Posted on

Learn Ethical Hacking Episode #3: Basic Terminology

 

If you find yourself needing assistance at any point throughout the tutorial series, feel free to enroll in The Complete Ethical Hacking Course Bundle for 1 on 1 help!

https://josephdelgadillo.com/ethical-hacking/

Below is a list of the courses included in the bundle:

The Complete Ethical Hacking Course for 2018!
http://bit.ly/2leW0j4
Certified Ethical Hacker Boot Camp for 2018!
http://bit.ly/2yKbler
The Complete Ethical Hacker Course: Beginner to Advanced!
http://bit.ly/2i3kirq
Build an Advanced Keylogger for Ethical Hacking!
http://bit.ly/2yMl3gI

Hello everybody and welcome to this tutorial. Today, I will be talking about some of the basic terms which you will need in order to follow along with this course.

So, first off, you have three main categories of people. There are White Hat hackers, Gray Hat hackers, and Black Hat hackers. Everything that we will be doing throughout this course will fall into the White Hat category. Those are people whose activities are within the confines of the law. There are people such as penetration testers, ethical hackers, people like you and me, and so on. Next, you have Gray Hat hackers whose activities are bordering between legal and illegal. It’s a bit of a shady area. In addition to that, you have the most known category which is Black Hat hackers. Usually, and unfortunately, every time somebody hears the term hacking it is associated with people from the Black Hat world. There are people who conduct all sorts of illegal activities, or conduct activities without any regard for the law. These activities include extracting information from certain servers, user credentials, credit card information, and take services down for some sort of financial gain.

Moving along, you have footprinting. The act of footprinting is essentially information gathering. You are conducting some sort of reconnaissance work. This can include figuring out the IP address of a server, figuring out which ports are open, and with that you can conclude which services are running. Footprinting doesn’t necessarily need to be confined to the digital world. The act of footprinting can also consist of visiting the physical property of your target. You just walk into the building where the target’s servers are located and have a look around. You can attempt to gather some information there on site. You can dig into their trash containers to look for confidential information. Also, people have been known to go into parking lots to see who the employees are, who works there, all sorts of things. So, this is just general information gathering in regards to your chosen target. It doesn’t need to be confined to the digital world.

Anyway, down below you have certain types of attacks: you have DoS and DDoS. Both are the same thing implemented in a different way. DoS stands for denial of service. These are usually referred to as childish attacks because they are relatively easy to implement. Then you have DDoS attacks which are on a much, much larger scale. In general, what happens here is that you perform a certain amount of requests, more requests than a server can handle, and then the server begins dropping connections. For example, an Apache web server, I believe by default, can handle up to 10,000 connections or so. If you can make more than 10,000 requests, anybody else making any sort of requests will not be able to access the website, because their connection will be dropped. The Apache server will say, OK, I have too many users, I have more users than I can handle, all the other connections will be dropped by default. Thereby, making the site inaccessible even though you haven’t broken into the server. You haven’t really broken through any firewalls, or stolen any passwords, or anything of a kind. But, when you’re DoS’ing something it’s just you. So, all the requests are coming from your own computer. Generally, this will only work if there is a flaw in the way in which requests are processed. However, that is why you have DDoS attacks. When you have multiple computers, multiple connections, and they are all making simultaneous requests to a certain server. This can be extremely difficult to fight off. You need to have a clever configuration of your firewall, and you need to have quite a good firewall as well. Usually, you need a physical firewall to prevent DDoS attacks, and by physical I mean a router firewall.

DDoS attacks are difficult to perform because it is difficult to make the necessary preparations. First of all, you need to go about infecting other devices which you will use, which you will enslave and use in order to perform this sort of an attack. This is the difficult part. The DDoS part is quite easy comparatively. For that, in order for you to infect other computers, you need two things. You need RATs, remote administration tools, and you need to be FUD, fully undetectable. So, it just means that they cannot be detected by anti viruses, or the more precise term would be that they are not labeled as something malicious by an antivirus program. Most of the time you don’t actually need to make your own applications fully undetectable. There are plenty of pen-testing companies out there, and not just pen-testing companies but other companies as well, who will pay very good sums of money if you can make their programs fully undetectable by antivirus programs. Remote administration tools usually go on a USB stick, are sent via an e-mail attachment, or attached to a zip file, and in such a way that they can infect other computers, other devices. These programs then enslave them, and then you can use all of those computers to conduct different sorts of activities. This is beneficial for the attacker because it anonymizes them to a very large extent.

Next we have rootkits. A rootkit is a tool which you install onto an operating system, and it is able to hide running processes from the system itself. So, when you, for example, start task manager in Windows, the purpose of a rootkit would be to hide the processes from the task manager. Basically, how it works is that the task manager requests information from the system, from the kernel, and then the kernel of the system responds, which is the core of the system where all the drivers and the key functionalities are. The kernel of the system then responds, hey, I have this, this, this, and this process running, here you go. What a rootkit would do is redirect those requests from the task manager to itself, and would say, I don’t have such processes running. So, very, very dangerous and potent combinations here that we will use later on as we progress through this tutorial. For the time being, I just wanted to provide you with a bit of an introduction to the course and give you an idea of what we shall be doing throughout some of the demonstrations.

