linux / Unix?

    a) Choosing a Distro
    b) Installfests
    c) Freenode help channels
    d) Forums
    f ) You, no one learns unix without getting their hands dirty, and banging their head.

Close with some quick info to wow people.

This category contains the most basic network commands available on Linux platform.
w Shows who is currently logged in and where they are logged in from.
who This also shows who is on the server in an shell.
netstat Shows all current network connections.
netstat -an Shows all connections to the server, the source and destination ips and ports.
netstat -rn Shows routing table for all ips bound to the server.
netstat -an |grep :80 |wc -l Show how many active connections there are to apache (httpd runs on port 80)

Shows live system processes in a formatted table, memory information, uptime and other useful info.

While in top, Shift + M to sort by memory usage or Shift + P to sort by CPU usage

top -u root Show processes running by user root only.
route -n Shows routing table for all ips bound to the server.
route add default gw my_computer Add a default gateway to my_computer
nslookup yahoo.com Query your default domain name server (DNS) for an Internet name (or IP number) host_to_find.
traceroute yahoo.com Have a look how you messages travel to yahoo.com
tracepath yahoo.com Performs a very similar function to traceroute.
ifconfig Display info on the network interfaces.
ifconfig -a Display into on all network interfaces on server, active or inactive..
ifconfig eth0 down This will take eth0 (assuming the device exists) down, it
     won't be able to receive or send anything until you put the device back 
“up” again.
ifconfig eth0 up You guessed it. This would take eth0 up and available to receive or send packets.
/sbin/ifconfig eth0 netmask broadcast Assign IP, netmask and broadcast address to interface eth0.
ifup eth0 Will bring eth0 up if it is currently down.
ifdown eth0 Will bring eth0 down if it is currently up.
ifcfg Use ifcfg to configure a particular interface. Simply type ifcfg to get help on using this script.
ifcfg eth0 del This command takes eth0 down and removes the assigned IP
ifcfg eth0 add This command brings eth0 up and assigns the new IP
ping Sends test packets to a specified server to check if it is responding properly
ping yahoo.com Sends echo requests to yahoo.com
mii-tool Checks what your duplex settings are.
arp Command mostly used for checking existing Ethernet connectivity and IP address
hostname Tells the user the host name of the computer they are logged into.
findsmb Used to list info about machines that respond to SMB name
     queries. findsmb with no argument would find all machines 
possible. You can also specify a particular subnet to localize search.
host yahoo.com Performs a simple lookup of an internet address using DNS.
dig yahoo.com The "domain information groper" tool. This example looks up information about yahoo.com such as IP.
dig -x Looks up the address and returns the associated domain name.
     dig takes a huge number of options (at the point of being too many), 
refer to the manual page for more information.
whois Used to look up the contact information from the “whois”
     databases. Also reports IP address and name server of domain as well as 
creation and expiration dates..
ftp File transfer protocol. Transfers files to another host (insecure)
rdesktop Display remote desktop on Linux Machine. You can use to connect to Windows.
All the remote network administration related tools and techniques available on Linux platform.
ssh Secure shell, an alternative but secure to telnet/rsh and
     all the non-secure methods of logging in to remote servers. All connections 
get encrypted.
ssh username@hostname Connect to a remote server by specifying your username and hostname you're logging into.
scp <from_server> <to_server> Secure copy. Allows you to copy files from one computer to another computer, use -r to copy recursively.
scp -r jose@remote1:/tmp greg@remote2:/tmp Do a recursive scp of /tmp on remote1 server logging in as jose to remote2 server /tmp logging in as greg.
scp remote:/home/me/junk/* . This will copy files on the remote machine in the directory &#147;/home/me/junk/&#148; to your local computer.
sftp Secure ftp, another part of the ssh package. This command
     is similar to ftp but uses an encrypted tunnel to connect to an ftp server 
and is therefore more secure than just plain ftp.
rsync An open source utility that provides fast incremental file transfer. Can be transferred via ssh.
rsync -av -e ssh remote@server:/home/dir /local/dir Rsync command used via ssh to login as default user on remote server to fetch /home/dir to local server and path /local/dir.

