Together we’re going to take a journey through Linux and give you the knowledge you need to be a power user, but first we must ask the question, what is Linux? Well, confusingly it depends on who you ask. In order to get an idea of what Linux is we’ve gotta go back in time. In the early 1980’s Richard Stallman, then working in the AI lab at MIT, started the GNU project with the goal of creating an entirely free and open Unix-like operating system. This all started when the lab got a new printer, but the license restricted his ability to modify the code. He had hacked earlier printers to electronically send messages to users who printed items when the printing was complete, as well as notifying other users when the printer was free to use. By the early 1990’s there was almost enough GNU software to create an entire operating system, however their kernel, the GNU Hurd, was not yet complete. Meanwhile, in the early 1990’s Linus Torvalds set out on a hobby project to develop Unix-like colonel known as Linux, and used GNU software such as GNU’s “C” compiler to do it. While a kernel on its own was useless, he ended up including GNU software with the kernel tree to release an operating system. Later, Richard Stallman’s free software foundation sponsored the group Debian to release a GNU/Linux distribution that was completely open for people to use and contribute to. Debian over the years grew from a small group of Free Software Foundation hackers, to the enormous community that is today. Due to its popularity, Debian has become the base of countless Linux distributions. Because of how open the software is, anybody to read the source code, modify it, and then redistribute it. Because of this, this is what we have now, it’s kind of a mess. There are so many Linux distributions that a common problem for beginners is what Linux distribution should I use. While there are a few distros out there that actually include its own software, one of the biggest problems in Linux is how many distros there are and the fact that a lot of them are the same distribution with new wallpapers, and icons, and everything else is the same. Ubuntu was started in the early 2000’s and is owned and distributed by Canonical. The base of Ubuntu is Debian, and Ubuntu has become so popular that it has in turn been forked countless times. Forking is a process which the operating system is used as the base of a new distribution. Ubuntu includes it’s own desktop environment called Unity, and has recently started distributing phones running a version of Ubuntu. Canonical also contributes bug fixes and other contributions upstream, meaning that they send these changes back to Debian to include in future releases. While Debian releases new versions sporadically, Ubuntu’s aim was to capture the stability of Debian, but released new versions more frequently. As such, Canonical releases two distributions a year, one in April and one in October. The naming convention of Ubuntu is year & month. So, the version we’ll be working with was released in October of 2015 and it’s called Ubuntu 15.10. Every two years in April, a long-term support version is released called LTS, which is officially supported for five years. While releases in between LTS versions are supported for only 9 months, the next LTS release will be in April of 2016. So, to download Ubuntu we’re going to go to Ubuntu.com, and when the page loads we’re going to see in the top navigation that there’s an option that says desktop. Just click on that, this is the version of Ubuntu we’re gonna be working with, and then when you get on the overview page, just click download Ubuntu, the big orange button in the main area. And on this page it’s gonna give us a few versions, so it’s gonna prompt us to download the last LTS release which was released 2014, in April. If you’re gonna be running Ubuntu on a server it makes sense to you long-term support versions because you only need to install a new version like every five years. You can install more frequently because there’s new LTS version every two years, but with a non LTS version there’s only official support and bug fixes for nine months. So, we’re gonna go with one of the nine months cycles here and download the latest stable release which is Ubuntu 15.10, this was released maybe 10-15 days ago. We’re gonna download 64 bit because that’s the processor type we’re running. You can either click the download button to download it directly in the browser, or you can click alternative downloads & torrents to view what other type of other files you can download. Now, if you’re running on a really super fast internet connection it doesn’t really make a difference. The in browser download is probably going to download just as quickly as a torrent, however if you don’t have an incredible internet connection, a torrent download is going to make a lot of sense. It’s going to download a lot quicker than it would in the browser. Now, I’ve already got my version downloaded, it took about 10-15 minutes, because I have really bad at the moment. Next thing we’re gonna do, we’re not going to install to directly onto our hard drives yet. That’s an awful big commitment to make when you you’re not really familiar with the system. So, we’re gonna do is go to VirtualBox.org, and this is a piece of software that allows us to create virtualized machines, virtual machines are a virtual computer if you want to call it that. This allows us to create different virtual machines, set them up differently, as well as star different operating systems on one. So, when you get to VirtualBox.org there’s a gigantic button here that you cannot miss. Click on that and it’s gonna take you to the download page for VirtualBox. Now, it offers different packages dependent on different operating systems. This is going to be for the host machine, and to put that it clearer terms, the computer that I’m in right now that we can see is running Windows 10, that is the host. So, I need to download VirtualBox 5 for Windows hosts, this link right here, click that it’s gonna start the download. Now, I’ve already got mine downloaded. We’re going to need these in the next few videos, so thanks for watching!
