Week 08 Lab 02_____ (1)
.docx
keyboard_arrow_up
School
University of Texas, Dallas *
*We aren’t endorsed by this school
Course
3377
Subject
Computer Science
Date
May 8, 2024
Type
docx
Pages
9
Uploaded by CoachSparrowMaster99 on coursehero.com
Week 08 Lab 02
Muhammad
login as: axm210331
Pre-authentication banner message from server:
| University of Texas at Dallas
| Department of Computer Science
|
| Use of UTD Information Systems is subject to
| the UTD Information Security and Acceptable Use Policy.
|
| Pursuant to Texas Administrative Code 202:
| (1) Unauthorized use is prohibited;
| (2) Usage may be subject to security testing and monitoring;
| (3) Misuse is subject to criminal prosecution; and
| (4) No expectation of privacy except as otherwise provided by applicable
| privacy laws.
|
| ATTENTION: utdnetid != utdnetid@utdallas.edu (UTD != Google!)
|
| Just use utdnetid, and for the love of programming, STOP USING ALL CAPS!
|
| [[NOTE: All CS Graduate Students should use csgrads1.utdallas.edu ]]
| [[ If you are a CS Graduate Student, you cannot logon to this server.]]
|
|
| ***** This system will require a connection to the GlobalProtect VPN startin
> g
| on the following dates:
|
| cslinux1.utdallas.edu - June 15, 2020
| cslinux2.utdallas.edu - June 22, 2020
|
| ***** GlobalProtect VPN Instructions: https://www.utdallas.edu/oit/howto/vpn
> /
|
End of banner message from server
Keyboard-interactive authentication prompts from server:
End of keyboard-interactive prompts from server
+----------------------------------------------------------------------+
MobaXterm Personal Edition v23.2 (SSH client, X server and network tools) ? SSH session to axm210331@cslinux1.utdallas.edu
Direct SSH : ? SSH compression : ? SSH-browser : ? X11-forwarding : ? (remote display is forwarded through SSH) ? For more info, ctrl+click on help or visit our website. +----------------------------------------------------------------------+
Last login: Fri Oct 20 23:52:25 2023 from 10.50.240.241
***---***---***---***---***---***
csgrads1.utdallas.edu - CentOS Linux 7.9
--All CS Graduate Students should use csgrads1--
cs1.utdallas.edu - CentOS Linux 7.9
cs2.utdallas.edu - CentOS Linux 7.9
***---***---***---***---***---***
This system is for use by CS students who need a general purpose Linux system
to complete homework assignments. Computationally or resource intensive
simulations will be throttled automatically.
Thank you,
CS Lab Manager
cs-labs@utdallas.edu
/scratch disk space can be used for temporary files.
All files within /scratch will be erased on a regular basis (Sunday 0300).
{cslinux1:~} whoami
axm210331
{cslinux1:~} ls
abc.txt dog lab1 pwd w5l1 Week05Lab2 week5lab1
a.out first.txt lab2 sample.txt w5l2 week07Lab1 welcome.c
apue hello lab3 scriptForNew w6l1 week07Lab2 welcome.h
cat.txt hello(2).c Makefile script.sh w7l1 week08Lab01 welcome.h.gch
ch4lab1 hello(3).c new.txt short w7l2 week09Lab01
ch4lab2 hello.c perl5 typescript Week05Lab1 week09Lab02
data.txt hey practice Untitled.txt Week05Lab12 Week4Lab1
days hey.txt public_html w4l1 Week05Lab13 week4lab2
{cslinux1:~} cd week08Lab02
{cslinux1:~/week08Lab02} ls
{cslinux1:~/week08Lab02} script w8l2
Script started, file is w8l2
{cslinux1:~/week08Lab02} ls tryShell.c
ls: cannot access tryShell.c: No such file or directory
{cslinux1:~/week08Lab02} ls
w8l2
{cslinux1:~/week08Lab02} cd ../
{cslinux1:~} ls tryShell.c
tryShell.c
Part 1
{cslinux1:~} mv tryShell.c week08Lab02
{cslinux1:~} cd week08Lab02
{cslinux1:~/week08Lab02} ls
tryShell.c w8l2
a)tryShell receive + open
{cslinux1:~/week08Lab02} cat tryShell.c
/*
source: www.csl.mtu.edu/cs4411.ck/www/NOTES/process/fork/exec.html
*/
#include <stdio.h>
#include <sys/types.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#define MAX 1024
void parse(char *line, char **argv)
{
while (*line != '\0') { /* if not the end of line */
while (*line == ' ' || *line == '\t' || *line == '\n')
*line++ = '\0'; /* replace white spaces with 0*/
*argv++ = line; /* save the argument position */
while (*line != '\0' && *line != ' ' &&
*line != '\t' && *line != '\n')
line++; /* skip the argument until ... */
}
*argv = '\0'; /* mark the end of argument list */
}
void execute(char **argv)
{
pid_t pid;
int status;
if ((pid = fork()) < 0) { /* fork a child process */
printf("*** ERROR: forking child process failed\n");
exit(1);
}
else if (pid == 0) { /* for the child process: */
if (execvp(*argv, argv) < 0) { /* exec command */
printf("*** ERROR: exec failed\n");
exit(1);
}
}
else { /* for the parent: */
while (wait(&status) != pid) /* wait for completion */
;
}
}
void main(void)
{
char line[MAX]; /* the input line */
char *argv[64]; /* the command line argument */
while (1) { /* repeat until done ....
