The presentation focuses on main differences between Linux and Windows Operation Systems. It explains basic system architecture, introduces the most important commands
for IT audit and gives overall prospective of Linux systems audit. It is also an opportunity to interact with an auditor, who has a real-world experience as systems engineer and has a
prospective of an audit process from both sides.
Speakers: Gene Kartavtsev, CISA, PCIP, ISA
What is Linux?
Command-line Interface, Shell & BASH
Popular commands
File Permissions and Owners
Installing programs
Piping and Scripting
Variables
Common applications in bioinformatics
Conclusion
What is Linux?
Command-line Interface, Shell & BASH
Popular commands
File Permissions and Owners
Installing programs
Piping and Scripting
Variables
Common applications in bioinformatics
Conclusion
This ppt gives information about:
1. Administering the server
2. Correcting installation problems
3. Setting up user accounts
4. Connecting to the network
5. Configuring utilities
Learn how to use Linux, even if you’re a die-hard Windows user! There’s no question that Linux has taken over the enterprise, and paves the way for disruptive innovations in software. Join us for an informal session where we’ll introduce you to the benefits of developing on a Linux platform and show you some basic usage fundamentals, so that you can get started with Linux today.
This ppt contains basic commands of UNIX operating system. This ppt is prepared by Dr. Rajiv Srivastava who is a director of SIRT, Bhopal which is a Best Engineering College in Central. India
It is an overview about the Linux operating system and more beneficial to the students of BSCIT and BSCCS and other computerr related courses. It will provide you all the main points of about Linux in short and sweet language.
Linux is a family of open-source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically packaged in a Linux distribution.
in this presentation, we will show you a short description of the Linux/Unix.
I hope you guys enjoy it.
----------------------------------------------------------------------------------------------------
Who Saurabh Upadhyay?
Experienced Technical Support Engineer with a demonstrated history of 2 years working in the Technical field.
Have hands-on experience in System Support, Remote Support, Network Support. Strong engineering professional with a Bachelor of Technology (B.Tech.) majoring in Computer Science and Engineering from Dr.APJ Abdul Kalam Technical University.
This ppt gives information about:
1. Administering the server
2. Correcting installation problems
3. Setting up user accounts
4. Connecting to the network
5. Configuring utilities
Learn how to use Linux, even if you’re a die-hard Windows user! There’s no question that Linux has taken over the enterprise, and paves the way for disruptive innovations in software. Join us for an informal session where we’ll introduce you to the benefits of developing on a Linux platform and show you some basic usage fundamentals, so that you can get started with Linux today.
This ppt contains basic commands of UNIX operating system. This ppt is prepared by Dr. Rajiv Srivastava who is a director of SIRT, Bhopal which is a Best Engineering College in Central. India
It is an overview about the Linux operating system and more beneficial to the students of BSCIT and BSCCS and other computerr related courses. It will provide you all the main points of about Linux in short and sweet language.
Linux is a family of open-source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically packaged in a Linux distribution.
in this presentation, we will show you a short description of the Linux/Unix.
I hope you guys enjoy it.
----------------------------------------------------------------------------------------------------
Who Saurabh Upadhyay?
Experienced Technical Support Engineer with a demonstrated history of 2 years working in the Technical field.
Have hands-on experience in System Support, Remote Support, Network Support. Strong engineering professional with a Bachelor of Technology (B.Tech.) majoring in Computer Science and Engineering from Dr.APJ Abdul Kalam Technical University.
In February, 2016 I had the privilege of working with employees of STARR Computers on a course to orient them to Linux. The course was delivered over a series of 90-120 minute sessions. It was designed so that
This is a compilation of the slides which were used. There were some other resources which were shared. There were practice exercises which were designed to reinforce some concepts.
Check http://churchroadman.blogspot.com/2016/04/basic-orientation-to-linux-course.html for some other details.
Linux administration classes in mumbai
best Linux administration classes in mumbai with job assistance.
our features are:
expert guidance by it industry professionals
lowest fees of 5000
practical exposure to handle projects
well equiped lab
after course resume writing guidance
Linux has become integral part of Embedded systems. This three part presentation gives deeper perspective of Linux from system programming perspective. Stating with basics of Linux it goes on till advanced aspects like thread and IPC programming.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Welocme to ViralQR, your best QR code generator.ViralQR
Welcome to ViralQR, your best QR code generator available on the market!
At ViralQR, we design static and dynamic QR codes. Our mission is to make business operations easier and customer engagement more powerful through the use of QR technology. Be it a small-scale business or a huge enterprise, our easy-to-use platform provides multiple choices that can be tailored according to your company's branding and marketing strategies.
Our Vision
We are here to make the process of creating QR codes easy and smooth, thus enhancing customer interaction and making business more fluid. We very strongly believe in the ability of QR codes to change the world for businesses in their interaction with customers and are set on making that technology accessible and usable far and wide.
Our Achievements
Ever since its inception, we have successfully served many clients by offering QR codes in their marketing, service delivery, and collection of feedback across various industries. Our platform has been recognized for its ease of use and amazing features, which helped a business to make QR codes.
Our Services
At ViralQR, here is a comprehensive suite of services that caters to your very needs:
Static QR Codes: Create free static QR codes. These QR codes are able to store significant information such as URLs, vCards, plain text, emails and SMS, Wi-Fi credentials, and Bitcoin addresses.
Dynamic QR codes: These also have all the advanced features but are subscription-based. They can directly link to PDF files, images, micro-landing pages, social accounts, review forms, business pages, and applications. In addition, they can be branded with CTAs, frames, patterns, colors, and logos to enhance your branding.