Finally, we have phishing attacks. Phishing attacks are basically when you apply some sort of bait, somebody bites it, then you pull on it. Simple as that, right. The same way you go fishing? Well, not quite. Phishing attacks are when you get an email from someone and there’s a link in it, you click on it, and it throws you onto some website. It may look legitimate. It perhaps looks like a website that you are using, but it is not. You might pass in your credentials, and that can be a problem. This is generally avoided today. What happens these days is that the DNS servers get changed on your routers, and once that happens all the requests that you make on your web browser would get redirected. So, for example, if you type in facebook.com, you’re gonna get the domain with facebook.com from a private DNS server, god knows where, whose MX records have been altered, and they have been configured, for example, to redirect facebook.com to a certain IP address that does not belong to Facebook. So, you open up your Facebook, it looks exactly the same, there is no way to tell because in the upper left corner of the screen you have the domain name written, it’s www.facebook.com, and basically you provide login credentials. Once you do that, they’re gone, somebody has them. One of the ways to detect this would be to check whether the protocol is HTTPS, instead of HTTP. Usually, if these kind of attacks are conducted it’s not going to be HTTPS, as that is much harder to implement. But, if it is HTTPS there really wouldn’t be any legit way of figuring it out other than actually checking the keys, checking their certificates, and no one actually does that. Maybe not anyone, but 99% of users are not going bother to go about conducting such checks. Anyway, I know it sounds a bit complex, but, believe me, I will explain this in great detail. I will give you several demonstrations, and by the end of this course you will understand and know how to do this with great ease. It will not present a significant obstacle in your line of work. Now that we have approximately half of these out of our way, I will continue covering the terms in the follow-up tutorial. I hope to see you all there!

The remainder of the tutorial videos can be found in this YouTube playlist:

 

You can also enroll in the course and download the videos for offline viewing:

https://jtdigital.teachable.com/p/hacking-free/

Subscribe on YouTube – https://www.youtube.com/c/JosephDelgadillo?sub_confirmation=1

Follow on Steemit – https://steemit.com/@jo3potato

Posted on

Learn Ethical Hacking Episode #2: Course Prerequisites

 

If you find yourself needing assistance at any point throughout the tutorial series, feel free to enroll in The Complete Ethical Hacking Course Bundle for 1 on 1 help!

https://josephdelgadillo.com/ethical-hacking/

Below is a list of the courses included in the bundle:

The Complete Ethical Hacking Course for 2018!
http://bit.ly/2leW0j4
Certified Ethical Hacker Boot Camp for 2018!
http://bit.ly/2yKbler
The Complete Ethical Hacker Course: Beginner to Advanced!
http://bit.ly/2i3kirq
Build an Advanced Keylogger for Ethical Hacking!
http://bit.ly/2yMl3gI

Hello everybody and welcome to this tutorial. Today, I will be covering some of the required prerequisites if you wish to follow along with this course. One of the first things that you need to be familiarized with is your working environment. So, for myself, I have chosen to use two Linux distributions. One will be Fedora, which is the operating system I will be running on my host computer. I assume many of you following along will be using Windows, and this is perfectly fine for following along with this course. I will also install a virtual machine that will run Kali Linux. Kali is a Linux distribution which contains a great deal of pen-testing tools, so it’s very useful in that sense. In the following tutorials I will go into great detail covering the installation process, such as how to setup a virtual machine, how to install Kali Linux, etc.

Should you wish to exclusively use Windows, that is definitely not advisable for this kind of activity. Since I’m doing this in the environment that I own, it doesn’t really matter to me if I’m anonymous or not. But, in the real world, all the pen-testing that is done in the real world, you are always trying to anonymize yourself. You’re trying to be as invisible as possible, as often as possible. You do not want administrators figuring out where the attack is coming from. You want to wipe your trail. Windows is not very good for these sorts of things, so there your anonymity level will be very low. Most of the tools that we are going to be using are native to the Linux kernel. They were made for Linux. So, you may experience problems configuring these tools to work with Windows. You can still use Windows if you would like, because you’re not hiding from anyone, but since I’m recreating the real-life scenario, I will be using proxies, VPNs, etc. I would like the demonstrations to be as accurate as possible.

For all the Mac users out there, if you’re using Mac OSX, it doesn’t really matter which version. Many of the tools should work without any problems. The procedures are fairly similar. The command-line tools are the same. How you install them differs, but you will be able to run the same commands as me. So, there shouldn’t be any problems there. Your anonymity level with Mac OS should be relatively good. But, on Linux you have the greatest anonymity, and you are rather safe in that sense.

