Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science

File - Brittany's E

advertisement 
Lab #3 Unix basic and Secure Programming
Due to Wednesday (2:00pm 10/17/2012)
Last Name _McDonald_ First Name__Brittany____
Part I---Unix Basic
Goal: Be able to perform basic Unix operations for establishing directories and manipulating
files within user directories, and manipulate unix programming constructs such as redirection and
pipes. In addition, you need to know how to use netstat and its options
REFERENCES:
- Unix text/reference book, e.g., Unix in a Nutshell, O'Reilly
- SYSTEM_HELP link on course Assignments homepage.
- http://www.nbcs.rutgers.edu/~edseries/UNIXcmds.html
- http://techcruser.blogspot.com/2008/07/online-bash-shell-forwindows-users.html
----------------------------------INSTRUCTIONS: FIRST read the entire lab. You should do a dry run of the steps, then repeat
the steps with the session logging turned on for keeps! This is more than a "cookbook" lab, so pay
attention, and use a good Unix book or online documentation (% man) to learn more about each
command in this lab.
1. Turn on session logging (journaling) so that all interactions between you and the system are
written to a file (default name is "typescript"). The
Unix command: % script session_log_cisuserID.
For example I will use it as % script seesion_log_hchi
2. The netstat Command
netstat is a useful tool for checking your network configuration and activity. It is in fact a
collection of several tools lumped together. We discuss each of its functions in the following
sections.
(1). When you invoke netstat with the –r flag, it displays the kernel routing table in the way
we've been doing with route. The –n option makes netstat print addresses as dotted quad IP
numbers rather than the symbolic host and network names. This option is especially useful when
you want to avoid address lookups over the network (e.g., to a DNS or NIS server).
The second column of netstat 's output shows the gateway to which the routing entry points. If no
gateway is used, an asterisk is printed instead. The third column shows the “generality” of the
route, i.e., the network mask for this route. When given an IP address to find a suitable route for,
the kernel steps through each of the routing table entries, taking the bitwise AND of the address
and the genmask before comparing it to the target of the route.
# netstat –nr
(2) When invoked with the –i flag, netstat displays statistics for the network interfaces currently
configured. If the –a option is also given, it prints all intenr-nrnetstnerfaces present in the kernel,
not only those that have been configured currently. On vstout, the output from netstat will look
like this:
# netstat –i
(3) netstat supports a set of options to display active or passive sockets. The options –t, –u, –w,
and –x show active TCP, UDP, RAW, or Unix socket connections. If you provide the –a flag in
addition, sockets that are waiting for a connection (i.e., listening) are displayed as well. This
display will give you a list of all servers that are currently running on your system.
Invoking netstat -ta on vlager produces this output:
$ netstat –ta
3. Before you go to next page, please open another terminal and compile the following c++ codes:
#include<iostream.h>
main(){
int number = -1;exit
while (number <= 0)
{cout << "Error -- number must be positive" << endl;} }net
g++ ex1.cpp
./a.out
}
4. Use the following table and fill the second column from your cis account
Unix commands
Outputs from your account
Directories: like folders on a Macintosh, are used to group files together in a hierarchical structure.
mkdir dirname --- make a new directory
make a directory call CNT4406
cd dirname --- change directory.
Enter CNT4406
pwd --- tells you where you currently are.