Welcome! Here you can learn you how to master Linux command line (BASH). What do I mean by this? Ever seen a system admin in a movie or some devious hacker using a terminal? Do you want the same knowledge? Well you are in the right place!
This course is designed to take you from beginner to advanced in the Linux command line using bash (Bourne-again shell), a Unix shell and command language. You get 10+ hours of HD videos full of useful tutorials founded on motivation and excitement for learning bash programming! You can count on an answer to every question you ask in the course from a Linux command line expert which gives you peace of mind that you can get help with every challenge you have as you learn!
Alright, so what is a string? Well, a string is any text that you want to be treated as text within a program. So again we need to talk about a few other things that we’re going to be talking about actually a few videos from now, but for right now just trying to follow along. So, this is a string because it’s wrapped in quotations, and if we hit enter Python is going to say hello string. Now, you can also use single quotations here to do the same thing. So basically you have two options either using double quotations or single quotations, and let’s say you want to have a word in your string that you well let’s say you need to have a word in that string of text which contains an apostrophe. So let’s say we wrapped in single quotes and we say ‘don’t do that’ Python is going to freak out about that because what it thinks is happening is that we’re starting a string here, we’re typing three letters, and then we’re ending the string, and then it doesn’t know what to do about all this. It’s saying well t do that I don’t know what that means, it’s no variable, and there’s no function that I can perform on this, so I’m just going to freak out and give you a syntax error. So what you would need to do in order to print out don’t do that is you can just wrap it in double quotations and then just type don’t do that, and as you can see what I print it’s going to keep that intact. Now alternatively let’s say you want to quote somebody. So, let’s wrap in double quotes and say, “she said “I want this” and then close it, close it. Again, it’s gonna freak out because what it thinks that we’re trying to do is start a string, say she said, then end the string and then it’s going to freak out over all this because it doesn’t realize that this is part of that string because we have explicitly told it to end the string here. So what you would do in this instance is just wrap the entire string in single quotations. So, ‘she said “I want this”‘ and as you can see it’s going to print it out correctly. Now alternatively what if she said something that had an apostrophe in it. So, let’s try and cope with that so ‘she said “don’t put that there”‘ again it’s going to freak out because we’re starting the string here, we’re adding a single quotation which is not interpreting as the other string, in fact right here where this apostrophe is it thinks that’s the end of the string, so it’s treating this like a string and then this as constants, or variables, or whatever and it doesn’t know what to do with them because we’re not telling it to do anything and then these just random quotations here. So what we need to do in this instance is we need to learn about escaping certain characters. So, let’s write it out first then I’ll explain it. So what we’re going to do is wrap it in single quotes and we’re going to say ‘she said “don/ ‘t do that”‘ and what’s happening here, let’s hit enter. That’s not what…let me that out. It’s just returning what we wrote there. There. So we print that out and what this does is the backslash here tells the next character to be interpreted as text regardless of what it would normally be interpreted as, so rather than this trying to end the string Python knows at this point that we want this to be printed out with the string and not end the string but just printed out as a single character, and so that’s what it’s going to do. So there’s times when you’re going to need to do each of these in your Python code and so that’s how to handle strings and what they are. Again, a string is just a series of characters which is interpreted as text and you can print it, you can manipulate it, we’re actually going to get into string manipulation in the next video.