Moving on from your working environment, you will also require a working internet connection. Even though all of these exercises will work much better with an extremely fast internet connection, some of these attacks are actually conducted from public Wi-Fi, in real life anyway. I will set up a wireless access point in my office and load it so that it’s similar to the public Wi-Fi, which is very slow. Some of these attacks, as I said, they go over public Wi-Fi. And as we all know, and as we’ve all painfully learned, public Wi-Fi is not the fastest internet connection out there. You have a lot of people that are connected to the network, and there’s a lot of data going through. They are not the safest networks out there either. But, as I said, if you want to absolutely anonymize yourself, and that is what some people do. They go out and connect to a public Wi-Fi, or they go to a bar, or something of a kind, and conduct their attacks from there. Now, before they do that they need to figure out whether the bandwidth of that Wi-Fi can sustain their attack. So, they need to minimize, they need to downsize it, and that is how they become absolutely anonymous.

Finally, the last thing that you will absolutely need is a working wireless card. When I say working wireless card, most devices have them. Pretty much all laptops from 2008 were standardized with wireless cards. If you are using a desktop machine that doesn’t have a wireless card, you should acquire one to follow along with the exercises, but you don’t need to. However, you won’t be able to follow along with a large portion of this course. External USB wireless cards are pretty cheap. You should be able to acquire one for $10-15, so they’re not that expensive, and you can get them pretty much anywhere. Anyway, as I was saying, what I mean by a functional wireless network card is that it is recognized by your operating system. So, if you are using a Linux distro, like I am, you need to make sure this Linux distro, that the kernel of this Linux distro, actually has the necessary drivers for the wireless card that you will be using. If you’re using an Atheros card you should be fine. Most Linux kernels support a large number of Atheros devices, if not all of them, in terms of network cards. So, that should be fine. There were some problems with Broadcom, but as far as I’m informed that has been solved. So, no big deal there. If you’re uncertain how to check whether your wireless card functions under your Linux distro, just try connecting to Wi-Fi. If you can connect to a Wi-Fi access point, obviously it works. If you can’t, it doesn’t work. But, don’t jump to the conclusion that it doesn’t work. Try resetting it, turning it off and on, we will cover this in greater detail in the follow up tutorials where we actually go over the installation process.

Before we begin with the Kali Linux installation, I would like to cover some basic terminology that you will need in order to be able to follow along with this course. In any case, I bid you farewell, and I thank you for watching.

The remainder of the tutorial videos can be found in this YouTube playlist:

 

You can also enroll in the course and download the videos for offline viewing:

https://jtdigital.teachable.com/p/hacking-free/

Subscribe on YouTube – https://www.youtube.com/c/JosephDelgadillo?sub_confirmation=1

Follow on Steemit – https://steemit.com/@jo3potato

Posted on

Learn Ethical Hacking Episode #1: Introduction

 

If you find yourself needing assistance at any point throughout the tutorial series, feel free to enroll in The Complete Ethical Hacking Course Bundle for 1 on 1 help!

https://josephdelgadillo.com/ethical-hacking/

Below is a list of the courses included in the bundle:

The Complete Ethical Hacking Course for 2018!
http://bit.ly/2leW0j4
Certified Ethical Hacker Boot Camp for 2018!
http://bit.ly/2yKbler
The Complete Ethical Hacker Course: Beginner to Advanced!
http://bit.ly/2i3kirq
Build an Advanced Keylogger for Ethical Hacking!
http://bit.ly/2yMl3gI

Hello everybody and welcome to this introductory video! Today, I will be talking about ethical hacking, and I will also introduce you to the course itself.

You might have noticed that the term ethical hacking is composed out of two words: you have ethical, and you have hacking. Now hacking, the definition of hacking, is quite broad. The act of hacking consists of compromising any system, not just computer or digital systems. For example, lock picking is a form of hacking. The ethical side of it would be when you have permission to do it, when it’s within the constraints of the law.

Anyway, this course will focus on computer systems. We will cover how to penetrate networks, how to exploit systems, how to break into computers, how to compromise routers, etc. After you have finished the course, after you have absorbed all of the information in it, you will gain the ability to do some serious damage. Now, because of this, I wish to give a disclaimer. First off, I do not encourage any sort of illegal activity. Furthermore, I strongly advise against it. This tutorial is purely for education purposes.

The field of network security is growing rapidly, and many networks tend to be insecure. There are many opportunities for knowledgeable pen-testers, and I hope you find the tutorials useful!

The remainder of the tutorial videos can be found in this YouTube playlist:

 

You can also enroll in the course and download the videos for offline viewing:

https://jtdigital.teachable.com/p/hacking-free/

Subscribe on YouTube – https://www.youtube.com/c/JosephDelgadillo?sub_confirmation=1

Follow on Steemit – https://steemit.com/@jo3potato

Posted on

Enroll in the 14 Course Holiday Bundle!

Enroll now in our Black Friday/Cyber Monday Course Bundle for 2017! This bundle of Udemy courses includes all 14 technology courses listed on the website by Joseph DelgadilloNick Germaine, and Ermin Kreponic! Get 98% off some of the best-selling courses covering ethical hacking, Linux administration, programming languages, and development!

26 Course Forever Bundle!

Below is a list of every course included in the bundle:

The Complete Ethical Hacking Course: Beginner to Advanced!

Join 200,000+ students in the most popular ethical hacking course on Udemy! Learn penetration testing, web testing, and WiFi hacking using Kali Linux.

The Complete Ethical Hacking Course for 2016/2017!