mkdir CNT4406
Cd CNT4406
Pwd
douglass.cis.famu.edu:[/ugrad/bmcdonald/CNT4406]
Edit
Use an editor of your choice (pico) to create a file
named 'first' that contains the four lines:
pwd
ls -l
cat first
pwd
douglass.cis.famu.edu:[/ugrad/bmcdonald/CNT4406]
cp first FILE1
douglass.cis.famu.edu:[/ugrad/bmcdonald/CNT4406] ls
FILE1 first second third
cp FILE1 FILE2 Make a copy of FILE1 and call the
copy FILE2
Rename a file from old name FILE1
mv FILE1
to new name FILE2
FILE2
rm FILE
Remove or delete FILE
Copy first into three files: second, third and fourth
Delete fourth
You have just made 'first' a shell script. Execute it
now (just type in the command "% csh first" ), and
see what happens
csh first > first.output
list the output in first.output
total 8
-rw-r--r-- 1 bmcdonald Undergraduates 24 Oct 17
13:20 FILE1
-rw-r--r-- 1 bmcdonald Undergraduates 24 Oct 17
2012 first
-rw-r--r-- 1 bmcdonald Undergraduates 24 Oct 17
13:22 second
-rw-r--r-- 1 bmcdonald Undergraduates 24 Oct 17
13:22 third
pwd
ls -l
cat first
pwd
douglass.cis.famu.edu:[/ugrad/bmcdonald/CNT4406]
csh first>first.output
FILE1
first
first.output second
third
About your (electronic) self
whoami --- returns your username.
finger --of course you can finger yourself, too.
passwd --- lets you change your password
ps -u yourusername --- lists your processes.
douglass.cis.famu.edu:[/ugrad/bmcdonald/CNT4406]
whoami
bmcdonald
Login
Name
TTY
Idle When
Where
cdellor
???
pts/32
22 Wed 13:00
0.0.0.0
koknight
???
pts/51
Wed 13:02 fl67-235-245-156.dh
gredmond
???
pts/12
12 Wed 13:03
0.0.0.0
douglass.cis.famu.edu:[/ugrad/bmcdonald/CNT4406]
passwd
passwd: Changing password for bmcdonal
passwd: User unknown: bmcdonalkill
PID TTY TIME CMD
12179 pts/49 0:00 tcsh
11213 pts/10 0:00 tcsh
12309 pts/10 0:00 ps
kill PID --- kills (ends) the processes with the ID you
gave. This works only for your own processes, of
course.
quota -v --- show what your disk quota is (i.e. how
much space you have to store files),
du filename --- shows the disk usage of the files and
directories in filename (without argument the current
directory is used). du -s gives only a total.
last yourusername --- lists your last logins.
12303 pts/49 0:01 a.out
douglass.cis.famu.edu:[/ugrad/bmcdonald/CNT4406]
kill 12303
Disk quotas for bmcdonald (uid 1074746581):
Filesystem usage quota limit timeleft files
quota limit timeleft
2
first
bmcdonal pts/49
still logged in
bmcdonal pts/10
still logged in
bmcdonal pts/52
- 13:15 (00:17)
0.0.0.0
Wed Oct 17 13:36
0.0.0.0
Wed Oct 17 13:15
0.0.0.0
Wed Oct 17 12:57
About other people
who --- tells you who's logged on, and where they're
coming from
finger username --- gives you lots of information
about that user, e.g. when they last read their mail
and whether they're logged in.
last -1 username --- tells you when the user last
logged on and off and from where. Without any
options, last will give you a list of everyone's logins.
talk username --- lets you have a (typed)
conversation with another user
write username --- lets you exchange one-line
messages with another user
cdellor pts/33
Oct 17 13:32 (0.0.0.0)
koknight pts/51
Oct 17 13:02 (fl-67-235-245156.dhcp.embarqhsd.net)
gredmond pts/12
Oct 17 13:03 (0.0.0.0)
Login name: bmcdonald
Directory: /ugrad/bmcdonald
Shell: /bin/tcsh
On since Oct 17 13:36:56 on pts/49 from 0.0.0.0
4 minutes 3 seconds Idle Time
New mail received Fri Apr 20 14:17:16 2012;
unread since Fri Apr 13 12:26:02 2012
No Plan.
Login name: bmcdonald
Directory: /ugrad/bmcdonald
Shell: /bin/tcsh
On since Oct 17 13:15:32 on pts/10 from 0.0.0.0
bmcdonal pts/49
0.0.0.0
Wed Oct 17 13:36
still logged in
[Connection established]
m-----------------------------------------------------------------------------j
write hello
Other Commands
jobs --- lists your currently active jobs (those that you douglass.cis.famu.edu:[/ugrad/bmcdonald/CNT4406]
put in the background) and their job numbers. Useful
jobs
to determine which one you want to foreground if you douglass.cis.famu.edu:[/ugrad/bmcdonald/CNT4406]
have lots of them.