*/
printf("Shell -> "); /* display a prompt */
if (fgets(line, MAX, stdin) != 0){
line[strcspn(line, "\n")] = '\0';
printf("\n");
// Place your code here to check the command is "exit"
// to terminate the shell.
parse(line, argv); /* parse the line */
execute(argv); /* otherwise, execute cmd */
}
}
}
b)Compile tryShell.c
{cslinux1:~/week08Lab02} gcc tryShell.c -o tryShell
c) Run tryShell
{cslinux1:~/week08Lab02} ./tryShell
Shell -> date
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Related Questions
113
Spoofing attack is
a) an application that captures TCP/IP data packets, which can maliciously be used to capture passwords and other data while it is in transit either within the computer or over the network.
b) a situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining illegitimate access.
c) a toolkit for hiding the fact that a computer’s security has been compromised, is a general description of a set of programs which work to subvert control of an operating system from its legitimate (in accordance with established rules) operators.
d) None of these
arrow_forward
Joe Green, a system administrator for a large corporation, is installing a new software package on Chuck Dennis’ personal computer. The company has not authorized Joe to read the employees’ e-mail, Web logs, or personal files. However, in the course of installing the software, he accidentally comes across directories containing files with suspicious-looking names. He opens a few files and discovers they contain child pornography. Joe believes possessing such images is unethical for their profession. What should he do?
Acme Corporation licenses a sophisticated software package to many private and government agencies. Kyla is one of Acme's employees who works in the support organization. She mostly provides phone support but also teaches an on-site class from time to time. In fact, she created many of the instructional materials used in these classes. One day Kyla gets a call from Maria, who works for a government agency that uses Acme's software package. Maria offers to pay Kyla Php…
arrow_forward
Hi I want to make a video presentation on this topic which should be 5 mins atleast, so need help below format:
Discussion: Misadventures of a Nation State Podcast
Discuss Darknet Diaries Episode 10. Why is this a video discussion instead of a written response? It is an important skill to master to be able to present and summarize the key concepts of a complex cybersecurity incident in a short time frame. Remember that unless you are talking to other cybersecurity professionals, probably no one thinks this stuff is as interesting as you do.
Instructions: The main purpose of the video discussion assignments is to get you to dig into the main four cybersecurity frameworks and references we use in the class. Use the context of the specific security incident to explore and explain some aspects of the NIST CSF, the CIS CSCs, ACSC Strategies to Mitigate Cyber Incidents, and the MITRE ATT&CK matrix.
Keep each discussion sub-topic focused and to approximately 1 minute for a TOTAL video…
arrow_forward
You've been warned about a ransomware assault known as Ryuk. Assume that each infected device will cost you $100 to restore your files.
Write a one-page executive briefing (in memo style) outlining the following actions to address the danger you've identified:
Find out about a security danger and/or breach and study the information you findAssess the danger and prepare a briefing for senior management (a one-page paper in Word, PDF, etc.)Write a concise summary of the main aspects of the problemWhat effect, if any, could it have on St. Eligius?Make suggestions for short-term measures to reduce the risk.Suggestions for long-term mitigation
arrow_forward
True or false: Intrusion Detection Systems have the ability to block threats
True
False
Question 25
The intrusion response Trace Recording
collects artifacts to determine TTP
sends an alert to systems capable of SNMP communication
brings in additional specialized resources
opens the application trace route
arrow_forward
You are assisting with the Investigation of a report of Bestiality, and have been accessed to conduct the digital forensic examination of the Suspect’s Cellular telephone. You have been provided with a Warrant, which authorizes you to acquire a forensic image of all data on the phone, and then conduct a subsequent review of the data for images or videos of obscenity involving animals. The Warrant authorizes you to search all files and folders on the phone, to include deleted files, unallocated space which may exist on the phones flash memory, and, to conduct the same examination of any SD Card the phone may contain.
