======Part 2======

=====Entries=====
====Entry 5: March 9, 2012====

I just installed Fedora on a machine that i had worked on in the above experiment. Ubuntu was a large improvement over Win XP. It just still had some issues with speed and responsiveness. I notice many times it had a hard time keeping up with the visual aesthetics. It would also have to start and wait with many functions. I ran Fedora 16 live from a usb and I was very impressed. The machine ran smooth and without issues. I had used Kde in the past and found it to be a nicer GUI over the Gnome world. Performance was top notch until i started to test it against what i wanted it to do. I was used to the large developer base that comes from the Gnome world and I could tell right away that Fedora was missing a few bolts under the hood. The newest issue is with video. All of my video are ripped, stripped and converted to .avi files. Apparently one thing Fedora is not really happy with. I will be reviewing the repository and trying to make it work in an upcoming experiment.  

====Entry 6: March 16, 2012====
Linux put the space shuttle in orbit. I was doing some looking around and it seems the NASA is sweet on linux. Discovery runs all lunix controls and most of what they are using is self written code. Nice to know that we do not have to restart the servers when we have an issue while they are in orbit. lol. The newest thing is that NASA is using a linux based vendor Wind River to support the development their New Millennium Program Space Technology 8 (ST8) Dependable Multiprocessor.
====Entry 7: March 23, 2012====


I did a search on admin commands that unix has to offer and came across the "w" command. This command allows you to see a list of users and there log history etc. This one is fun when you are looking for someone or just want to see when someone last came to visit. 

Snippet form that help file

<cli>
Different options that are given are 
        -f    file
              Tells last to use a specific file instead of /var/log/wtmp.
       -num   This is a count telling last how many lines to show.
       -n num The same.
       -t YYYYMMDDHHMMSS
              Display  the  state of logins as of the specified time.  This is
              useful, e.g., to determine easily who was logged in at a partic-
              ular  time  --  specify  that  time  with -t and look for "still
              logged in".
       -R     Suppresses the display of the hostname field.
       -a     Display the hostname in the last column. Useful  in  combination
              with the next flag.
       -d     For non-local logins, Linux stores not only the host name of the
              remote host but its IP number as well.  This  option  translates
              the IP number back into a hostname.
       -F     Print full login and logout times and dates.
       -i     This  option is like -d in that it displays the IP number of the
              remote host, but it displays the IP number  in  numbers-and-dots
              notation.
       -o     Read  an  old-type  wtmp  file  (written by linux-libc5 applica-
              tions).
       -w     Display full user and domain names in the output.
       -x     Display the system shutdown entries and run level changes.
</cli>


<cli>

lab46:~$ w
 12:59:04 up 72 days, 20:19, 12 users,  load average: 0.00, 0.00, 0.00
USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU WHAT
mgough   pts/1    rrcs-69-193-122- 17Jan12  1:09m 10:18  10:18  irssi
wedge    pts/8    telstar.lair.lan 09:13    2:23m  0.14s  0.14s -bash
jjohns43 pts/24   cpe-74-65-82-173 23Jan12 28:25m 11:08  11:08  irssi
thakes3  pts/32   :pts/8:S.0       16Mar12  1:17   2:02   2:02  irssi
thakes3  pts/41   172.16.198.143:S 21Mar12 45:39m  0.28s  0.04s nano notes.txt
thakes3  pts/48   172.16.198.143:S 21Mar12  1:17   1.84s  1.83s screen -r 6463.
thakes3  pts/68   172.16.198.143:S Mon10   14.00s  0.32s  0.32s /bin/bash
skinney1 pts/74   65-124-85-125.di 10:26    0.00s  0.10s  0.01s w
thakes3  pts/70   172.16.198.143:S Sun13   46:01m  0.09s  0.09s /bin/bash
thakes3  pts/85   172.16.198.143:S Wed10    2days  0.14s  0.00s /bin/bash
nsano    pts/73   grrasp:S.0       17Feb12 39:34   5:55   5:55  irssi
jjohns43 pts/82   cpe-74-65-82-173 27Feb12 28:25m  5.79s  5.78s screen -r
lab46:~$ w last skinney1
 12:59:14 up 72 days, 20:19, 12 users,  load average: 0.00, 0.00, 0.00
USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU WHAT
lab46:~$
</cli>
====Entry 8: March Day, 2012====
This is a sample format for a dated entry. Please substitute the actual date for "Month Day, Year", and duplicate the level 4 heading to make additional entries.