PID TTY TIME CMD
ps Lists all jobs (background and foreground)
12628 pts/29 0:00 tcsh
started during your login session
12663 pts/29 0:00 ps
history List all commands typed so far
Repeat the last command
!!
Repeat command n from the history list
!n
1 13:51 jobs
2 13:51 ls
3 13:51 pwd
4 13:51 ps
5 13:52 history
Part II _- Secure Programming
Secure Programming----Input Validation lab
In today’s lab we will be dealing with the topic of secure programming as it relates Input
validation. Input validation is the process by which the developer sanitizes each piece of
user input before it is processed by the backend server in order to avoid having malicious
code executed by the server.
Items needed to complete lab:
1. Computer with Internet Connection
2. Botskool free account : http://www.botskool.com/
3. Unix SSH
The code below can be compiled and ran one of two ways:
1. Unix SSH
 Logon to your cis Unix account using SSH
 Create a file for each program and be sure to save with .cpp extension
using pico
 To compile: g++ “filename.cpp” example : g++ file1.cpp

To run you type “./a.out”
2. Botskool online C++ compiler – Instructions below.
Below is a simple program that defines an array of size 10 and begins to write integers to
this array without any input validation. Below is the source code:
#include <iostream>
using namespace std;
int main(void)
{
int vals[10];
int x, y=20;
for (size_t i = 0; i < y; i++)
{
vals[i]= i;
}
while(y > 0)
{
y--;
cout<<"The value is: " << vals[y] << "\n";
}
cin>>x;
return 0;
}
1. Create a Botskool account for free so that you can compile and run the code
above. Link: http://www.botskool.com/
2. Once you have created your account, look under the online tools tab and you will
see the C/C++ compiler link.
3. Now that you are on the compiler page, copy and paste the code from above.
4. What happens when we try to insert 20 integers into an array of size 10?
The value is: 0
The value is: 0
The value is: 0
The value is: 0
The value is: -4195900
The value is: 1
The value is: 13
The value is: 12
The value is: 11
The value is: 10
The value is: 9
The value is: 8
The value is: 7
The value is: 6
The value is: 5
The value is: 4
The value is: 3
The value is: 2
The value is: 1
The value is: 0
The next step is to fix the input validation on this program so that the size can be
dynamically allocated at run time.
Below you can see the changes made to the source code;
#include <iostream>
using namespace std;
int main(void)
{
int vals[10];
int indx, stop;
int size;
cout<<"Enter the size of the array"<<"\n";
cin>>size;
for (size_t i=0; i < size; i++)
{
vals[i]= size - i;
cout<< vals[i] <<"\n";
}
cout<< "Which index item would you like to retrieve? \n";
cin>> indx;
while (indx <= size);
{
cout << “The index is out of range”;
}
Else {
cout<< "The value at position " << indx <<"\n";
cout<<"is: "<< vals[indx];
cin>>stop;
}
return 0;
}
Enter the new updated code into the botskool online compiler and run the source
code.
This time be sure to scroll down and select yes on the option that says “Do you
want to use input feature for your program?”
5. You can now specify the amount of items that you want to insert in the array;
however you can try to retrieve an item outside of the array bounds. How do you
go about fixing this?
6. Submit your lab to
Blackboard.com under menu Labs Lab #3
Related documents
timeline poster
timeline poster
Fetal Development Brochure Contents
Fetal Development Brochure Contents
Mock Exam for Test #1 - Gordon State College
Mock Exam for Test #1 - Gordon State College
Linear Measure
Linear Measure
MISSISSIPPI GULF COAST COMMUNITY COLLEGE
MISSISSIPPI GULF COAST COMMUNITY COLLEGE
Download
advertisement