In this video we’re not going to be doing anything, we’re not gonna be learning about networking specifically on Linux. We need to understand a few general concepts before we get to that. So, this video is going to be a sort of introduction to networking on Linux. An introduction to networking in general. So, right now you are on a computerized device watching this video which is on the Internet. And the way that’s happening is basically you’re connected to a router, or a modem router all-in-one device, and the router is connected to your internet service provider, and your internet service provider has devices that are connected to the bigger world of the internet. So, you send a request, if you open up a browser and type in google.com and then hit enter, your web browser sends that as a request. It’s basically saying okay this is the web page that this computer wants to look at right now. It sends that through your router, which sends it to your internet service provider, and your internet service provider has all these fancy computers that properly route certain requests to DNS servers, any requests actually. What a DNS server does is it says okay, you gave me this string of text, a domain name or URL, and I have a record here that shows this domain or string of texts is supposed to serve up the content at this IP address. And so how the internet works is it doesn’t understand Google.com or Facebook.com. The internet uses network addresses, right, and so think of it like each web server, each server out there has and address just like every house on your street has an address. So, if you were gonna send somebody down the street to Joe’s place, you would say okay well go to this address, then you would give them the address of Joe’s place and they would be able to find it. The same thing is happening on a DNS server. You give the DNS server a domain name that you want to look at, and then th the DNS server takes that and says okay well I know this domain name is supposed to route to this IP address. So, you request, you need to go over to the server to get that content, and so your request then gets translated to an IP address and other information, and it gets to the web server that it’s supposed to be at. And then the web server running Apache or anything really nginx, I’m sure there’s tons out there that I don’t know about, but the web server receives requests, it receives all of the information related to it. So, cookies you know session variable stuff like that as well as the exact item you want to look at it. So, if you go to website.com/something /something else, everything after the .com/ is called a URI and that indicates what piece of content on the server you want. So, think of the first part domain.com as what server you need to be communicating with, and then afterwards you know /about.php or something that’s gonna tell the server once it gets the request what page it needs to send you. And then it does it’s you know rendering process and it sends you that page in the exact same route that your request took to get there. So, it’s like when you send your friend down the street to Joe’s place to pick up a box of pizza. So, your friend walks down the street he turns left you know maybe turns right, he gets to Joe’s place, he walks in says hey I need to get a pizza, Joe gives him the pizza, then he walks same way back to your house, and before you know it a web page has loaded within your computer box. That’s how that happens. I hope you guys understood that. In the next video we’re actually gonna cover a few more concepts before we dive into you know really understanding to the point that we can use applications to do certain things. So, I hope you guys found that informative. If you didn’t, if there’s any point in this video that you felt lost, or confused, or even that I was just rambling, or even if you just want to tell me you know a few more web server applications aside from Apache, there is a comment section to the side of this video. You just leave a comment I will reply and get you whatever information you need, and hopefully this will make sense to you. So, in the last video we described how the internet works, what the internet is, is technically an interconnected collection of networks. So, all these little networks all over the world can now be connected to other networks in the world, and so we have the internet which is just that. So, to understand the network here we’re bringing it down from you know the top level stuff, down to a more localized thing. And so a local network is the type of network that you have set up in your house, where you connect to the router, the router then you know can interact with the internet for you, and then return the information to you computer. Now, I wanted to talk for a moment about IP addresses and the current issues that face them, while still using ipv4. So, let’s open up a document here. So, an IP address looks like this. This is an IP address of a server somewhere, probably, if you put this in your browser…actually let’s try. That was just a random one that I just wrote up, let’s see what happens. This is probably the address of somebody, somebody you know, somebody is connected to an internet service provider and they get one IP address for all their computers, and the reason why that happens is because these IP addresses can go from 22.214.171.124 all the way to 255. So, as you can imagine the range is pretty big but it’s not quite big enough for the human population, and so we’ve been running out of IP addresses for the last fifteen or twenty years. And, multiple solutions have been brought into the equation to try and solve this problem. One of them was called a NAT. What this is is a network address. Basically, you have one router you have one IP address. So, the IP address you have let’s say is this one up here at the top, this is your IP address that the internet service provider has given you. Without the use of a router you can plug one device into the modem and your computer will use this IP address in requests, so basically when you send a request to google.com to load a page or to load a search what happens is your IP address gets sent to Google as well so that Google can return this data to your device. But, what happens when you only have one IP address and seven computers, that’s when the NAT comes into play. So, this IP address now is the IP address of your modem or router, and it assigns NAT addresses to all the devices on your network. So, let’s say you just have two devices on the network. The first one, actually the IP address of your actual router is likely this. I’ve seen one instance where a network did not use this IP address as its routers IP address. The IP addresses that your router will assign to computers in your home all begin with 192. So, basically it would be something like that, right, that would be the IP address, actually hold up I got this wrong. This is the IP address of your router, this is the IP address of your first computer. So, it always begins with 192.168 Your second computer might be this, and your 3rd computer might be this. So, now you have three IP addresses, three devices on your network and your router here is keeping track of them. So, from this device I type google.com into the address bar, what happens is this IP address along with the request gets sent to my router, the router then sends the request off to the ISP and then over to the internet and stuff, with the IP address of the router which internally is this and externally this is our ISP IP address they gave us. So, what happens this gets sent to google.com, google.com sends the page back to this IP address connected to the router here, the router then takes that request and connects it with the device that requested it, and then it sends it back to that device. And so that’s how a router interfaces between a local network and the internet. So, in the olden days before the NAT address and routers really took off each one of these computers would have had a different IP address, so it would have looked something like this. So, that would have been 3 actual IP addresses when we found a way that you actually only need one IP address for our network, and so that’s what a router does and so these IP addresses are local and you’re gonna see these in terminal. Now, one other special IP address is 127.0.0.1 On every computer this means this computer. It’s basically a self identifying IP address. If I were to type this into my browser I would see my localhost, where if you put this in your browser you would see your localhost. The NAT IP address basically works the same way. So, if I were to go to 192.168.0.3 it would try to find a computer only on my network that has this address and then connect to it. So, that’s how a router works, in the next video we’re getting into the ifconfig. On Windows you have an ipconfig command, on Linux here you’ve got ifconfig and we’re gonna cover that in the next video, and a a few other commands as well. So, thank you guys so much for watching, and I’ll see you guys soon.