As an aid, feel free to use the following questions to help you generate content for your entries:

  * What action or concept of significance, as related to the course, did you experience on this date?
  * Why was this significant?
  * What concepts are you dealing with that may not make perfect sense?
  * What challenges are you facing with respect to the course?

Remember that 4 is just the minimum number of entries. Feel free to have more.

=====Keywords=====

{{page>cprogpart2&nofooter}}

{{page>unixpart2&nofooter}}

=====Experiments=====
====Experiment 4====

===Question===

Can I change the colors of different aspect of the shell from the command line?

===Resources===

http://www.cyberciti.biz/faq/bash-shell-change-the-color-of-my-shell-prompt-under-linux-or-unix/
http://serverfault.com/questions/130436/how-can-i-automatically-change-terminal-colors-when-i-ssh-a-server
http://unix.stackexchange.com/questions/148/colorizing-your-terminal-and-shell-environment

===Hypothesis===

There are many times in a session that you are using a term for something and want it to stand out among your other sessions. What is the commands for changing its looks? My hypothesis is there has to be away to change these settings. 

===Experiment===
I will be doing the needed research and documenting what i find. 

===Data===

The main issue is that I am using a shh client. I cannot change those setting from with a host terminal as the look and feel of the ssh client is not controlled by the unix server. So error in logic when i started this little project. I did find some ways to control the output to the term by server and have listed them here. 

First thing first, find you settings.
<cli>
echo $PS1
</cli> 

You should have gotten something like
<cli>
lab46:~$ echo $PS1
\h:\w\$
</cli>

The logic is basically 
  * \h = host name
  * \u = current username
  * \w = working directory
 
Changing you Bash Prompt color while using your log name. Simply change the '0;31m' to suit your needs. 
<cli>
export PS1="\e[0;31m[\u@\h \W]\$ \e[m "
</cli>

This window will not allow me to show the color example that I have; however, here is some more color codes.
  * Black 30
  * Blue 34
  * Green 32
  * Cyan 36
  * Purple 35



===Analysis===
Based on the data collected:

  * Was your hypothesis correct? I was way off from the start. 
  * Was your hypothesis not applicable? Correct, it was wrong. 


===Conclusions===
Noted in research section
====Experiment 5====

===Question===

How does one hide themselves? 

===Resources===

  * http://cwe.mitre.org
  * www.hackershandbook.org
  * www.allproxies.com
  * www.stayinvisible.com
  * www.proxymania.com
  * www.hidemyass.com
  * http://www.whatismyip.com/faq/unix-ip-commands.asp

===Hypothesis===

The use of proxies allow a user to easily hide their IP/MAC from connections they make over the internet. 

===Experiment===

not sure at this point....


===Data===

After reading and doing lots of research the folks at Anon/LOLSEC suggest the first step is your tractability to the physical machine. This is a little further then I want to slide into this subject. There are many ways to look at your own security. For one, paying cash for a machine and not leaving the ability to connect that machine's unique identifiers with your credit card number. From this point you take your new machine home and set up a triple virtual machine with each running a little IP and MAC change script that runs every hour. Never use this computer for anything normal... and never connect locally. The list of assignments goes on... but I am not interested in hacking the FBI. I will leave that to the script kiddies behind the masks and focus on just being hidden behind proxies. 

Proxies 

A proxy is like a man in the middle for the net. When you open a website your comp send your IP to the website. The site is then able to send the webpage to your comp. The proxy goes and gets that information and then sends in on to you. So the website never sees your IP but only that of the proxy. I have listed a few proxies in the research sections.  

