COURSERA
WEEK 1
WINDOWS POWERSHELL
root directory of C C:\
Windows subdirs are separated by backslashes (\);
ls –Force -Filter [directory] to show hidden files
cp [file name] [path where to] -Recurse -Verbose
copy a file to some directory (recourse for copying files
if we copy the directory)
mv [{path}existing_doc] [{path}desired_doc]
rename files into specific dirs.
rm [{path}file] –Force –Recurse removes a file
cat [filename] -Head -Tail show all content; -head =
first 10 lines; -Tail = last 10 lines
more [filename] one page for a file
start notepad++ [filename]
NOTEPAD++ editor
Select (sls) [string] [filename]
Echo [string] > [filename] enter a string into a file
Echo [string] >> [filename] append a string, not a
rerwirte
Cat [filename] | select-string [string] > [new file
name] see a list of words with a given string and
append them into a new file
Rm [file] 2> [filename] redirect standard error output
1> = standard output
2> = standard error
$null – nowhere
LINUX BASH
Linux uses fowrard slashes (/) for subdirs
cp [file name] [path where to] –r copy, -r = recurse
mv [{path}existing_doc] [{path}desired_doc] rename
files into specific dirs
rm –r [{path}file] removes a file
cat [filename] show contents of a file
head/tail [filename] 10 start/end lines
less [filename] g start G end /[word_search] q quit from
less
NANO editor
Nano [filename]
Grep [string] [filename]
COURSERA
WEEK 2
WINDOWS POWERHSELL
Get-LocalUser shows you a list of local users
Get-LocalGroup list groups of a local machine
Get-LocalGroupMember %groupname% see members
of a local group
net user %name% ‘%password%’ changing a password
Or type a * and it will encrypt
net user %name /logonpasswordchng:yes change a
password by the user on a next log in session
new -LocalUser (check reading)
Net user %name% * /add /logonpasswordchng:yes add
a local user
net user %name% /del
remove-LocalUser %name%
icacls %directory% see ACLs for a file
powershell icacls ‘%dir%’ /grant ‘Everyone:(OI)(CI)(R)’
cmd icacls “%dir%” /grant ‘Everyone:(OI)(CI)(R)
options for grant: ‘Authenticated Users:(OI)(CI)(R)
icacls %dir% view special permissions for a file
WD – Create&Write; AD – Create&Append; S – synchronize
CREATOR OWNER – an owner of a file has full control of a
file
LINUX BASH
Sudo (superuserdo) run as an admin
Sudo su - change an account
Cat /etc/group see the list of groups
Sudo (groupname) :X (password, x – encrypted and stored
somewhere else) : 27 (groupID) : cindy (List of users in the
group)
Cat /etc/passwd see the users
Root (username): X (password) :0:0: (userID uid)
Passwd %user% you need then to type your current
password and enter a new one 2 times
Sudo passwd -e %user% forces to change a password
next time the user logs in
Sudo useradd %name% add a user
Sudo userdel %name% delete a user
Changing permissions: u (owner), g (group), o (other users) /
+ or – to add or remove permisions
NUMERICAL EQUIVALENTS: 4 = r, 2 = w, 1 = x, s (set
UID) = 4 PREPEND BEFORE OTHERS
Chmod u+x %file% add a permission to an owner for a
file // e.g.: chmod u-x %file% (take the permission away)
Chmod ugo+rx %file% combining permissions
Chmod 754 %file% 7 (rwx) = user U, 5 (rx) = Group, O
= 4 (r)
Sudo chown %user% %file% changes the owner of a
file
Sudo chgrp %groupname% %file% changes the group
owner of a file
Sticky bit = everyone can change, only owner/root delete
(t=1)
COURSERA
WEEK 3
WINDOWS POWERHSELL
.msi = Microsoft install package file
%dir% name.exe running an executable file
Compress-Archive -Path %dir% %newdir\name.zip%
Find-Package sysinternals -IncludeDependencies
Register-PackageSource -name chocolatey –ProviderName
Chocolatey -Location http://chocolatey.org/api/v2
Get-Package -Name sysinternals download a package
Uninstall-Package -Name sysinternals delete a package
Use process monitoring program to see what changes an
installation makes
Orca helps to edit, build and explore packages
Driver helps OS to interact with a hardware
Devmgmt.msi – device management app
LINUX BASH
Dpkg -i (install flag) -r (remove) -l (list) %filename%.deb
install a Debian executable
Example: dpkg -l | grep atom (find only “atom” file in all the
output stream)
7z e (extract) %name.zip% extract files from an archive
Sudo apt install %gimp% download a package
Sudo apt remove %gimp% delete a package
Cat /ect/apt/sources.list see the dependencies & repos
PPA – personal package archive is a software repository for
uploading source packages to be built and published as An
APT (advanced packaging tool) repo by Launchpad
Sudo apt update sudo apt upgrade
When a device is connected, it creates a device file In a /dev
dir
D-dir
B-block device
C-character devise
Sdb-mass storage devises (disks)
Kernel module – extends the kernel functionality without
reprogramming it
Uname -r system info
Sudo Apt full-upgrade (NEED APT UPDATE BEFORE
THIS)
COURSERA
WEEK 4
WINDOWS POWERHSELL
A filesystem is used to keep track of files and storage on a
disk
NTFS – windows default file system (and linux RW)
FAT23 – windows, Linux, Mac OS (filesystem)
Max file size in FAT32 – 4GB, 32GB max file system size
A partition – a manageable part of a disk
