CH 22 1. Sharing, remote storage, reduce the work load of administrator. 2. # mount bravo:/home /bravo. Home # mount 192.168.1.1:/home /bravo.home # umount /home 3. The showmount command can be used to display a list of directory hierarchies that a server is exporting. 4. $ mount | grep nfs 5. It contains information about major file systems in the system. And it is located in the /etc directory. 6. /opt *.example.com(ro,sync) 7. NFS attribute caching can cause inconsistencies when large numbers of client nodes are asked to access files that have been updated recently and the attribute caching data on the client has not expired. Disabling attribute caching eliminates the problem but may degrade performance for frequent file operations requiring file attribute data. 8. The root_squash option maps root to nfsnobody; all_squash maps all users to nfsnobody. 9. The option requires that the requests originate on an internet port less than 1024. 10. Because it has no disk space, a diskless workstation has no swap space. The only choice is to use NFS. If it did not use NFS for swap space, the workstation would be limited by the amount of its physical memory. 11. Because it resides on the lan and file data and user id values appear unencrypted. 12. The nosuid option forces setuid executable in the mounted directory hierarchy to run with regular permissions on the local system.
CH 23 1. smdb, nmbd 2. Set the username map parameter in smb.conf to point to the map file, frequently /etc/samba/smbusers, and assign a samba password to the user. 3. Only_from = 192.168.1.0/8 4. The [homes] share implicitly shares the home directory of each user without having to define specific shares. 5. NFS directory hierarchies are mounted by root and NFS maps users on the client to users on the server. 6. Routers don not usually allow broadcast packets to propagate between subnets. Browsing, which uses broadcasts, is blocked by a router. Configuring the router to forward broadcast packets between subnets would allow browsing across subnets. 7. If a firewall is running on the local system and you want to access swat from a remote system open TCP port 901. 8. Configure a Samba sever to act as a WINS server, enable DNS proxy mode, keep the centralized list in DNS, and configure each of the client machines to use WINS.
CH 11 1. When a system is in single-user mode, you can log in only at the console. Not all of the file system is mounted, and many daemons are not running. With the system in multiuser mode you can login at any terminal or workstation that is set up for login, most or all of the file systems are mounted, and all of the daemons that your system is set up to run are running. 2. a. /etc/motd file and /or email b. Use wall c. Use write or talk d. use the motd file and /or email. 3. SU stand for Switch User. 4. You can create a setuid program that belongs to a group that only the user who is to execute it belongs to and that has no permissions for the other users. 5. kill 1648 killall kmail 6. Selinux=disabled then reboot the system. 7. Make the password long enough to where there are many characters for the intruder to guess, use special characters and numbers throughout your password. 8. It is a list to identify processes using files or sockets.
It is long because it shows all of the PIDs of all of the processes by this user.
As a super user, it lists all of the processes acessed by all users.
It is different because the command was ran with “privilages” 9. You can find the absolute path, mv the file to a new file. 10. The lesspipe.sh script is a preprocessor for less. Search for LESSOPEN in the less man page to obtain more information on less preprocessors and postprocessors. This preprocessor allows you to view archived directories and compressed files on the fly, without creating intermediate files. For example, once you have set the LESSOPEN variable, you can view a compressed file with the command less memo.gz or an archived directory with the command less myold.tar. The lesspipe.sh script works with tar, tar and gzip, tar and bzip2, gzip, bzip2, zip, and cpio files. It also displays the change log when you ask less to display an rpm file. 11. Because setuid user id operates with root privilages on the OS. 12. passwd: files nis 13. Because the purpose of a chroot jail is to limit access to users and if a user can gain root privilages, then he can circumvent the value of the chroot jail.