Linux Basics for Hackers

Download 1,43 Mb.

bet	11/18
Sana	22.08.2022
Hajmi	1,43 Mb.
	#847523

1 ... 7 8 9 10 11 12 13 14 ... 18

Bog'liq
(2)Linux Basics For Aspiring Hackers 2018

Summary

Checking for Errors

The fsck command (short for filesystem check) checks the filesystem for errors and repairs the damage, if possible, or else puts the bad area into a bad blocks table to mark it as bad. To run the fsck command, you need to specify the filesystem type (the default is ext2) and the device file to check. It’s important to note that you must unmount the drive before running a filesystem check. If you fail to unmount the mounted device, you will receive the error message shown in Listing 10-5.

kali >fsck
fsck from util-linux 2.20.1 e2fsck 1.42.5 (29-Jul-2012) /dev/sda1 is mounted e2fsck: Cannot continue, aborting.

Listing 10-5: Trying (and failing) to run an error check on a mounted drive
So, the first step when performing a filesystem check is to unmount the device. In this case, I will unmount my flash drive to do a filesystem check:

kali >umount /dev/sdb1

I can add the -p option to have fsck automatically repair any problems with the device, like so:

kali >fsck -p /dev/sdb1

With the device unmounted, I can now check for any bad sectors or other problems with the device, as follows:

kali >fsck -p /dev/sdb1 fsck from util-linux 2.30.2
exfatfsck 1.2.7
Checking file system on /dev/sdb1.
File system version 1.0
Sector size 512 bytes
Cluster size 32 KB
Volume size 7648 MB
Used space 1265 MB
Available space 6383 MB Totally 20 directories and 111 files.
File system checking finished. No errors found.

Summary

Understanding how Linux designates and manages its devices is crucial for any Linux user and hacker. Hackers will need to know what devices are attached to a system and how much space is available. Because storage devices often develop errors, we can check and repair those errors with fsck. The dd command is capable of making a physical copy of a device, including any deleted files.
EXERCISES

Before you move on to Chapter 11, try out the skills you learned from this chapter by completing the following exercises:

Use the mount and umount commands to mount and unmount your flash drive.
Check the amount of disk space free on your primary hard drive.
Check for errors on your flash drive with fsck.
Use the dd command to copy the entire contents of one flash drive to another, including deleted files.
Use the lsblk command to determine basic characteristics of your block devices.

11
THE LOGGING SYSTEM

For any Linux user, it’s crucial to be knowledgeable in the use of the log files. Log files store information about events that occur when the operating system and applications are run, including any errors and security alerts. Your system will log information automatically based on the series of rules that I will show you how to configure in this chapter.
As a hacker, the log files can be a trail to your target’s activities and identity. But it can also be a trail to your own activities on someone else’s system. A hacker therefore needs to know what information they can gather, as well as what can be gathered about their own actions and methods in order to hide that evidence.
On the other side, anyone securing Linux systems needs to know how to manage the logging functions to determine whether a system has been attacked and then decipher what actually happened and who did it.
This chapter shows you how to examine and configure log files, as well as how to remove evidence of your activity and even disable logging altogether. First, we’ll look at the daemon that does the logging.

Download 1,43 Mb.

Do'stlaringiz bilan baham:

1 ... 7 8 9 10 11 12 13 14 ... 18