Ubuntu OS Presentation PDF
Ubuntu OS Presentation PDF
Ubuntu OS Presentation PDF
Operating System
Introduction Security
History Hacking
Design Principles Networking
Process Management Robustness
Memory Management Interface
Process Communication Basic Commands
Deadlock Handling System Hardening
File System Summary
Introduction
Ubuntu 10.10
• Secure, Super-fast, and great-looking
• Open source, free, & widely distributed
• Suitable for server and desktop use.
• Includes > 1000 pieces of software
• Ubuntu One Personal Cloud
• Linux kernel version 2.6 w/ Gnome 2.16
Support for:
• Intel x86 (IBM-compatible PC)
• AMD64 (Hammer)
• PowerPC (iBook, Powerbook, G4, G5)
http://www.ubuntu.com/desktop/features
History
• 1991, Linus Torvalds (a Finnish student) writes a open
source small, self-contained kernel (Linux) for the 80386
processor.
• Version 0.01 - no network support, basic VM
subsystem, support for Minix fs and limited device-driver
support. [1]
• 1994, Version 1.0 - networking (TCP/IP protocols, new
file system, SCSI, floppy disks, CD-ROM devices, sound
cards, mice, keyboards, floating point emulation, UNIX-
style IPC and extended VM subsystem. [1]
• 1996, Version 2.0 - PCI support, 80386 CPU virtual
8086 mode , memory management improvements, ISDN,
internal kernel threading, automatic module loading and
multiprocessor support. [1]
• 1999, Version 2.2 - firewalling, routing and traffic
management, improved symmetric multiprocessor (SMP)
performance and (Acorn, Apple, and NT) disk support. [1]
http://en.wikipedia.org/wiki/Linux_kernel
History
Ubuntu - Debian GNU/Linux distribution.
• Originally released under name “no-name-yet.com.”
• Ubuntu - African word that means “humaneness.”
• 2004, 1st publicly released version 4.10
http://en.wikipedia.org/wiki/List_of_Ubuntu_releases
Variants include :
• Edubuntu (designed for school environments)
• Kubuntu (Uses KDE GUI environment)
• Mythbuntu (Home Theater TVs)
• Ubuntu Studio (Professional AV editing software)
• Xubuntu (uses XFCE desktop environment)
• 2010, Latest version 10.10 Maverick Meerkat:
• Linux Kernel version 2.6.35
Software:
• OpenOffice, Firefox, Empathy IM, Transmission (BT
client), Gimp, games, and more.
• Desktop version supports Intel x86 and AMD64 .
http://www.ubuntu.com/desktop/why-use-ubuntu
History
Pipes - Unnamed pipes set up by the shell normally with the "|" character to route
output from one program to the input of another.
FIFOS - Named pipes operating on the basis of first data in, first data out.
Message queues - Message queues are a mechanism set up to allow one or more
processes to write messages that can be read by one or more other processes.
Semaphores - Counters that are used to control access to shared resources. These
counters are used as a locking mechanism to prevent more than one process from
using the resource at a time.
In essence the threads are all waiting for each other, but they will never make any
progress toward releasing the resources that they already hold.
Linux requires the use of semaphores (sleeping locks), spin locks (a lock that can be held
by at most one thread of execution), and the Big Kernel Lock (BKL) to attempt deadlock
prevention.
Deadlock Handling
Linux kernel version 2.6 used by Ubuntu 10.10 introduces:
• Whenever the in question data is written to, a lock is obtained and a sequence
number is incremented.
• Prior to and after reading the data, the sequence number is read. If the values are
the same, then a write did not begin in the middle of the read.
File System
Linux 2.6 retains UNIX’s standard file-system module.
• Allows Linux files to be anything capable of handling the input or output of a
stream of data.
• Device drivers, interprocess communication channels and network connections
all look like files on Linux.
• The Linux kernel hides the implementation details of any single file type behind a
layer of software called the virtual file system (VFS). [1]
Ext4 is currently the default choice of Ubuntu 10.10 and performs much better than ext2,
ext3, and XFS. A new file system btrfs is also supported in Ubuntu version 10.10 but is not
yet stable [9]
Ext4 (forth extended file system) - journaling (keeps track of changes in a journal before
changing in main file) Linux file system that became stable in 2008.
Ext4 :
• Supports volumes up to 1 Exabyte (1018) and files with sizes up to 16 terabytes
(16x1012). Uses extents (range of contiguous physical blocks) to replace the traditional
block mapping used by ext2/3, performs pre-allocation of on-disk space, delayed
allocation (using an allocate-on-flush technique), breaks the ext3 32,000 subdirectory
limit (now 64,000), performs journal check-summing (improved reliability), faster file
system checking, multi-block allocation, and improved timestamps.
File System
Security
The Linux security module is closely tied to UNIX security mechanisms.