Welcome all. This is an introduction to ethical hacking for 2016-2017. And before I continue any further, some of you may know me from the previous ethical hacking course, and this one will be significantly more advanced as opposed to that one. That being said, the requirements for this one will be also significantly different. But before we continue any further, let me just go over a few things. First of all, my throat is getting dry, because this is like the fifth time that I’m attempting this and certain people, certain very rude people keep interfering. But anyway, there a few considerations to make here. So the first one, is what can you expect to learn from this course? Well, you can expect to…I will show you basically, how you can compromise systems, monitor a traffic in the air, fight against encryption, what you can do with encrypted traffic, how you can attempt to decrypt it. Some of it you will be able to decrypt, I will show you various methods, Listening booths in the middle, and how to take off certain layers of encryption, and extract the useful information from the data which is out there in the air. I will show you various methods how to compromise systems in general, like PCs, servers, phones, smartphones that is. And we also may play around a little bit with the GSM network and see some of the vulnerabilities there. That’s a 2G network, so you have 2G, 3G and 4G. 2G is the GSM and 4G is the LTE. Anyway, we will be most likely, I will most likely at a certain point in time also talk a little bit about social engineering and you will see the practical aspect of that as well. But, there are two kind of considerations that you should make when taking this course. So, moral side of things and legal considerations. So, just because you will be able to do something, and I will teach you how to do some serious damage with the knowledge that you get you will be able to do some serious damage, but it doesn’t mean that you should. There really is no need for you to do so. And just think about it, you don’t want anybody messing with your stuff, so don’t mess with anybody else’s stuff. There really is no need, or justified reason for you to do it. Legal aspects, legal considerations. In most countries, it is illegal to mess around with systems you don’t have permission to mess around on systems that you yourself do not own. Just to give you a stupid example, it’s illegal to mess around with your neighbors Wi-Fi. It’s illegal to connect to it without that person’s permission, who owns it. So even these small, I would say, inevitable things are taken into consideration by law. Not to speak of breaking into the servers or taking information from the phones, personal information from the phones and other kinds. That’s all covered as well. So you can get into a lot of trouble if you misuse the knowledge. I will give you a lot of knowledge here, I will show you how to do various things. Please, do not abuse the knowledge. Use the knowledge, do not abuse it. Ok, that being said, let’s go over to the other side. Besides of the cute puppy up there that my friend drew, sitting over there smiling, for some strange reason. He doesn’t want to come on camera, God knows why. You will have software and hardware requirements for this course, so those are the two. You have three requirements, one is software, one is hardware and the third one is, your current knowledge, your current amount of knowledge, so to say. Let’s get into the operating systems. So, Windows and OSX are completely incompatible for our purpose. On OSX you lack a large amount of tools and you lack hardware compatibility in the first place, even though you have a Unix-like Shell, it’s really not a system that you want to use for this purpose. Windows as well, Windows is even worse. You don’t have the degree of anonymity while using Windows is not really that good. With Linux, is open source, you know all the traffic that’s coming out, that’s going in, to monitor, to know exactly what it is, all of it can be decrypted. With Windows, you will have…I notice a lot of unauthorized duplications from my machines, and it’s closed source, you don’t know what is going on in the background, you don’t know the source code. And you might say, “Well, I know the source code of Linux but I’m not a developer, I have no idea what it means” It doesn’t matter, a lot of other people know what it means, a lot of other people who made it. Somebody who says something out there on the forums, if there was funny going on there. I don’t what’s going on with Windows, under the hood, and I don’t know what’s going on with OSX under the hood, and therefore I generally don’t like using them for anything unless I am practically forced to do so. My primary operating system that I use in my daily basis for productivity work, with pen testing and development is Linux, and it has the largest, practically the best tools for development and for pen testing. It doesn’t matter which distribution you are using, you should be able to install pretty much all the tools on all the distributions out there. Anyway, you will need a machine where you will have Linux installed. So, we will need Linux as an operating system installed. I will tell you which distro to choose, I will make suggestions and I will show you how to install it. Now, to answer the questions in advance, yes, you can have a virtual machine on Windows or OSX. Yes, you can have a bootable USB with persistence storage, and yes, you can have dual boot on Windows and OSX, all these three setups are…first of all, you’re gonna encounter a lot of problems with dual boot, with both Windows and especially OSX. Linux dual booting with OSX and Windows is a huge problem, especially with the UEFI