This course is the successor to The Complete Ethical Hacking Course: Beginner to Advanced! Gain the knowledge hackers use to compromise systems and use it to protect your own.

Build an Advanced Keylogger Using C++ for Ethical Hacking!

Take this course to learn how to code a fully functional keylogger in C++ for use in Windows!

The Complete Python 3 Course: Beginner to Advanced!

Learn to code in Python with projects covering game & web development, web scraping, MongoDB, Django, PyQt, and data visualization!

The Complete Front-End Web Development Course!

Get started as a front-end web developer using HTML, CSS, JavaScript, jQuery, and Bootstrap. Use this course to launch your own career as a freelance web developer!

Learn and Understand C++

Take this course to learn C++ which you can use for ethical hacking, game development, and most software you use daily!

Learn Angular 2 from Beginner to Adavanced

Learn how to develop web applications using Angular 2!

The Complete Python 3 Course: Go from Beginner to Advanced!

Complete guide to learning how to program in Python. Go from a beginner to advanced level in Python with coding exercises!

A Beginner’s Guide to Linux System Administration!

Get started with Linux, app development, server configuration, networking, and move on to a career as a system administrator!

CentOS and Red Hat Linux to Certified System Administrator!

Learn the basics of CentOS, and Red Hat Linux. Prepare and pass the Red Hat Certified System Administrator (RHCSA) exam!

BASH Programming Course: Master the Linux Command Line!

Go from beginner to advanced with the Linux command line in this BASH programming course!

The Complete Wireshark Course: Go from Beginner to Advanced!

Learn to use Wireshark as a networking professional including troubleshooting, analysis, and protocol development!

Design and Build Your Own Personal Computer!

Learn everything required to build your first custom PC for work, home, or gaming!

Certified Ethical Hacker Boot Camp for 2017!

Gain the knowledge necessary for passing the CEH exam and move on to a career as professional pentester!

When you purchase this course bundle you will receive lifetime access to the classes, 1 on 1 assistance with the tutorials, and a certificate of completion through Udemy. Each course is fully subtitled in English.

Thank you for taking the time to read this and we hope to see you in the classes. Happy holidays!

26 Course Forever Bundle!

Posted on 23 Comments

(FREE) The Complete Red Hat Linux Course: Beginner to RHCSA!

For a limited time, enroll for FREE in one of our top rated Linux system administration courses!

https://www.jtdcourses.com/courses/red-hat-linux?coupon=ytfree

Get The Complete Linux Administration Course Bundle!
https://josephdelgadillo.com/product/linux-course-bundle/

Enroll now in our bestselling Linux courses!

A Beginner’s Guide to Linux System Administration!
https://www.jtdcourses.com/courses/linux

CentOS and Red Hat Linux to Certified System Administrator!
https://www.jtdcourses.com/courses/red-hat-linux

BASH Programming Course: Master the Linux Command Line!
https://www.jtdcourses.com/courses/bash-linux

The Complete Wireshark Course: Go From Beginner to Advanced!
https://www.jtdcourses.com/courses/wireshark

If you want to become a Red Hat Certified System Administrator, you will LOVE this course! Whether you have no experience with Red Hat Linux or any other type of Linux operating system, you can count on this course to get you started with the basics and show you what to do all the way into the advanced material. You get to see immediately why Linux is worth learning and using. Learn the basics of CentOS and Red Hat Linux! Prepare and pass the RedHat certified system administrator (RHCSA) exam!

https://josephdelgadillo.com/product/linux-course-bundle/

List of topics

  • Introduction
  • Why is Linux worth learning?
  • VirtualBox installation/setup
  • RedHat virtual machine setup
  • RedHat dual boot setup
  • Linux GUI essentials
  • File system navigation ls, cd, pwd
  • Finding files commands find, locate, upadtedb, man
  • File & folder ownership commands chown, chmod
  • Move, delete, and copy file commands mv, rm, cp
  • Commands grep, pipe, echo, cat
  • YUM package manager
  • RPM package manager
  • Redhat Certified System Administration Exam
  • Globbing (wildcards)
  • IORedirection
  • Linux file system
  • Links
  • Backups and compression
  • Automating tasks with cron
  • User properties and where they are stored in the system
  • Creating a user
  • Creating groups and assigning users to them
  • Intro to network interfaces
  • Network manager and configuration + troubleshooting tools
  • Installing and configuring SSH server pt.1
  • SSH passwordless and SCP (secure copying of files between hosts)
  • Partitioning and file systems
  • Partitioning a new disk
  • Formatting a partition using xfs file system
  • Mounting the partitions
  • Linux volume management (LVM)
  • LUKS
Posted on 47 Comments

(FREE) The Complete Ethical Hacking Course: Beginner to Advanced!

For a limited time, enroll for FREE in one of our top rated ethical hacking courses!

https://www.jtdcourses.com/courses/ethical-hacking-beginner-advanced?coupon=ytfree

Get the complete hacking bundle for only $19!
https://josephdelgadillo.com/product/hacking-bundle-2017/

Enroll in our best-selling ethical hacking courses!