After conducting an acquisition of the data using the Cellebrite Physical Analyzer Mobile Device Toolkit, you realize no images or videos were extracted. After a little research, you realize that the phone uses a Cloud Based storage system, by default, to save all pictures and videos to the users Google Drive. In an attempt to verify this setting, you set up a digital…
arrow_forward
What precisely is meant by the term "spoofing," and how may it be used to the detriment of a victim?
arrow_forward
You are assisting with the Investigation of a report of Bestiality, and have been accessed to conduct the digital forensic examination of the Suspect’s Cellular telephone. You have been provided with a Warrant, which authorizes you to acquire a forensic image of all data on the phone, and then conduct a subsequent review of the data for images or videos of obscenity involving animals. The Warrant authorizes you to search all files and folders on the phone, to include deleted files, unallocated space which may exist on the phones flash memory, and, to conduct the same examination of any SD Card the phone may contain.
After conducting an acquisition of the data using the Cellebrite Physical Analyzer Mobile Device Toolkit, you realize no images or videos were extracted. After a little research, you realize that the phone uses a Cloud Based storage system, by default, to save all pictures and videos to the users Google Drive. In an attempt to verify this setting, you set up a digital…
arrow_forward
How do you think the introduction of new technologies has affected how people think about and approach internet security?
arrow_forward
Make a distinction between spoofing and session hijacking. In the case that you're a web user, what are some of the countermeasures you use to protect yourself against session hijacking?
arrow_forward
▾ Topic 1
(Refers to Lesson #1) Discuss how the definition of privacy that is commonly used (freedom from observation) may differ from the
definition of privacy from the information security perspective (freedom from unsanctioned intrusion).
Topic 2
▸ Topic 3
8
f
ion_topics/2947715?module_item_id=12935597#
Q Search
S
T
Q Search entries or author
G
H
N
& 7
M
Unread
hp
3
K
fo
↑
©
E
fo
F11
P
alt
112
C
**
ļ
Insert
ctn
E
pause
10:14
10/30/20
backspace
arrow_forward
You are assisting with the Investigation of a report of Bestiality, and have been accessed to conduct the digital forensic examination of the Suspect’s Cellular telephone. You have been provided with a Warrant, which authorizes you to acquire a forensic image of all data on the phone, and then conduct a subsequent review of the data for images or videos of obscenity involving animals. The Warrant authorizes you to search all files and folders on the phone, to include deleted files, unallocated space which may exist on the phones flash memory, and, to conduct the same examination of any SD Card the phone may contain.
After conducting an acquisition of the data using the Cellebrite Physical Analyzer Mobile Device Toolkit, you realize no images or videos were extracted. After a little research, you realize that the phone uses a Cloud Based storage system, by default, to save all pictures and videos to the users Google Drive. In an attempt to verify this setting, you set up a digital…
arrow_forward
Discuss the concept of end-to-end encryption in messaging apps. How does it work, and what are the benefits and limitations of implementing it?
arrow_forward
In October 19, 2012, HSBC servers came under a denial of
service (DoS) attack which affected a number of HSBC websites
around the world. The London-based banking giant said in a
statement, "This denial of service attack did not affect any
customer data, but did prevent customers using HSBC online
services, including internet banking."
a) Explain how the objective of DoS differs from other types of
network attacks
b) How the DoS attack is carried out?
c) How the Dos attack works?
d) As an expert in computer security, explain the challenges in
identifying the real attacker
who launched the DDOS attack against HSBC website.
e) Discuss the relationship between DDOS attack and Botnet
arrow_forward
Is there a way to protect vehicle-to-vehicle communication by using security approaches and mechanisms? * The second question is how long each security method takes to encrypt and decode a message.
arrow_forward
Discuss the differences between symmetric and asymmetric encryption algorithms and their applications in network security.
arrow_forward
Data Security is considered a senior Management concern and responsibility. It affects every company’s operation, reputation and ultimately impacts revenue, profits, and a competitive edge. Yet many companies do not implement defenses that could help to prevent and control data breaches. In June 2012 LinkedIn a business social network site was hacked, this data breach was discovered when IT security experts discovered millions of LinkedIn passwords on a Russian underground site. The reason this happened was that the company was using outdated encryption methods and within 2 days, most passwords were cracked. What steps can a business take to keep control of its data security? What security management processes and activities in each process should a business follow to ensure they have an Information Technology Risk management strategy in place?