Print all the network traffic going through the network. Do a 'man tcpdump' to learn more.

tcpdump -v Display the verbose output
tcpdump -D Display network interfaces available for the capture
tcpdump -n Display numerical addresses rather than symbolic (DNS) addresses
tcpdump -i eth0 Capture the traffic of eth0 interface
tcpdump udp Capture the UDP traffic
tcpdump -w capture.log Send the capture output in a file instead of directly on the screen
tcpdump -r capture.log Read a capture file
tcpdump port http Capture the TCP port 80 traffic
tcpdump -i eth0 host Listen to all traffic on interface eth0 going
     to This troubleshooting technique can determine why a web 
connection is not reaching yahoo.com (
tcpdump host www.yahoo.com Display the packets having "www.openmaniak.com" as their source or destination address
tcpdump src and dst and port ftp Display the FTP packets coming from to
nmap A very advanced network tool used to query machines (local
     or remote) as to whether they are up and what ports are open on these machines. 
Download it from insecure.org and for additional documentation.
nmap host_name This would query host_name and report what ports it keeps open.
nc Netcat. A networking utility which reads and writes data across network connections, using the TCP/IP protocol.

(GNU Web get) used to download files from the World Wide Web. To archive a single web-site.

-m or --mirror --> To archive a single website.

-nc --> no clobber option to stop wget from overwriting a file if you already have it.

-c or --continue --> Continue a file that was unfinished by wget or another program.

Wget has a large list of options. Please check the manual pages for more details.

wget http://blog.lxpages.com/ultimate_linux.html This would simply get ultimate_linux.html from blog.lxpages.com website.
curl Another remote downloader similar to wget. This remote downloader
     is designed to work without user interaction and supports a variety of protocols, 
     can upload/download and has a large number of tricks/work-arounds for various 
     things. It can access dictionary servers (dict), ldap servers, ftp, http, 
gopher, see the manual page for full details.
curl -M To access the full manual. There are too many options and
     variations for examples. Please refer to manual for in depth examples and 
curl -u username:password -T index.html ftp://ftp.mywebsite.com This uploads index.html to ftp.mywebsite.com
All the network related configuration files on a Linux platform.
/etc This directory contains most of the basic Linux system-configuration Files.
/etc/sysconfig Contains important system configuration files that are created
     and maintained by various services (including iptables, samba, and most 
networking services).
/etc/sysconfig/network Network configuration file used by the system during the boot process.
/etc/sysconfig/network-scripts Configuration files that are run during boot process related to setting up of your network.
/etc/xinetd.d Contains a set of files, each of which defines a network service that the xinetd daemon listens for on a particular port.
/etc/syslogd.conf The configuration file for the syslogd daemon. syslogd is
     the daemon that takes care of logging (writing to disk) messages coming 
from other programs to the system.
/etc/resolv.conf Host name resolver configuration file. This configures Linux
     so that it knows which DNS server will be resolving domain names into IP 
/etc/hosts Locally resolve node names to IP addresses. This informs Linux of local systems on the network which are not handled by the DNS server.
/etc/nsswitch.conf System Databases and Name Service Switch configuration file.
     Looks up /etc/hosts first, if host not found then it would query DNS server 
as defined by /etc/resolv.conf
/var Contains variable data like system logging files, mail and printer spool directories, and transient and temporary files.
/var/log Log files from the system and various programs/services, especially
     login (/var/log/wtmp, which logs all logins and logouts into the system) 
     and syslog (/var/log/messages, where all kernel and system program message 
are usually stored).
/var/log/messages System logs. The first place you should look at if your system is in trouble.
/var/log/utmp Active user sessions. This is a data file and as such it can not be viewed normally.
/var/log/wtmp Log of all users who have logged into and out of the system. The last command can be used to access a human readable form of this file.
Network Open Source Network Utilities Some of the most useful network tools available for Linux.
<a href="http://insecure.org/">nmap</a> A very advanced network tool used to query machines (local
     or remote) as to whether they are up and what ports are open on these machines. 
Download it from insecure.org and for additional documentation.
<a href="http://netcat.sourceforge.net/">nc</a> Netcat. A networking utility which reads and writes data across network connections, using the TCP/IP protocol.
<a href="http://ngrep.sourceforge.net/">ngrep</a> Network grep. Used to debug plaintext protocol interactions such as HTTP, SMTP, FTP, etc.
<a href="http://www.ntop.org/download.html">ntop</a> A network traffic probe that shows the network usage, similar to what the popular top Unix command does.
<a href="http://www.hping.org/">Hping2</a> A network probing utility like ping on steroids.
<a href="http://curl.haxx.se/">curl and libcurl</a> A command line tool and library for client-side URL transfers.
<a href="http://rkhunter.sourceforge.net/">Rootkit Hunter</a> A file scanner for rootkits, backdoors, and sniffers.
<a href="http://dspam.nuclearelephant.com">DSPAM</a> A server-side anti-spam agent for UNIX email servers.
<a href="http://www.realvnc.com/">RealVNC</a> Cross-platform Virtual Network Computing
<a href="http://sourceforge.net/projects/webadmin">Webmin</a> A web-based system administration tool for Unix servers and services.