Bios. Some of you might argue and say, “Well, it’s not, I’ve succeeded in doing it” Yes, I’ve succeeded in doing it, it works, but, it’s a hassle to get it to work, or at least it was a hassle for me, the process is buggy, you will encounter a lot of problems and a lot of your problems I cannot replicate them and not know how to solve. I can’t replicate them and therefore I don’t know how to solve them, because the dual boot behaves differently on different machines with different BIOSes. On different motherboards that is. So, have a machine which has Linux installed as a single operating system. All these other optional setups, like dual boot, live USB, virtual machines, I’ll go ahead and create these videos for you and I’ll post them on Youtube as optional setups, but that’s not the setup that I will be using, that’s just something that I will post there for you, so you can have a look, but it will not be a part of this course at all. They will be on Youtube, they will be completely free, no need to registering or anything like that. If you want have that kind of setup you can go, have a look at it, but I make no guarantees there. Ok, so, in terms of hardware, First, what you need to consider is driver compatibility. Driver compatibility has been an issue for a very long time with Linux, but lately it hasn’t been a problem almost at all, because Linux nowadays supports pretty much most of the devices out there without any problems, with open source drivers, and open source drivers, yeah, they tend to work, really, really, really well with most devices out there. There are still hiccups here and there, but, it works. However, you will need to make sure that your system that you are using in terms of hardware components is compatible with the Linux kernel. You do this by basically getting the list of components of the PC and just typing in on the net, like, wireless card, what number, drivers for Linux, and it’s gonna tell you, yes, they do exist or no, they do not exist. If you type in, like, graphic card, this graphic card driver’s for Linux. Yes, they do exist or they do not exist, so that’s some of the checkups that you need to make. In general, if the drivers exist for, I mean if you have drivers in one distribution and if they’re open source you can have them for pretty much all the distributions without any problems. Next up is really important, so router access, you will need access to your home router, you will need to be able to access it. A lot of ISPs these days, they tend to block the user access to the home router. I don’t know why they do this, most likely because they don’t want a ton load of people messing around with the configuration of the routers. And they don’t know what they’re doing, so they mess things up and they call support and it takes valuable time and effort and it costs them money. So they just lock the router. But, if you don’t have access to your router, what you can do is just give them a call or write an email, asking that you would like to have a permission, that you would like them to unlock the router and they will tell you: “Okay, but you can do that at your own risk” Most likely if you mess something up, they will charge you some small amount to restore the original configuration. But, you can basically back your router up, once they unlock it. And just create a backup file and you can use that as a restore point in case you don’t know how to restore the internet connection in your house. However, you will need access to your router because we’re gonna be configuring, we’re gonna be opening up this machine to the outside world, so it will be accessible from outside world. This will be necessary for certain setups, I will show you how to configure the router and to configure….what you need to do is pretty much the same on every router, however, the interfaces on the routers will vary, but it’s quite simple, there isn’t much up to it. Wireless cards, this is also you will need to keep in mind, they need to be, not only compatible with Linux, but they need to be compatible with Aircrack and Reaver, so Aircrack-ng and Reaver. Some wireless cards function well, other do not, you can look it up on the net which ones do and which ones do not. In the final account of things, you can just go ahead and use the one that you have and see how it works out. Chances are that it will work, but again, that’s some of the information that you will look up on the net. You see, first of all you establish which chipset does your wireless card use, you can do this by typing in the model of your wireless card on the manufacturer’s website and the manufacturer will have the chipset listed there. Then you check whether that chipset has compatible drivers for Linux, and whether that chipset is supported by Reaver and Aircrack-ng. All this information is listed on the sites. So you just use your favourite search engine and, I assure you, you will find these results without bigger difficulties. If you fail by some crazy chance to do so just go with the flow and see what happens. See if it works out or if it doesn’t. The CPU, now the CPU that you have should support virtualization options, that means for Intel, you will need VT-d and for AMD you will need AMD-Vi. These are the flags which tell you if the processor is capable of virtualization. That’s the simplest explanation I can give in that regard. Make sure that your, it will be nice if your CPU supported virtualization so that you can do everything that I do as well. How do you check this? Well, you go to the manufacturer’s website and again, you see whether it’s supported or not, you can even ask the manufacturer with an email if it supports virtualization or not, just give them a call, I mean, and ask