A partition table shows the OS how the disk is partitioned
MBR master boot record (default for win, 2TB max disk
size, uses primary partitions only 4 (extended partitions
logical partition)
GPT GUID partition table (unlimited partitions, more than
2TB max disk size, single-type partitions)
UEFI guid partition table
Disc management utility THIS PC MANAGE
Allocation unit size the default chunk size for partitioning
Discpart cmd-based tool for partitioning
Discpart opens a new cmd list disk
Select disk %name% Clean Create partition
primary Select %partition 1% Active
Format FS-NTFS label-%name% quick
Mount/unmount make accessible
Pagefile.sys where the pages of a memory are stored
Meta-data: info ABOUT a file
Master File table (MFT) 1to1 correspondence between
files and mft entries
Shortcut reference to a destination
Symbolic links shortcuts for a filesystem; the OS treats
them as a substitute to a file
LINUX BASH
EXT4 – ubuntu default file system (wouldn’t be accepted by
windows)
Sudo parted -l lists all the disks available to the PC
Sudo parted %/dev/sdb% choosing a disk
Print to see more details
Mklabel gpt make a label
Mkpart primary ext4 1MiB 5GiB partitioning the disk
Quit from the prev, sudo mkfs -t update /dev/sdb1
Sudo mount /dev/sdb1 /my_usb/ mounting a partition
Sudo umount /deb/sdb1 OR umount /my_usb/
unmounting
Cat etc/fstab displays all the mounting info (if we want to
mount our disks permanently, we need to make an entry here,
since all the mounts disappear on a reboot)
Sudo blkid shows uuid for storage devices
Mkpart primary linux-swap 5GiB 100% 100% the rest
of a memory
Quit sudo mkswap %/dev/sdb2%
Sudo swapon/dev/sdb2 mounting
Softlinks point to another file in a memory
Hardlinks point to an inode in an inode table
Ln -s %file% %linkname% create a link; -s for a soft
link, by default it’s a hardlink
Du -h disk usage of a directory (-h in human form)
Df -h disk free (how much memory is available)
Sudo fsck /dev/sda/ autorepairing the files
Mklink /H %filename% make a link. Symbolic by
default with /H it’s a hard link
Trim reclaim unused pages, defragmentation
Data buffer moves the data from usb to a hard drive (e.g.)
Data corruption not finishing moving the files (e.g.).
Journaling and self-healing in NTFS helps with what to do
Fsutil repair query %drive% repairing the drive
Chkdsk /F %D:% checking a disk for failures (/F = fix)
WEEK 5
WINDOWS POWERHSELL
Daemon processes = background processes
The first non-system process to start is smss.exe (Session
Manager SubSystem) it’s responsible to start up the logging
winlogon.exe Client/Server Runtime SubSystem
(csrss.exe) (GUI & CLI)
Child processes can be independent from their parents
Process ID = PID (taskkill /pid 5856)
Task manager = taskmgr.exe (ctrl shift esc)
Get-process get overview of the processes
Signal a way to tell a process that something’s just
happened
Sigint ctrl+C signal interrupt
Process explorer utility to look at running processes
Resource monitoring tool
Get-Process | Sort CPU descending Select First 3 Property
ID.ProcessName.CPU top 3 processes
Get-Process -Name "*pattern *" find a word containing
some pattern (word)
taskkill /F /PID [PROCESS ID] kill a process
Get-Process -Name "name" find a process with a name
LINUX BASH
Ps -x (pid – id; tty – terminal; stat – status: r-running, tstopped, s-interruptible sleep; uid – user id; ppid – parent
pid; c – number of children processes;)
Ps -ef f = full, e = all the processes even from other users
E.g., ps -ef | grep Chrome
Ls -l /proc everything is a file in Linux, so you can view
all the processes via this dir (e.g., cat /proc/18)
Sigint ctrl+C
Kill %pid% kill a process and clean resources
Kill -kill (sigkill) kill a process without cleaning
resources
Kill -tstp %pid% (sigtstop/terminal stop) process
suspension
Kill -cont %pid% (continue) process continuation
Top top processes that use most of the resources
Uptime the system info (current time, up time, how many
users are logged in, avg CPU load)
Lsof open files and engaged processes
COURSERA
WEEK 6
WINDOWS POWERHSELL
Secure shell = ssh (port 22)
PuTTY program
Private and public keys
VPN = virtual private network
Putty.exe –ssh name@ip %port% connect as a name to
an ip through ssh port
Remote Desktop Protocol RDP
Mstsc.exe Microsoft Terminal Services Client (creates
RDP connections to remote connections)
Remote desktop connections RDP client
Scp = secure copy
Scp %dir file% name@ip %destination_dir%
Pscp.exe %dir file% name@ip %destination_dir%
Net share %File%=path /grant:everyone.full share a folder
Event viewer eventvwr.msc
To clone a drive:
1. Unmount the drive
2. Dd if=/dev/ssd of=%directory%.img bs=100M
LINUX BASH
openSSH program
/var/log is where the logs are stored
Kern.log kernel messages
Dmesg system startup messages
Auth.log authorization security messages
Syslog everything except off events
Log rotation logrotate utility
Centralized logging
(unix) Epoch time number of seconds since 1 January
1970 00:00
Log format time / host name / service / event
E.g. less /var/log/syslog | grep error
Tail -f /var/log/syslog