Learn Ethical Hacking: Beginner to Advanced
https://www.jtdcourses.com/courses/ethical-hacking

Certified Ethical Hacker Boot Camp
https://www.jtdcourses.com/courses/certified-ethical-hacker

The Complete Python Hacking Course: Beginner to Advanced
https://www.jtdcourses.com/courses/python-hacking

Build an Advanced Keylogger for Ethical Hacking
https://www.jtdcourses.com/courses/keylogger

If you want to get started hacking you will LOVE The Complete Ethical Hacking Course: Beginner to Advanced! This complete course will take you from beginner to expert hacker. We will begin with the very basics showing you how to setup your environment, and move on to password cracking, WiFi hacking, Dos attacks, SQL injections, and much more! Enroll for free!

https://www.jtdcourses.com/courses/ethical-hacking-beginner-advanced?coupon=ytfree

Enroll in The Complete Hacking Course Bundle for 2017!
https://josephdelgadillo.com/product/hacking-bundle-2017/

  • Complete list of topics covered, time stamps available on YouTube!
  • Introduction to ethical hacking
  • Prerequisites for this course
  • Basic terminology: white hat, gray hat, black hat
  • Basic terminology: SQL injections, VPN, proxy, VPS, and keyloggers
  • VirtualBox installation
  • VirtualBox installation through the repositories
  • Creating a virtual environment
  • Installing VirtualBox on Windows
  • Kali Linux installation/setup
  • VirtualBox Guest Additions installation
  • Linux terminal basics
  • Linux command line interface basics
  • Tor browser setup
  • Proxychains
  • Virtual private network
  • Changing your mac address with macchanger
  • Footprinting with network mapper (nmap) and external resources
  • Attacking wireless networks cracking WPA/WPA2
  • Aircrack-ng & reaver installation
  • Installing aircrack-ng on Windows & Crunch on Linux
  • Aricrack-ng & crunch hacking example
  • Cracking WPS pins with reaver pt.1
  • Cracking WPS pins with reaver pt.2
  • Cracking WPS pins with reaver pt.3
  • Performing denial of service attacks on wireless networks pt.1
  • Performing denial of service attacks on wireless networks pt.2
  • SSL strip pt.1
  • SSL strip pt.2
  • SSL strip pt.3
  • Funny things pt.1
  • Funny things pt.2
  • Funny things pt.3
  • Evil twin pt.1
  • Evil twin pt.2
  • Evil twin pt.3
  • Using known vulnerabilities pt.1
  • Using know vulnerabilities pt.2
  • Using known vulnerabilities pt.3
  • Post authentication exploitation (DNS) pt.1
  • Post authentication exploitation (DNS) pt.2
  • Post authentication exploitation (DNS) pt.3
  • SQL injection pt.1
  • SQL injection pt.2
  • SQL injection pt.3
  • SQL injection pt.4
  • SQL injection pt.5
  • Brute force methods for cracking passwords – cracking hashes
  • Cracking Linux passwords with john the ripper pt.1
  • Cracking Linux passwords with john the ripper pt.2
  • Cracking windows passwords with john the ripper
  • Hydra usage pt.1
  • Hydra usage pt.2
  • DoS attack pt.1 introduction to denial of service attacks
  • DoS attack pt.2 combine slowloris.pl with nmap
  • DoS attack pt.3 featuring hackers.org
  • Intro to metasploit and reverse shells
  • Metasploit starting from a two terminal setup
  • Making reverse shells persistent on another system and escalating privileges
  • Creating a persistent shell with metasploit
  • Using netcat to make any kind of connection you may need
  • How to upload a reverse shell onto a web server
Posted on 7 Comments

The Complete Linux Course: Beginner to Power User!

Get The Complete Linux Administration Course Bundle!
https://josephdelgadillo.com/product/linux-course-bundle/

Enroll in the courses directly on Udemy!

A Beginner’s Guide to Linux System Administration!
http://bit.ly/2gHV6dD

CentOS and Red Hat Linux to Certified System Administrator!
http://bit.ly/2h7ONwE

BASH Programming Course: Master the Linux Command Line!
http://bit.ly/2y4GyY8

The Complete Wireshark Course: Go From Beginner to Advanced!
http://bit.ly/2yLpqIy