arrow_forward
A researcher working on a study has been aware of a problem referred to as "security breakdowns in social media," and they want to look into it more. What are the steps that he has to follow in order to complete his research? Please provide a condensed description of each step.
arrow_forward
Describe the ways in which people's perspectives and behaviors about internet security have changed as a direct result of the development of new technologies?
arrow_forward
In what degree should you trust that your private data will remain safe? How can we guarantee the safety of our information and the identity of our users?
arrow_forward
When it comes to protecting vehicular communications or vehicle-to-vehicle communications, what security techniques/mechanisms may be employed? * What follows is a time estimate for how long it takes to encrypt and decrypt a message using each security technique/mechanism.
arrow_forward
For the Agent Tesla malware, please write a short paragraph based on the given background and website info:
Agent Tesla is a RAT that targets Windows operating systems. It is available for purchase on criminal forums as Malware-as-a-Service (MaaS). It has various capabilities depending on the version purchased, including capturing keystrokes and screenshots, harvesting saved credentials from web browsers, copying clipboard data, exfiltrating victim files, and loading other malware onto the host.
https://www.cisecurity.org/insights/blog/top-10-malware-december-2022
Agent Tesla is an extremely popular spyware Trojan written for the .NET framework that has been observed since 2014 with many iterations since then. It is used to steal sensitive information from a victim’s device such as user credentials, keystrokes, clipboard data, credentials from browsers, and other information. This information can then be traded or used for business intelligence or ransom. Agent Tesla is most commonly…
arrow_forward
TASK 01 (SHODAN)•For this assignment you will have to do some observation task on some vulnerabilities that can be exploited to attack ICS security.•Remember: ONLY OBSERVE for study purpose. UNITEN will not be responsible for your experimentation beyond the required task.Search for potential location of ICS devices•Use Shodan website•Search for location that is linked to port 102 in Malaysia•Note how many are there in Malaysia1.Find out what all those displayed information mean from the search. Explain it in your report. [5 marks]2.Use the map in SHODAN to actually find out where these location actually is. [2 marks]3.Cross check with google map if the location is actually real. List at least TWO detailed address and information found through SHODAN, [3 marks]4.Extra bonus marks: Find out other port number that might be used by ICS device and perform a search. List them out and perform the same test. Write the same report of your findings.
TASK 02 (GOOGLE HACKING)•For this assignment…
arrow_forward
Discuss the significance of access control lists (ACLs) in network security.
arrow_forward
Describe the concept of end-to-end encryption in the context of secure messaging applications. How does it ensure the privacy of communication?
arrow_forward
1)Discusss the security aspects of gmail system
arrow_forward
A researcher for a study has observed a problem referred to as "security flaws in social media" and wants to analyze it further. What steps should he take to do his research? Describe each procedure succinctly.
arrow_forward
SEE MORE QUESTIONS
Recommended textbooks for you
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Related Questions
- 113 Spoofing attack is a) an application that captures TCP/IP data packets, which can maliciously be used to capture passwords and other data while it is in transit either within the computer or over the network. b) a situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining illegitimate access. c) a toolkit for hiding the fact that a computer’s security has been compromised, is a general description of a set of programs which work to subvert control of an operating system from its legitimate (in accordance with established rules) operators. d) None of thesearrow_forwardJoe Green, a system administrator for a large corporation, is installing a new software package on Chuck Dennis’ personal computer. The company has not authorized Joe to read the employees’ e-mail, Web logs, or personal files. However, in the course of installing the software, he accidentally comes across directories containing files with suspicious-looking names. He opens a few files and discovers they contain child pornography. Joe believes possessing such images is unethical for their profession. What should he do? Acme Corporation licenses a sophisticated software package to many private and government agencies. Kyla is one of Acme's employees who works in the support organization. She mostly provides phone support but also teaches an on-site class from time to time. In fact, she created many of the instructional materials used in these classes. One day Kyla gets a call from Maria, who works for a government agency that uses Acme's software package. Maria offers to pay Kyla Php…arrow_forwardHi I want to make a video presentation on this topic which should be 5 mins atleast, so need help below format: Discussion: Misadventures of a Nation State Podcast Discuss Darknet Diaries Episode 10. Why is this a video discussion instead of a written response? It is an important skill to master to be able to present and summarize the key concepts of a complex cybersecurity incident in a short time frame. Remember that unless you are talking to other cybersecurity professionals, probably no one thinks this stuff is as interesting as you do. Instructions: The main purpose of the video discussion assignments is to get you to dig into the main four cybersecurity frameworks and references we use in the class. Use the context of the specific security incident to explore and explain some aspects of the NIST CSF, the CIS CSCs, ACSC Strategies to Mitigate Cyber Incidents, and the MITRE ATT&CK matrix. Keep each discussion sub-topic focused and to approximately 1 minute for a TOTAL video…arrow_forward