Security concerns can be classified into two groups:
Authentication (Ensuring that only authorized individuals have access to files that they
are authorized.)
Access control (mechanism for validating whether a user has the right to access a
particular object and preventing unauthorized access as necessary). [1]
Historically Linux suffered from the same security vulnerabilities (such as eight character
passwords) as UNIX. However, a newer security mechanism known as the Pluggable
authentication Module (PAM) system based on shared libraries is now available to Linux
users. [1]
Security
Every object in a UNIX system under user and group access control has a single UID and
GID associated with it. User processes have a single UID but may have more than one
GID.
Linux performs access control by assigning objects a protection mask that specifies which
access modes (read, write, or execute) can be granted to the user. The only exception is
the root UID which is granted automatic access to any object in the system.
Linux allows use of the setuid command to run programs with different user privledges
(for example lpr has access to the print queue even if the user does not).
This can be useful but can also pose security concerns for the operating system.
Hacking
Brute-force (password guessing) attacks are the most common form of attack on any
operating system. In Linux, the most common types of services that can be brute-force
attacked are: [4]
• Telnet
• File Transfer Protocol (FTP)
• The “r” commands (rlogin, rsh, and so on)
• Secure Shell (ssh)
• SNMP community names
• Post Office Protocol (POP) and Internet Message Access Protocol (IMAP)
• Hypertext Transport Protocol (HTTP/HTTPS)
• Concurrent Version System (CVS) and Subversion (SVN)
Hacking
Hydra is one of the most popular and versatile brute force utilities available. However
pop.c and SNMPbrute are also popular and can be downloaded at the following
locations: [4]
superman# grub
grub> md5crypt
Password: ********
Encrypted: $1$2FXKzQ0$I6k7iy22wB27CrkzdVPe70
grub> quit
Now copy the encrypted output and add the password to your grub.conf configuration
file. You can also add the --md5 option prior to the password in grub.conf to ensure
interaction with GRUB can only occur when you type p and enter the required password.
System Hardening
Most Linux systems use two boot loaders, the Linux Loader (LILO) or Grand Unified Boot
Loader (GRUB). Ubuntu uses GRUB. The boot loader controls your boot image and
determines what kernel is booted when the system is started or rebooted. [3]
Both boot loaders are insecure if a hacker has physical system access and
Turnbull recommends that users only keep the current and previous versions of the
kernel.
Both boot loaders can easily be secured with passwords. To accomplish this
Ubuntu’s GRUB do the following: *3+
superman# grub
grub> md5crypt
Password: ********
Encrypted: $1$2FXKzQ0$I6k7iy22wB27CrkzdVPe70
grub> quit
Now copy the encrypted output and add the password to your grub.conf configuration
file. You can also add the --md5 option prior to the password in grub.conf to ensure
interaction with GRUB can only occur when you type p and enter the required password.
System Hardening
There are also several services that may start at boot, of which many can pose as security
risks. Turnbull [3] recommends disabling the following:
anacron, apmd, atd, autofs, cups, gpm, irda (unless used), isdn (unless used), kudzu, lpd,
netfs, nfs, nfslock, pcmcia, portmap, rawdevices, rhnsd, snmpd, snmtptrap,winbind, xfs,
ypbind.
1. Silberschatz A., Galvin P., Gagne G. (2009). Operating System Concepts (pp. 801-843). 8th edition. Hoboken, NJ. John Wiley & Sons.
2. Michael S., (2001). The Linux Codebook: Tips and Techniques for Everyday Use. San Francisco. No Starch Press, Inc.
3. Turnbull J., (2005). Hardening Linux. New York, NY. Springer-Verlag New York, Inc.
4. McClure S., Scambray J., Kurtz G., (2009). Hacking Exposed 6: Network Security Secrets & Solutions (pp. 223-315). New York, NY. McGraw
Hill.
5. Saur K., Grizzard J., Locating x86 Paging Structures In Memory Images. “Digital Investigation” Volume 7 (2010): pages 29-30. SciDirect
6. Lien Y., 4: Operating Systems. Academic Press (2005): pages 355-366. SciDirect Database. Accessed 8 Dec 2010.
7. Narayan S., Shang P., Fan N., Performance Evaluation of IPv4 and IPv6 on Windows Vista and Linux Ubuntu. (2009) International Conference
on Networks Security, Wireless Communications and Trusted Computing. IEEE Database. Accessed 9 Dec 2010.
8. Ju X., Zou H., Operating System Robustness Forcast and Selection. 19th International Symposium on Software Reliability Engineering. IEEE
9. Tozzi C., 2010, Ubuntu 10.10’s New File System. The Var Guy Retrieved 10 Dec 2010 from the website:
http://www.thevarguy.com/2010/08/02/ubuntu-10-10s-new-file-system-btrfs/