Together we’re going to take a journey through Linux and give you the knowledge you need to be a power user, but first we must ask the question, what is Linux? Well, confusingly it depends on who you ask. In order to get an idea of what Linux is we’ve gotta go back in time. In the early 1980’s Richard Stallman, then working in the AI lab at MIT, started the GNU project with the goal of creating an entirely free and open Unix-like operating system. This all started when the lab got a new printer, but the license restricted his ability to modify the code. He had hacked earlier printers to electronically send messages to users who printed items when the printing was complete, as well as notifying other users when the printer was free to use. By the early 1990’s there was almost enough GNU software to create an entire operating system, however their kernel, the GNU Hurd, was not yet complete. Meanwhile, in the early 1990’s Linus Torvalds set out on a hobby project to develop Unix-like colonel known as Linux, and used GNU software such as GNU’s “C” compiler to do it. While a kernel on its own was useless, he ended up including GNU software with the kernel tree to release an operating system. Later, Richard Stallman’s free software foundation sponsored the group Debian to release a GNU/Linux distribution that was completely open for people to use and contribute to. Debian over the years grew from a small group of Free Software Foundation hackers, to the enormous community that is today. Due to its popularity, Debian has become the base of countless Linux distributions. Because of how open the software is, anybody to read the source code, modify it, and then redistribute it. Because of this, this is what we have now, it’s kind of a mess. There are so many Linux distributions that a common problem for beginners is what Linux distribution should I use. While there are a few distros out there that actually include its own software, one of the biggest problems in Linux is how many distros there are and the fact that a lot of them are the same distribution with new wallpapers, and icons, and everything else is the same. Ubuntu was started in the early 2000’s and is owned and distributed by Canonical. The base of Ubuntu is Debian, and Ubuntu has become so popular that it has in turn been forked countless times. Forking is a process which the operating system is used as the base of a new distribution. Ubuntu includes it’s own desktop environment called Unity, and has recently started distributing phones running a version of Ubuntu. Canonical also contributes bug fixes and other contributions upstream, meaning that they send these changes back to Debian to include in future releases. While Debian releases new versions sporadically, Ubuntu’s aim was to capture the stability of Debian, but released new versions more frequently. As such, Canonical releases two distributions a year, one in April and one in October. The naming convention of Ubuntu is year & month. So, the version we’ll be working with was released in October of 2015 and it’s called Ubuntu 15.10. Every two years in April, a long-term support version is released called LTS, which is officially supported for five years. While releases in between LTS versions are supported for only 9 months, the next LTS release will be in April of 2016. So, to download Ubuntu we’re going to go to Ubuntu.com, and when the page loads we’re going to see in the top navigation that there’s an option that says desktop. Just click on that, this is the version of Ubuntu we’re gonna be working with, and then when you get on the overview page, just click download Ubuntu, the big orange button in the main area. And on this page it’s gonna give us a few versions, so it’s gonna prompt us to download the last LTS release which was released 2014, in April. If you’re gonna be running Ubuntu on a server it makes sense to you long-term support versions because you only need to install a new version like every five years. You can install more frequently because there’s new LTS version every two years, but with a non LTS version there’s only official support and bug fixes for nine months. So, we’re gonna go with one of the nine months cycles here and download the latest stable release which is Ubuntu 15.10, this was released maybe 10-15 days ago. We’re gonna download 64 bit because that’s the processor type we’re running. You can either click the download button to download it directly in the browser, or you can click alternative downloads & torrents to view what other type of other files you can download. Now, if you’re running on a really super fast internet connection it doesn’t really make a difference. The in browser download is probably going to download just as quickly as a torrent, however if you don’t have an incredible internet connection, a torrent download is going to make a lot of sense. It’s going to download a lot quicker than it would in the browser. Now, I’ve already got my version downloaded, it took about 10-15 minutes, because I have really bad at the moment. Next thing we’re gonna do, we’re not going to install to directly onto our hard drives yet. That’s an awful big commitment to make when you you’re not really familiar with the system. So, we’re gonna do is go to VirtualBox.org, and this is a piece of software that allows us to create virtualized machines, virtual machines are a virtual computer if you want to call it that. This allows us to create different virtual machines, set them up differently, as well as star different operating systems on one. So, when you get to VirtualBox.org there’s a gigantic button here that you cannot miss. Click on that and it’s gonna take you to the download page for VirtualBox. Now, it offers different packages dependent on different operating systems. This is going to be for the host machine, and to put that it clearer terms, the computer that I’m in right now that we can see is running Windows 10, that is the host. So, I need to download VirtualBox 5 for Windows hosts, this link right here, click that it’s gonna start the download. Now, I’ve already got mine downloaded. We’re going to need these in the next few videos, so thanks for watching!

Posted on 2 Comments

Complete Linux Networking Tutorial

Get The Complete Linux Administration Course Bundle!
https://josephdelgadillo.com/product/linux-course-bundle/

Enroll in the courses directly on Udemy!

A Beginner’s Guide to Linux System Administration!
http://bit.ly/2gHV6dD

CentOS and Red Hat Linux to Certified System Administrator!
http://bit.ly/2h7ONwE

BASH Programming Course: Master the Linux Command Line!
http://bit.ly/2y4GyY8

The Complete Wireshark Course: Go From Beginner to Advanced!
http://bit.ly/2yLpqIy

