Diferències

Ací es mostren les diferències entre la revisió seleccionada i la versió actual de la pàgina.

Enllaç a la visualització de la comparació

--- linux:seguridad:sadservers [15/05/2024 03:56] – mate
+++ linux:seguridad:sadservers [28/05/2024 06:51] (actual) – ["Resumable Server": Linux Upskill Challenge] mate
@@ Línia 22: / Línia 22: @@
 == "Saskatoon": counting IPs.
+  * ''awk '{print $1}' ''
+  * ''cut -d' ' -f1''
+  * ''sort'':
+    * -h: numérico humano
+    * -r: reverso
+    * -k[primer-campo],[ultimo-campo]
+    * -t <SEP>: separador
+  * ''uniq -c'': cuenta elementos únicos
 <code>
+. To get the first field (IP) of the file, you can do awk '{print $1}' access.log or using "cut" with delimiter of space (-d' ') and picking the first field (-f1): cat access.log |cut -d' ' -f1. You may want to append a pipe | head or | tail as you construct the command to see how your filters are working.
+. After the previous step, you want to sort the IPs so they are together and can be counted: cat access.log | awk '{print $1}' |sort
+. Now you want to do the count with "uniq -c", so we have so far: awk '{print $1}' access.log |sort|uniq -c
+. Finally you want to sort the results with "sort" (goes in ascending order) and get the latest one (with "tail -1" for example), or sort in reverse order with "sort -r" and get the top result: awk '{print $1}' access.log|sort|uniq -c|sort -r|head -1.
+(Open window once more to see the complete solution).
+Solution: One posible way is awk '{print $1}' access.log|sort|uniq -c|sort -r|head -1|awk '{print $2}' > /home/admin/highestip.txt
+</code>
+== "Santiago": Find the secret combination
+  * ''grep -rc''
+  * ''grep -A 1''
+  * ''find ... | xargs grep -c''
+<code>
+. Use grep recursively or use find and pass the results to grep via xargs
+(Open window once more to see the solution to the first part).
+. (Solution to 1) cd /home/admin/ and then for example: grep -rc Alice *.txt or find . -type f -name "*.txt" |xargs grep -c 'Alice' , adding the results from the three files: echo -n 411 > /home/admin/solution
+(Open window once more to see the solution to the second part).
+. (Solution to 2) The file with exactly one Alice occurrence is 1342-0.txt :grep Alice -A 1 /home/admin/1342-0.txt (or open the file with less or vi and enter /Alice). Appending this result: echo 156 >> /home/admin/solution (The solution is 411156).
+</code>
+== "The Command Line Murders"
+  * ''knock localhost 3000''
+  * ''nmap -p- localhost''
+<code>
+. You can use the knock utility, for example to knock on port 3000: knock localhost 3000. Netcat (nc) and nmap are also available. Note than nmap has some options where you'd need to be root (not possible here)
+. You can also write a BASH script that knocks sequentially on all ports.
+. Solution.Probably the fastest is using nmap against all ports, for example: nmap -p- localhost.
+</code>
+== "Resumable Server": Linux Upskill Challenge
+<code></code>
+== "Bucharest": Connecting to Postgres
+  * ''sudo systemctl restart postgresql@13-main''
+<code>
+. The issue might be related to the configuration of the PostgreSQL server. (See the error message when attempting the tedt). The configuration files are usually located in the /etc/postgresql/$version/main/ directory. You might want to start by checking these files. (You'll need to use "sudo").
+. The pg_hba.conf file controls client authentication. This file is read on start-up and when the main server process receives a SIGHUP signal. If you’re having trouble connecting to the database, this file could be a good place to look. (Click again "Next Clue/Solution" to reveal the final step)
+Solution: In the /etc/postgresql/13/main/pg_hba.conf file, delete or comment out the lines with a reject keyword from all. Then restart the PostgreSQL service: sudo systemctl restart postgresql@13-main
 </code>