What is my IP

Windows "ipconfig"

<cli>
C:\skinney>ipconfig

Windows IP Configuration

Ethernet adapter Wireless Network Connection:

        Media State . . . . . . . . . . . : Media disconnected

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . : work stuff
        IP Address. . . . . . . . . . . . : 00.00.000.00
        Subnet Mask . . . . . . . . . . . : 255.255.000.0
        Default Gateway . . . . . . . . . : 00.00.000.0
</cli>

"*"nix typically you can just call "ifconfig" and get there.. but we needed to rock out "/sbin/ifconfig"
<cli>
lab46:~$ ifconfig
-bash: ifconfig: command not found
lab46:~$ /sbin/ifconfig
eth0      Link encap:Ethernet  HWaddr 00:16:3e:5d:88:d8
          inet addr:12.82.2.32  Bcast:10.80.2.255  Mask:255.255.255.0
          inet6 addr: fe80::216:3eff:fe5d:88d8/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:49729834 errors:0 dropped:0 overruns:0 frame:0
          TX packets:58369549 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:9291283443 (8.6 GiB)  TX bytes:30407298791 (28.3 GiB)
          Interrupt:18

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:384756 errors:0 dropped:0 overruns:0 frame:0
          TX packets:384756 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:51742675 (49.3 MiB)  TX bytes:51742675 (49.3 MiB)
</cli>

Setting up the browser to use the proxy

Look in the internet options sections. There should be a "connections" section. Once you find this in your flavor of browsing. you need to initialize using proxies. At this point you will need the IP of the proxy you wish you use and the port of their server. Enter this information and you are off and running with a one proxy connect. Keep in mind... this is one layer. When it comes to being hidden you need many layers and there is no such thing as invisible. 

Proxy Chaining

There is a simple method to chaining together many proxies in your browser. As noted earlier many layers is a good thing. What if you are using one proxy and lets say our court systems says... Proxy ABC i order you to give us a list of all IPs that wen through you to Mega Up Load. Guess you are in trouble... with the other millions of people. Now if you had a chain of proxies going... chances get slimmer that you will be in that list. 

Here is an example of what we are trying to accomplish

<cli>
[user]>>[proxy1]>>[proxy2]>>[proxy3]>>[website]
</cli>

So to do this you are going to use a linker.. "-.-"

http://www.proxy.magusnet.com/-.-proxy2 etc/-.-proxy3 etc/-.-http://www.google.com


===Analysis===
Based on the data collected:

  * Was your hypothesis correct? It was correct, there are many ways to go about being hidden. 
  * Is there more going on than you originally thought? There are many ways.. lol. The majority seem pretty strait forward.. and there are even pay for services that can do this service for you. 
  * What shortcomings might there be in your experiment? Not data driven

===Conclusions===

You are only as safe as you want to pretend you are. There is always new ways around preconceived notions on security. 
====Retest 2====
Perform the following steps:

===State Experiment===
Whose existing experiment are you going to retest? Provide the URL, note the author, and restate their question.

===Resources===
Evaluate their resources and commentary. Answer the following questions:

  * Do you feel the given resources are adequate in providing sufficient background information?
  * Are there additional resources you've found that you can add to the resources list?
  * Does the original experimenter appear to have obtained a necessary fundamental understanding of the concepts leading up to their stated experiment?
  * If you find a deviation in opinion, state why you think this might exist.

===Hypothesis===
State their experiment's hypothesis. Answer the following questions:

  * Do you feel their hypothesis is adequate in capturing the essence of what they're trying to discover?
  * What improvements could you make to their hypothesis, if any?

===Experiment===
Follow the steps given to recreate the original experiment. Answer the following questions:

  * Are the instructions correct in successfully achieving the results?
  * Is there room for improvement in the experiment instructions/description? What suggestions would you make?
  * Would you make any alterations to the structure of the experiment to yield better results? What, and why?

===Data===
Publish the data you have gained from your performing of the experiment here.

===Analysis===
Answer the following:

  * Does the data seem in-line with the published data from the original author?
  * Can you explain any deviations?
  * How about any sources of error?
  * Is the stated hypothesis adequate?

===Conclusions===
Answer the following:

  * What conclusions can you make based on performing the experiment?
  * Do you feel the experiment was adequate in obtaining a further understanding of a concept?
  * Does the original author appear to have gotten some value out of performing the experiment?
  * Any suggestions or observations that could improve this particular process (in general, or specifically you, or specifically for the original author).