In this video we’re not going to be doing anything, we’re not gonna be learning about networking specifically on Linux. We need to understand a few general concepts before we get to that. So, this video is going to be a sort of introduction to networking on Linux. An introduction to networking in general. So, right now you are on a computerized device watching this video which is on the Internet. And the way that’s happening is basically you’re connected to a router, or a modem router all-in-one device, and the router is connected to your internet service provider, and your internet service provider has devices that are connected to the bigger world of the internet. So, you send a request, if you open up a browser and type in google.com and then hit enter, your web browser sends that as a request. It’s basically saying okay this is the web page that this computer wants to look at right now. It sends that through your router, which sends it to your internet service provider, and your internet service provider has all these fancy computers that properly route certain requests to DNS servers, any requests actually. What a DNS server does is it says okay, you gave me this string of text, a domain name or URL, and I have a record here that shows this domain or string of texts is supposed to serve up the content at this IP address. And so how the internet works is it doesn’t understand Google.com or Facebook.com. The internet uses network addresses, right, and so think of it like each web server, each server out there has and address just like every house on your street has an address. So, if you were gonna send somebody down the street to Joe’s place, you would say okay well go to this address, then you would give them the address of Joe’s place and they would be able to find it. The same thing is happening on a DNS server. You give the DNS server a domain name that you want to look at, and then th the DNS server takes that and says okay well I know this domain name is supposed to route to this IP address. So, you request, you need to go over to the server to get that content, and so your request then gets translated to an IP address and other information, and it gets to the web server that it’s supposed to be at. And then the web server running Apache or anything really nginx, I’m sure there’s tons out there that I don’t know about, but the web server receives requests, it receives all of the information related to it. So, cookies you know session variable stuff like that as well as the exact item you want to look at it. So, if you go to website.com/something /something else, everything after the .com/ is called a URI and that indicates what piece of content on the server you want. So, think of the first part domain.com as what server you need to be communicating with, and then afterwards you know /about.php or something that’s gonna tell the server once it gets the request what page it needs to send you. And then it does it’s you know rendering process and it sends you that page in the exact same route that your request took to get there. So, it’s like when you send your friend down the street to Joe’s place to pick up a box of pizza. So, your friend walks down the street he turns left you know maybe turns right, he gets to Joe’s place, he walks in says hey I need to get a pizza, Joe gives him the pizza, then he walks same way back to your house, and before you know it a web page has loaded within your computer box. That’s how that happens. I hope you guys understood that. In the next video we’re actually gonna cover a few more concepts before we dive into you know really understanding to the point that we can use applications to do certain things. So, I hope you guys found that informative. If you didn’t, if there’s any point in this video that you felt lost, or confused, or even that I was just rambling, or even if you just want to tell me you know a few more web server applications aside from Apache, there is a comment section to the side of this video. You just leave a comment I will reply and get you whatever information you need, and hopefully this will make sense to you. So, in the last video we described how the internet works, what the internet is, is technically an interconnected collection of networks. So, all these little networks all over the world can now be connected to other networks in the world, and so we have the internet which is just that. So, to understand the network here we’re bringing it down from you know the top level stuff, down to a more localized thing. And so a local network is the type of network that you have set up in your house, where you connect to the router, the router then you know can interact with the internet for you, and then return the information to you computer. Now, I wanted to talk for a moment about IP addresses and the current issues that face them, while still using ipv4. So, let’s open up a document here. So, an IP address looks like this. This is an IP address of a server somewhere, probably, if you put this in your browser…actually let’s try. That was just a random one that I just wrote up, let’s see what happens. This is probably the address of somebody, somebody you know, somebody is connected to an internet service provider and they get one IP address for all their computers, and the reason why that happens is because these IP addresses can go from 1.1.1.1 all the way to 255. So, as you can imagine the range is pretty big but it’s not quite big enough for the human population, and so we’ve been running out of IP addresses for the last fifteen or twenty years. And, multiple solutions have been brought into the equation to try and solve this problem. One of them was called a NAT. What this is is a network address. Basically, you have one router you have one IP address. So, the IP address you have let’s say is this one up here at the top, this is your IP address that the internet service provider has given you. Without the use of a router you can plug one device into the modem and your computer will use this IP address in requests, so basically when you send a request to google.com to load a page or to load a search what happens is your IP address gets sent to Google as well so that Google can return this data to your device. But, what happens when you only have one IP address and seven computers, that’s when the NAT comes into play. So, this IP address now is the IP address of your modem or router, and it assigns NAT addresses to all the devices on your network. So, let’s say you just have two devices on the network. The first one, actually the IP address of your actual router is likely this. I’ve seen one instance where a network did not use this IP address as its routers IP address. The IP addresses that your router will assign to computers in your home all begin with 192. So, basically it would be something like that, right, that would be the IP address, actually hold up I got this wrong. This is the IP address of your router, this is the IP address of your first computer. So, it always begins with 192.168 Your second computer might be this, and your 3rd computer might be this. So, now you have three IP addresses, three devices on your network and your router here is keeping track of them. So, from this device I type google.com into the address bar, what happens is this IP address along with the request gets sent to my router, the router then sends the request off to the ISP and then over to the internet and stuff, with the IP address of the router which internally is this and externally this is our ISP IP address they gave us. So, what happens this gets sent to google.com, google.com sends the page back to this IP address connected to the router here, the router then takes that request and connects it with the device that requested it, and then it sends it back to that device. And so that’s how a router interfaces between a local network and the internet. So, in the olden days before the NAT address and routers really took off each one of these computers would have had a different IP address, so it would have looked something like this. So, that would have been 3 actual IP addresses when we found a way that you actually only need one IP address for our network, and so that’s what a router does and so these IP addresses are local and you’re gonna see these in terminal. Now, one other special IP address is 127.0.0.1 On every computer this means this computer. It’s basically a self identifying IP address. If I were to type this into my browser I would see my localhost, where if you put this in your browser you would see your localhost. The NAT IP address basically works the same way. So, if I were to go to 192.168.0.3 it would try to find a computer only on my network that has this address and then connect to it. So, that’s how a router works, in the next video we’re getting into the ifconfig. On Windows you have an ipconfig command, on Linux here you’ve got ifconfig and we’re gonna cover that in the next video, and a a few other commands as well. So, thank you guys so much for watching, and I’ll see you guys soon.