them quite literally, just give them the model number and they will be able to tell it to you, yes or no, without any problems really. Now, RAM, it will be good if this machine where Linux will be installed would have at least 4GB of RAM. Linux doesn’t necessarily requires 4GB, it’s gonna run with less than 2GB without any difficulties. It’s not RAM hungry like Windows and OSX are, but it would be good if you had more than 4. Why more than 4? For smoother operations of virtual machines, because we’re gonna have some of them, which we’re gonna set up there, and that we will use as our own small virtual servers, as our own pocket environments, where we shall conduct our research and where we will…the servers which we will use in order to go through the course, we’ll build our own environments where we will perform whatever it is that we need to do. USB, have a USB lying around, some USB, it may not be a big USB, it may not be a 3.0 USB or anything like that, pretty much any USB stick will do. What will you need it for? One of the basic things that we might need it for…I can show you how to make a cryptographic key, how you can convert it a USB into a crypto key, when you plug your USB into a laptop, you basically unbox or unencrypt your drives and it unlocks your PC. And then you can have another layer of security on top of that and it can request for a password confirmation as well. So that’s really good security for you right there. In addition to all of this, I will also show you how to monitor traffic, how to protect yourselves, how to secure your environment, how to figure out what’s going on on the network. where to post listening, where to listen for the network traffic, how to figure out what is going on and such things. And in addition to all of this, my final thing that I would like to state here, is the disclaimer. I am not in any way responsible for what you do with the knowledge that I give you, I’m giving you this knowledge in good faith, this knowledge is presented here in good faith, that you will use it properly and that you will not abuse it in any way. As all of this is for educational purposes so that you will gain knowledge, not so that you go messing around with your neighbor’s Wi-Fi. I mean, just don’t that, it’s quite stupid, you have nothing to gain and you can get into a lot of trouble for no reason of whatsoever. So, that’s it, I’m gonna go head bid you all farewell and wish you a ton lot of luck with this course and I hope that you have a lot of fun as we go through a lot of these things.
So, the last video that we’re doing is setting up an SSH host on our local machine, and it’s really simple. So, let’s go ahead and open up terminal. We need to install openssh-server. So, go ahead and run “sudo apt-get install openssh-server” I believe it is. We’ll get an error message if that’s not it’s been awhile since I did this, so. Once we have it installed you’re basically good to go, however we are going to make it a little more secure. We’re gonna change the port that this runs on and so there is an SSH deconfig file now. Let’s go ahead and run “sudo nano /etc/ssh/ssd_config” So, we can go ahead and make this more secure by changing the port and also changing the authentication stuff. So, let’s go ahead and change the port to 2212 instead of the default 22, and then we’re going to scroll down here a bit, and under authentication here we’re going to change permit root login to no, so nobody’s gonna be able to login as root. Scroll down a bit here as well, and we’re going to add a line this is allow users, and this is going to take basically a list of usernames of users who are allowed to log in through SSH. So, I’m going to make my user account able to login through SSH and this is going to restrict all other users from connecting to this machine via SSH. So, I’m going to save it and exit, gonna clear this up, and then what we need to do is restart the SSH service. So, run “sudo systemctl restart ssh” and you’re good to go. And so now if I were on a different machine here, actually let’s see if I can get my external IP address here, I don’t think I can get it through here, no. Alright, clear this. I’m gonna open up network-tools and I’m gonna do something like if you guys have seen the movie Inception, this concept that I’m about to do will feel a little little bit familiar to you. This by the way when you go to network-tools.com the IP address that pops into the input field by default is your external your public facing IP address. This is the IP address that your internet service provider gives to you. Now, actually in order for this to work, this would have to be the only machine or I would have to set up through the router DMOZ port forwarding or a host forwarding, but what we can try, we’re gonna try it anyway. I’m going to
“ssh [email protected]” and then from here I’m going to ssh into this machine. It probably won’t forward that port. So, I would have to go through my router at this point to configure port forwarding for that port 2212 in order to be able to connect from an external host to this host. If you only have one machine, so basically like the IP address of my server when I, when I go to the IP address, it goes directly to my server. It’s not configured through NAT addresses my server actually has five IP addresses, and those IP addresses go directly to my server, and that’s why I can access SSH on that server without having to configure any routers or anything. I think actually the server provider manage that in some way. So, anyway you know if I were to go into my router and configure DMOZ or port forwarding, what I was just doing would in fact work. So, thank you guys so much for watching, and I will see you guys again soon.
