Week Thirteen Agenda

•Link of the week•Use of the Virtual Machine•Review the next lab assignment•Expected outcomes•Next lab assignment•Upcoming deadlines•Questions and answers

Link of the week

Purchase CGI scriptshttp://www.cgiscript.net

CGI Programming FAQ by Nick Kews http://www.webthing.com/tutorials/cgifaq.html

Introduction to CGI Scriptshttp://snowwhite.it.brighton.ac.uk/~mas/mas/courses/html/html.html

Define: CGI (Common Gateway Interface) script A standard for interfacing with external applications and

information servers. The information servers can be HTTP or Web servers. The CGI scripts provides a more dynamic avenue for information servers to pursue rather than as a HTML file server.

Link of the weekCommon

In the sense that there are many programming languages that scripts can be written in and interact with different types of systems. The user isn’t limited to just one way.

GatewayCGI strengths lie in not only what it can do itself, but with it’s potential access it offers to other systems (databases/graphic generators).

InterfaceCGI provides a well-defined way to call up its features. The interface between the CGI script and the web server is fixed.

Review DNSWhat is a domain name?

It is a name that refers to a numeric notation (similar to an alias).A name that identifies one or more IP addresses.

What is the function of a Domain Name Service (DNS)?It is a system that resolves names to an IP address(es) of clients. Domain name system is a hierarchical system where the top level domain serving sub domain clients with names and IP addresses. A DNS is similar to a “phone book”.

The most popular DNS software is generally BIND.

dos2unix is a function that converts DOS/MAC plain text files into Unix format.

What is the “lost+found” area considered on a Unix/Linux system?It is the lost file directory. Usually, there is one on every disk partition. Disk errors or incorrect system shutdowns cause files to become lost.

Review Network ServicesNetwork Services

A variety of services available across a networkNFSRemote login Utilize a Web browser

All network services rely on the ability to convert a host or domain name to an IP address.

DNS are complex. The number of host names and IP addresses in the Internet is very large.

DNS Local contains actual translations for the machines in its local network

DNS Global contains more information about translations.

A single translation could involve several DNS before resolving the IP address.

Review SecuritySecurity on UNIX systems

Basic Unix-like operating system security is the access modes for files and directories. Default file and directory permission settings are set by the umask variable value. The recommended umask 077 setting would enable all permissions for the directory owner, disabling all permissions for the group, and others.

Base directory values = 777Base file values = 666

Access permissions cannot be granted one way for one user and another way for a different user.

The chmod command should be used to make the final permissions settings once the information is intended for use.

Review Week Twelve Lab AssignmentDirectory Calculation

umask 077

777 111 111 111

077 000 111 111

700 111 000 000 (1’s complement)

111 000 000

700 (rwx------)

Review Week Twelve Lab AssignmentFile Calculation

umask 077

666 110 110 110

077 000 111 111

700 111 000 000 (1’s complement)

110 000 000

600 (rw-------)

Review SecuritySecurity on UNIX systems

PATH environment variable should be organized with so that system paths are searched first rather than the users current directory. The users current directory should be searched last.

Unix utilizes a combination of one-way and DES password encryption.

MD5 passwords all begin with “$1$” denoting that encryption form.

Network security is important so limit access to powerful commands like uucp, uux, uucico, and uuxqt commands.

Because LANs have been designed to transfer files between computers quickly, and security should be more of a consideration today.

Review Filesystems/passwordsFile Systems

UNIX/Linux file system is contained under the root directory denoted by a slash “/”.

Users don’t have to worry about the physical locations of files.

The system administrator must be familiar with mounting and un-mounting storage space (/mnt).

A file system cannot be utilized unless it has been mounted.

One-Way EncryptionEncryption that produces cipher text from which the original data cannot be reproduced.MD5 is a method to create a hash or message digest, it will create a unique MD5sum for every different message or file.

You cannot reverse it so you have to brute force it. Rainbow tables use a mathematic algorithm so its easier and faster than a common brute force.

And yes, there are tables which can crack your MD5, I just don’t know how big they are. Usually if you have a password which is bigger than 15 characters, it takes to much time to create a table for it, and you need a lot of disk space.

So if your password is bigger than 15 characters you are reasonably safe.

Review Super BlockSuper Block Attributes

Contains information about each mounted file system.The super-block is the first block of each ext2FS/ext3FS partition. It contains

important data about the file system, such as its size, free space, etc. (it is similar to the method used by FAT partitions). A partition with a damaged super-block cannot be mounted. Fortunately, ext2FS/ext3FS keeps several super-block backup copies scattered over the partition.

Most of the information stored in the super-block is considered static. Static information can be critical in recovering data.

Types of information found in a super-block Device identifier, inode pointers, block size, file system type and pointer.

Inode contains information about a file. The name and the inode number are stored in the directory.

Data block are used to store the data in the file. There is a limited amount of space in an inode for pointers.

Number of mounted file systemsThe Linux 2.0 kernel keeps a static array of such structures to store up to 64 mounted file systems. A file system must be mounted before it is usable.

Review Directory Tree

Review Directory Definitions Directory Structure

Unix arranges files and directories in an inverted tree topology.