Posted on

How to Setup an SSH Host on Your Local Machine

Click here to subscribe for more videos like this!

So, the last video that we’re doing is setting up an SSH host on our local machine, and it’s really simple. So, let’s go ahead and open up terminal. We need to install openssh-server. So, go ahead and run “sudo apt-get install openssh-server” I believe it is. We’ll get an error message if that’s not it’s been awhile since I did this, so. Once we have it installed you’re basically good to go, however we are going to make it a little more secure. We’re gonna change the port that this runs on and so there is an SSH deconfig file now. Let’s go ahead and run “sudo nano /etc/ssh/ssd_config” So, we can go ahead and make this more secure by changing the port and also changing the authentication stuff. So, let’s go ahead and change the port to 2212 instead of the default 22, and then we’re going to scroll down here a bit, and under authentication here we’re going to change permit root login to no, so nobody’s gonna be able to login as root. Scroll down a bit here as well, and we’re going to add a line this is allow users, and this is going to take basically a list of usernames of users who are allowed to log in through SSH. So, I’m going to make my user account able to login through SSH and this is going to restrict all other users from connecting to this machine via SSH. So, I’m going to save it and exit, gonna clear this up, and then what we need to do is restart the SSH service. So, run “sudo systemctl restart ssh” and you’re good to go. And so now if I were on a different machine here, actually let’s see if I can get my external IP address here, I don’t think I can get it through here, no. Alright, clear this. I’m gonna open up network-tools and I’m gonna do something like if you guys have seen the movie Inception, this concept that I’m about to do will feel a little little bit familiar to you. This by the way when you go to network-tools.com the IP address that pops into the input field by default is your external your public facing IP address. This is the IP address that your internet service provider gives to you. Now, actually in order for this to work, this would have to be the only machine or I would have to set up through the router DMOZ port forwarding or a host forwarding, but what we can try, we’re gonna try it anyway. I’m going to
“ssh [email protected]” and then from here I’m going to ssh into this machine. It probably won’t forward that port. So, I would have to go through my router at this point to configure port forwarding for that port 2212 in order to be able to connect from an external host to this host. If you only have one machine, so basically like the IP address of my server when I, when I go to the IP address, it goes directly to my server. It’s not configured through NAT addresses my server actually has five IP addresses, and those IP addresses go directly to my server, and that’s why I can access SSH on that server without having to configure any routers or anything. I think actually the server provider manage that in some way. So, anyway you know if I were to go into my router and configure DMOZ or port forwarding, what I was just doing would in fact work. So, thank you guys so much for watching, and I will see you guys again soon.

Posted on

How to Transfer Files Between 2 Computers Using SFTP

Click here to subscribe for more videos like this!

Hey guys, let’s go over some SFTP. So, first what is SSTP? Well first before we answer that question, let’s ask a similar but different question, what is FTP? FTP is an acronym for the term file transfer protocol and it uses the port 21, and basically what it does is it transfers files between two machines. So, SFTP, because in regular FTP everything is transferred in clear text, so if anybody is sniffing packets on your network like we learned in a previous video, they would be able to read all those packets, basically. So, we’re not going to use FTP, I actually recommend never use FTP. SFTP is just easier anyway, and so we’re just going to use SFTP. So, similarly to the “ssh” command, you’re gonna write “sftp” and then the connection string. So, in my case it’s exactly the same as before. Then it asks for my password for the remote host, so I’m gonna put that in here, and now I can list what’s on the remote host by typing “ls” but we also have a few different commands to list what’s on the local host. I’m actually gonna exit here. I’m going to make a directory called “sftp-demo” I’m going to change into sftp-demo, and I’m going to “touch” a file called “names.txt.” Now, I’m going to reconnect while in this directory, to my server. Now, if I run “ls” I get the remote directories current directory listing, if I type “lls” I get the local listing of the directory that I’m in on the local host. And so here we can actually, we can grab files and transfer them to and from both machines. So, if I wanted to put names.text on to the server in the current directory, what I would do is type “put names.txt” and it’s going to upload it to my remote host with the same name. So, that’s when you would use “put” if you want to push a file from from your local machine to the remote host. Similarly, use the command “get” to get files. So, I’m going to, I really don’t recall any of these files, I’m just gonna get the composer.json file. So, I’m going to type “get composer.json” and if I run “lls” on my local machine I can now see that I have that file there. So, if I exit and then run “ls” I’ve got that file there. So, that is how you would use SFTP to transfer files to and from machines, and also a few commands there that can help you see what files are available. So, thank you guys so much for watching, and I will see you guys again soon.