The command that does this independently of the current folder: cat Using the grep command, find the shadow string in the result of the ls /etc/ command. ls /etc/ | grep "shadow" Which flag ignores case: -i Display all environment variables using the env command. env What is the content of the USER variable (use the grep command to filter only the specified variable)? USER=student If we write the variable’s name with printenv, we will only see the content of that variable, e.g. printenv USER. What is the content of the COMPUTER variable: printenv USER What is the PATH variable used for? The PATH variable in Linux is an essential environment variable that specifies a list of directories where executable programs are located. Its primary purposes are: - To allow users to run commands without specifying the full path to the executable file12. - To provide a search path for the system when looking for executable programs3. What is the content of the PATH variable (Unlike Windows, where we used the path command, on Linux OS, we will look for the content of the path variable using the env command)? Watch out for the CASE sensitivity of Linux OS! printenv PATH Which command will you use to run apache2 services? sudo systemctl start apache2 What command will you use to check the status of the service (whether it is running or not)? sudo systemctl status apache2 What command will you use to stop apache2 services? sudo systemctl stop apache2 How can we find the name corresponding to the IP address 1.1.1.1 with the dig tool? How about an IP address corresponding to www.hr? ; <<>> DiG 9.16.28 <<>> www.hr ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53167 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4000 ;; QUESTION SECTION: ;www.hr. IN A ;; ANSWER SECTION: www.hr. 86400 IN A 161.53.19.58 ;; Query time: 10 msec ;; SERVER: 10.0.0.10#53(10.0.0.10) ;; WHEN: Wed Mar 05 10:06:39 Central European Standard Time 2025 ;; MSG SIZE rcvd: 51 ; <<>> DiG 9.16.28 <<>> -x 1.1.1.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64433 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4000 ;; QUESTION SECTION: ;1.1.1.1.in-addr.arpa. IN PTR ;; ANSWER SECTION: 1.1.1.1.in-addr.arpa. 1313 IN PTR one.one.one.one. ;; Query time: 6 msec ;; SERVER: 10.0.0.10#53(10.0.0.10) ;; WHEN: Wed Mar 05 10:07:45 Central European Standard Time 2025 ;; MSG SIZE rcvd: 78 Create a user (enter your name instead of USERNAME). What command did you use? useradd [username] Use the cat command to display the contents of the /etc/passwd file to verify that you have successfully created a new user. What is the content of the last line in the /etc/passwd file: testing:x:1001:1001 ... Can you change the group membership for the user you created in the previous step (the user you assigned your name to)? How can you achieve this? For example, set the user with the same privileges as the root. HINT: passwd file, digits, 0 is the root group... sudo usermod -a -G 0 [username] What type of hash is used to store a password? (Write down the part of the line where the hash type is defined). SHA-512 What is the role of salt-ing (salting) passwords when creating a hashing? Salting in password hashing: Prevents rainbow table attacks Makes identical passwords have different hashes Increases password complexity Slows down brute-force and dictionary attacks Preserves password privacy across different sites Change the password for your username again, USE THE SAME PASSWORD AS PREVIOUSLY! Check that the salt value was changed (hash value too) – what is the hash value? (Check the slides to find which portion is the hash value) In the given password hash: text robert:$6$qnLY7dsW$EwK35OV7RTbydgqB3BKQ1oKL9zQaAeUnEj4ci4iAciwlhmGBiwAe5h4Fv3bYXkiV1W0T9zY0k67eKurnZEkSB1:17186:0:99999:7::: : $6$ indicates the use of the SHA-512 hashing algorithm. : qnLY7dsW is the randomly generated salt used to make the hash unique. : EwK35OV7RTbydgqB3BKQ1oKL9zQaAeUnEj4ci4iAciwlhmGBiwAe5h4Fv3bYXkiV1W0T9zY0k67eKurnZEkSB1 is the resulting hash after combining the password with the salt and applying SHA-512. : 17186: Last password change (days since epoch). 0: Minimum days before a password can be changed. 99999: Maximum days before a password must be changed. 7: Warning period (days before expiration). The salt here (qnLY7dsW) ensures that even if two users have the same password, their hashes will differ, enhancing security against precomputed attacks like rainbow tables.