/proc directory contains a hierarchy of special files which represent the current state of the kernel.

/bin directory contains shells (bash and csh), vi editor, and commands.

/etc directory contains system related configuration files.

/mnt directory is intended to be used as the temporary mount points for mounting storage devices.drwxr-xr-x 6 root root 1024 Dec 29 2005 mnt

/opt directory is where new or untested software is stored.

/dev directory is where device files are located that access hardware.

/ directory contains several main directories.

/root directory is reserved for the super-user. drwxr-x--- 4 root root 1024 Nov 16 22:35 root

Review Filesystem Structure

Super Block File Manager

ext3 File System

Linux Virtual File SystemKernel

Review FilesystemsLinux virtual File System

The purpose of a VFS is to allow client applications to access different types of file systems in a uniform way.

Manages kernel file abstractions in one format for all file systems.

Receives system call requests from user level (e.g. write, open, stat, link).

Interacts with a specific file system based mount point traversal

Receives requests from other parts of the kernel, mostly from memory management.

File ManagerIs a program that provides a user interface to work with file

system. They are very useful for speeding up interaction with files. The most common operations on files are create, open, edit, print, rename,

move, and copy.

Review LDAP

Define LDAP (Lightweight Directory Access Protocol ):

A set of protocols for accessing information directories. LDAP is considered the simplified version of the X-500 standard. Unlike

the X-500 standard, LDAP supports TCP/IP for Internet access.

LDAP Characteristics:

• Relatively Static Data -- The data is rarely modified. How often do you change your telephone number?

• Extremely Fast Read Operations - The directory is tuned for high read performance because the data in the directory is frequently read but rarely written or updated.

• Distributed - The data is located on a number of systems on the network for redundancy, performance, and scalability.

• Hierarchical -This ensures there is an authoritative source of the data in the directory system.

Week Thirteen Expected Outcomes

Upon successful completion of this module, the

student will be able to:

• Describe the structure and use of Web servers.

• Create and run CGI scripts. • Evaluate a current Web technology project.

Apache/CGIApache Web Server

Apache Web server is free and distributed as source files by the Apache Software Foundation.

Apache is generally recognized as the world's most popular Web server (HTTP server). Originally designed for Unix servers, the Apache Web server has been ported to Windows and other network operating systems. The name "Apache" derives from the word "patchy" that the Apache developers used to describe early versions of their software.

Describe the structure and use of Web servers. Early Web sites consisted of HTML pages that could only provide data that was written into the HTML page itself. This was sufficient for that time frame.

Currently, Web sites provide dynamic data into an HTML page with the use of CGI scripts.

CGI stands for Common Gateway Interface. It is a mechanism for a Web server to be able to interact with an external program. These external programs are CGI scripts.

Apache/CGIDescribe the structure and use of Web servers.

CGI scripts can be written in any programming languages. Perl is the common choice because of its feature richness.

The web is composed of clients and servers. CGI is used on the server to provide additional services and functionality to the client.

http://search.cpan.org/~jhi/perl-5.8.0/lib/CGI.pm

http://stein.cshl.org/~lstein/talks/marjorie/

Apache/CGIThe Apache HTTP server must be instructed to locate the CGI scripts.

Two more pieces of information are needed.A program in that directory to be used as a CGI script.A link in an HTML page to your CGI scrip

The CGI script itself simply produces output to stdout. The HTTP server captures that output and sends it to the Web browser. The format of the output must be in a form that the Web browser can understand (HTML).

The CGI script creates the HTML page every time it is run.

The data provided to the HTML page can change with each execution of the script.

Link to CGI script example: http://cs.franklin.edu/~varneyg/cgi-bin/myScript.cgi

Logic script: http://cs.franklin.edu/~varneyg/itec400/LogicScripts/lab_14-1.txt

Can test from a Web browser on the same machine by using the host name “localhost.” http://localhost will try to find a Web server on the same machine as the Web browser.

CGI Logic Scriptxxx CGI ":standard";

$uptime = `xxxxxx`;

$servertime = `xxxx`;

print header,

xxxxx_html("sysInfo"),

h1({-align=>xxxxx},"System Information"),

p,

start_form,

radio_group(-name => 'system',

-values => ['Up time','Server time'],

-default => 'Up time'),

p,

submit,

end_form,

hr;

$system=xxxxx("system");

if($system xx "Server time")

{

print $servertime;

}

else

{

print $uptime;

}

print hr;

xxx_html;

Upcoming deadlines

• Programming Assignment 2, 12-1 is due April 1. The second option can be written in any programming language that will display the requested information. (First option is questions about filesystems)

• Archives Exercise, 12-2 is due April 1.• Public Domain/Open Source Paper, 13-1 is due April 8

(presented during the Franklin live session on April 2).Don’t forget to submit your paper to turnitin.com

• Programming Assignment 3, 14-1 is due April 14.

• Final Exam, 15-1 will be administered April 9-14

• Final Exam Outline is posted at http://cs.franklin.edu/~varneyg/itec400/StudyGuides/Final_Exam_Outline.doc

Questions and Answers

• Questions

• Comments

• Concerns

• I will be available after this Franklin Live session to discuss any problems and/or concerns regarding lab assignments.