- You've been warned about a ransomware assault known as Ryuk. Assume that each infected device will cost you $100 to restore your files. Write a one-page executive briefing (in memo style) outlining the following actions to address the danger you've identified: Find out about a security danger and/or breach and study the information you findAssess the danger and prepare a briefing for senior management (a one-page paper in Word, PDF, etc.)Write a concise summary of the main aspects of the problemWhat effect, if any, could it have on St. Eligius?Make suggestions for short-term measures to reduce the risk.Suggestions for long-term mitigationarrow_forwardTrue or false: Intrusion Detection Systems have the ability to block threats True False Question 25 The intrusion response Trace Recording collects artifacts to determine TTP sends an alert to systems capable of SNMP communication brings in additional specialized resources opens the application trace routearrow_forwardYou are assisting with the Investigation of a report of Bestiality, and have been accessed to conduct the digital forensic examination of the Suspect’s Cellular telephone. You have been provided with a Warrant, which authorizes you to acquire a forensic image of all data on the phone, and then conduct a subsequent review of the data for images or videos of obscenity involving animals. The Warrant authorizes you to search all files and folders on the phone, to include deleted files, unallocated space which may exist on the phones flash memory, and, to conduct the same examination of any SD Card the phone may contain. After conducting an acquisition of the data using the Cellebrite Physical Analyzer Mobile Device Toolkit, you realize no images or videos were extracted. After a little research, you realize that the phone uses a Cloud Based storage system, by default, to save all pictures and videos to the users Google Drive. In an attempt to verify this setting, you set up a digital…arrow_forward
- What precisely is meant by the term "spoofing," and how may it be used to the detriment of a victim?arrow_forwardYou are assisting with the Investigation of a report of Bestiality, and have been accessed to conduct the digital forensic examination of the Suspect’s Cellular telephone. You have been provided with a Warrant, which authorizes you to acquire a forensic image of all data on the phone, and then conduct a subsequent review of the data for images or videos of obscenity involving animals. The Warrant authorizes you to search all files and folders on the phone, to include deleted files, unallocated space which may exist on the phones flash memory, and, to conduct the same examination of any SD Card the phone may contain. After conducting an acquisition of the data using the Cellebrite Physical Analyzer Mobile Device Toolkit, you realize no images or videos were extracted. After a little research, you realize that the phone uses a Cloud Based storage system, by default, to save all pictures and videos to the users Google Drive. In an attempt to verify this setting, you set up a digital…arrow_forwardHow do you think the introduction of new technologies has affected how people think about and approach internet security?arrow_forward
- Make a distinction between spoofing and session hijacking. In the case that you're a web user, what are some of the countermeasures you use to protect yourself against session hijacking?arrow_forward▾ Topic 1 (Refers to Lesson #1) Discuss how the definition of privacy that is commonly used (freedom from observation) may differ from the definition of privacy from the information security perspective (freedom from unsanctioned intrusion). Topic 2 ▸ Topic 3 8 f ion_topics/2947715?module_item_id=12935597# Q Search S T Q Search entries or author G H N & 7 M Unread hp 3 K fo ↑ © E fo F11 P alt 112 C ** ļ Insert ctn E pause 10:14 10/30/20 backspacearrow_forwardYou are assisting with the Investigation of a report of Bestiality, and have been accessed to conduct the digital forensic examination of the Suspect’s Cellular telephone. You have been provided with a Warrant, which authorizes you to acquire a forensic image of all data on the phone, and then conduct a subsequent review of the data for images or videos of obscenity involving animals. The Warrant authorizes you to search all files and folders on the phone, to include deleted files, unallocated space which may exist on the phones flash memory, and, to conduct the same examination of any SD Card the phone may contain. After conducting an acquisition of the data using the Cellebrite Physical Analyzer Mobile Device Toolkit, you realize no images or videos were extracted. After a little research, you realize that the phone uses a Cloud Based storage system, by default, to save all pictures and videos to the users Google Drive. In an attempt to verify this setting, you set up a digital…arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
- Principles of Information Systems (MindTap Course...Computer ScienceISBN:9781305971776Author:Ralph Stair, George ReynoldsPublisher:Cengage LearningManagement Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,