Hey guys, let’s go over some SFTP. So, first what is SSTP? Well first before we answer that question, let’s ask a similar but different question, what is FTP? FTP is an acronym for the term file transfer protocol and it uses the port 21, and basically what it does is it transfers files between two machines. So, SFTP, because in regular FTP everything is transferred in clear text, so if anybody is sniffing packets on your network like we learned in a previous video, they would be able to read all those packets, basically. So, we’re not going to use FTP, I actually recommend never use FTP. SFTP is just easier anyway, and so we’re just going to use SFTP. So, similarly to the “ssh” command, you’re gonna write “sftp” and then the connection string. So, in my case it’s exactly the same as before. Then it asks for my password for the remote host, so I’m gonna put that in here, and now I can list what’s on the remote host by typing “ls” but we also have a few different commands to list what’s on the local host. I’m actually gonna exit here. I’m going to make a directory called “sftp-demo” I’m going to change into sftp-demo, and I’m going to “touch” a file called “names.txt.” Now, I’m going to reconnect while in this directory, to my server. Now, if I run “ls” I get the remote directories current directory listing, if I type “lls” I get the local listing of the directory that I’m in on the local host. And so here we can actually, we can grab files and transfer them to and from both machines. So, if I wanted to put names.text on to the server in the current directory, what I would do is type “put names.txt” and it’s going to upload it to my remote host with the same name. So, that’s when you would use “put” if you want to push a file from from your local machine to the remote host. Similarly, use the command “get” to get files. So, I’m going to, I really don’t recall any of these files, I’m just gonna get the composer.json file. So, I’m going to type “get composer.json” and if I run “lls” on my local machine I can now see that I have that file there. So, if I exit and then run “ls” I’ve got that file there. So, that is how you would use SFTP to transfer files to and from machines, and also a few commands there that can help you see what files are available. So, thank you guys so much for watching, and I will see you guys again soon.
So, now you don’t only have to scan devices on your local network, you can
also scan external IP addresses or host names. So, I’m going to scan my server here by typing “nmap pointybracket.net” and then the host name of my server. It’s gonna take a moment and I’ve got a lot of open ports just because I have so many different things running. I’ve got, there’s a lot of things that run on it and some things that I just setup that I’ve never really used and haven’t bothered to shut them down, and so what we get here is my host and we can see that I’ve got FTP, SSH, SMTP, we’ve got the standard domain in HTTP, pop3, there’s a bunch of stuff here and I’m not going to go into what all those are but we can see that these are everything that the server has. You can also set a file, so let me clear this. Let’s open up gedit. So, we’re going to create a file of of hosts that we want to regularly scan and this can save time when we scan them if you’ve got like you know a few hosts that you regularly check on. So, I’m going to put “pointybracket.net” “192.168.0.1” and “192.168.0.100” and I’m gonna save this as “networks.txt” So, what we can do there is we can type “nmap -iL -/networks.txt.” so it’s a lowercase “i” and a capital “L” and then the location of that file, so it was “networks.txt” in my home directory. This is going to scan each of the hosts that is in that networks file. It returns in the order that they were scanned in, so that’s pretty neat. I want to go over a few more things with you guys regarding this command it does get pretty big there’s so much so that you can do with this, and so I really urge you guys to go and explore this if networking is one of your interests, if you want to really you know follow that. One of the things I want to show you guys is how we can turn on OS inversion detection during the scan, and so what we’re going to do is type “nmap -A 192.168.0-100” and this is going to scan, oh I had a little typo in the IP address there so I had just fix that, so this should tell me the operating system versions that are running on the devices on my network, and you can also find this information about other hosts. Aside from this, just while this is running you can scan aa network and find out which servers and devices are up and running by using the flag “-sP” You can display the reason that a port is in a particular state by having the flag “–reason” You can choose to only show opened ports which appears to be the default functionality here, it doesn’t show the closed ports. You can actually also show all of the host interfaces for a machine by typing “–iflist” in the list of arguments for this command, and I mean again it’s really big so go ahead and look this up. If you wanna type in google.com “nmap commands” there’s a bunch of different ones that you guys should play around with, this was more of an introduction onto the most common or basic functionalities of this program. I’m going to cancel this here and I’m just going to restart. This will go a bit faster, I’m just going to target my own IP address here so we can get this done and you guys can see the example output that this is gonna do when adding the “-A” slag in here. So, here you can see a lot of information about this machine. Let’s go to the top here. We’ve got the port, the state, and the service, as well as the version of the service. So, I have Apache 2.4.12 installed and that’s also the same one here. If we go down we get more information about the host cell, so we have OS UNIX, we’ve got the computer name, the domain name if anything is configured, the fully qualified domain name, and just a lot more information. So, that is the nmap command and it would be useful if you’re trying to just scan your network, and one of the examples that comes off the top of my head that would be you know when I would use command is if I noticed that the internet’s you know running a bit slow. Let’s say I’ve got 10 people in my house and half of them may or may not be using the internet and I wanna see how many people are online, this is what I would do in that instance or if you you know if you want to check how many machines offer a certain service, or what the IP address is that you need to use to access a certain service on another machine, this would help you figure that out. So, thank you guys for watching this video, I will see you guys again soon.
Hey guys, welcome back. This is the last video in the networking module. I just want to give you guys the tools you need to further your knowledge of networking in general, and how networking tasks would be performed on Linux. So, there is one more tool that I want to introduce you guys to called “nmap” So, nmap is an abbreviation for the term network mapper, and it’s an open source tool that can tell you what devices are on the network, what IP addresses are in use, and what services each machine is offering. So, let’s go ahead we need to install the tools so let’s run “sudo apt-get install nmap” and it’s going to download about 3 megabytes of data and it’s going to expand to 18 megabytes. Alright, now that this is installed the way we’re going to use this is by simply typing and “nmap” and then we can do a bunch of things after this. So, the first thing we’re gonna cover is how to scan specific IP address, so I wanna get the IP address that I have so I’m gonna run “ifconfig” So, “nmap 192.168.0.100 and we can see what ports are open, well we can see what ports are available, their state, and then also the service that they provide by name. So, I have Apache installed on this machine, you guys should have it installed on yours as well, if you went through the Apache videos and so you should see the same
thing here. And so the port is 80, the state is opened because we’ve got we’ve got Apache running right now, it automatically runs when start up the machine, and the service that the port provides is http. So, if I were also running an SSH server on this machine you would see another entry in this list for port 22, it would say state open, and service SSH or something to that effect. Now, if we want more information we can run “nmap -v” then the IP address again, so “192.168.0.100” “-v” means verbose and what verbos mode does in most applications is it also, aside from the regular output, it also gives you more direction on what’s happening in the application or provides more information than you would normally get, so in this instance we see that it’s doing a bunch of scans. It scans the IP address then for 1,000 ports and it finds all these ports that are open, and then also finds a bunch of a bunch of closed ports listed here, closed ports, and it it gives us the same output as before. So, that’s neat, I only have one device on my network actually except for my router. Now, my router I believe is 192.168.0.1 So, that is the IP address for my router, so what we can do is scan multiple IP addresses at a time in multiple ways. So, the first way that we’re gonna do is by specifying each IP address. So, let’s go ahead and run “nmap 192.168.0.” and then we’re going to add the last values in here separated by comma. So, first I’m going to scan my machine as well as the router and if I had a network address of 192.168.0.10 I could also do that, but I don’t so I’m not going to. Now, what we see here would be my router. We can see this is the IP address for it and this is what services it offers on which ports, and then we get my machine right here that provides the same output as it does before but this is how it would output multiple machines scan results. Now, you can also scan a range of IP address. So, let’s go ahead and run nmap command again 192.168.0.1-100 this is gonna go from 1 all the way to a 100 and it’s gonna scan all IP addresses within that range, so if I had a bunch of machines on my network, which I actually do I have my phone on that network as well, and that’s it actually so I’ve my router, my computer, and my phone. My phone is not coming up so I’m not doing anything on my computer right at the moment, I’m just checking what IP address I have on my phone here, if I can find out how. Ok, so the IP address on my phone is .101, so I’m what gonna do is run the previous command and just have it scan from 1-101. We should see three machines come up, I don’t think my phone has any services or open ports that it would list, but let’s have a look here. And when you scan multiple IP addresses the more you ,the longer it takes. Okay, so there’s nothing available from my phone coming up. Now, you can also scan, so when we talked about IP addresses we discovered that you can use anything from 0 to 255. So, if I were to want to scan all IP addresses that begin with 192.168.0, I could then put this in here, right, but rather than doing that we can actually use a wild card here. And, I’m actually gonna cancel this because it’s gonna take a while.