Pricing and Packages
Additionally, there is a 14-day free offer to ViralQR, which is an exceptional opportunity for new users to take a feel of this platform. One can easily subscribe from there and experience the full dynamic of using QR codes. The subscription plans are not only meant for business; they are priced very flexibly so that literally every business could afford to benefit from our service.
Why choose us?
ViralQR will provide services for marketing, advertising, catering, retail, and the like. The QR codes can be posted on fliers, packaging, merchandise, and banners, as well as to substitute for cash and cards in a restaurant or coffee shop. With QR codes integrated into your business, improve customer engagement and streamline operations.
Comprehensive Analytics
Subscribers of ViralQR receive detailed analytics and tracking tools in light of having a view of the core values of QR code performance. Our analytics dashboard shows aggregate views and unique views, as well as detailed information about each impression, including time, device, browser, and estimated location by city and country.
So, thank you for choosing ViralQR; we have an offer of nothing but the best in terms of QR code services to meet business diversity!
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
11. LINUX FACTS
• Linux is not an OS, but it is the kernel, GNU Linux is the OS and it comes
in over 300 flavors.
• Linux Kernel was written by a 21 year finish college student as a part of
his hobby
• Linux is 26 years old
• Linux is running on all 500 of the TOP500 supercomputers in the world.
• Android Operating System is based off of Linux
• Oscar-winning visual effects of the Titanic by James Cameron came
from machines with Linux and Avatar was completely developed in 3D
Applications on Linux platform.
• Linux is everywhere…
12. PLACES LINUX IS RUNNING
USA
• U.S. Department of Defense
• U.S. Navy Submarine Fleet
• U.S. Postal Service
• U.S. Federal Courts
• Traffic control of San Francisco
• New York Stock Exchange
• Amazon, Google, Wikipedia
OTHER COUNTRIES
• The City of Munich, Germany
• French Parliament
• State-Owned Industrial and
Commercial Bank of China
• Government of Mexico City
• Czech Post
• Russian, Switzerland Schools
• German Universities
13. LINUX STANDARD BASE
The Linux Standard Base (LSB) is a joint project by several Linux distributions under the
organizational structure of the Linux Foundation to standardize the software system structure,
including the file system hierarchy used in the Linux operating system.
14. LINUX PROS AND CONS
PROS
• Easy to install
• It is free
• It is stable
• Intelligent architecture
• Many distributions available
• Security
CONS
• Not too “user friendly”
• Does not have dedicated support
• Might not support a hardware
• Desktop applications might not be
available
• Learning curve is required
16. RUNLEVELS
A runlevel is one of the modes that a Unix -based operating system will run in.
Each runlevel has a certain number of services stopped or started, giving the user control over the
behavior of the machine. Conventionally, seven runlevels exist, numbered from zero to six.
Runlevel Mode Action
0 Halt Shuts down system
1 – “safe mode” Single-User Mode
Does not configure network
interfaces, start daemons, or
allow non-root logins
2 -”often no used”
Multi-User Mode
Does not configure network
interfaces or start daemons.
3 – “server” Multi-User Mode with Networking Starts the system normally.
4-”often no used” Undefined Not used/User-definable
5 – “desktop” X11
As runlevel 3 + display
manager(X) – Desktop
environment
6- “reboot” Reboot Reboots the system
Init (short for initialization) is the program on Unix and Unix-like systems that spawns all other processes. It runs as a
daemon and typically has PID 1
Example: init 6 - will reboot the machine
17. LINUX FILE SYSTEM
Shareable Unshareable
Static /usr
/opt
/etc
/boot
Variable /var/mail
/var/spool/news
/var/run
/var/lock
FHS - Filesystem Hierarchy Standard - defines the directory structure and directory
contents in Linux distributions. It is maintained by the Linux Foundation. In the FHS,
all files and directories appear under the root directory /
18. LINUX FILE SYSTEM
Directory Description Windows equivalent
/ File structure root C:
bin System command binaries (executables) and shells
(command prompt). Used to bring the system up
C:Windowssystem32
boot Files necessary to boot the system ntldr, ntdetect.com, boot.ini
dev Files that communicate with hardware (device drivers) C:WindowsSystem32Drivers
etc Etc[etera] - Critical system configuration files ( *.ini , registry) C:WindowsSystem32Drivers, regedit
home Home directories for users C:Users
lib Essential shared libraries and kernel modules *.dll, *.ocx files
mnt Mount point for mounting a file system temporarily. It can be
used for remotely located file system
D:CDROM, server
Map Network Drive
opt Optional application software packages C:WindowsProgam Files"Program Name (Ex.
Fonts)
root Home directory for special user root (system administrator) C:UsersAdministrator
sbin Essential system binaries only for root (system administrator) .msc, Microsoft Management Console
tmp Temporary files %TEMP%
usr User binaries, including programs , games, etc. C:Program files
var Variable data . Ex. Email, print jobs, logs, etc.. %AppData%, %SystemRoot%, C:Windows Logs,
C:WindowsSystem32config (Event Viewer files)
19. PERMISSIONS - rwx rwx rwx
PERMISSION TYPES
R-Read (4), W-Write (2), X-Execute (1)
0 – Nothing
1- x
2 – w
4 – r
3 – wx = 1+2
5 – rx = 4+1
6 – rw = 4+2
7 – rwx = 4+2+1
USERS & GROUPS
[---] - Owner, [---] - Group, [---] - All users
• owner - The Owner permissions apply only
the owner of the file or directory, they will
not impact the actions of other users.
• group - The Group permissions apply only
to the group that has been assigned to the
file or directory, they will not effect the
actions of other users.
• all users - The All Users permissions apply to
all other users on the system, this is the
permission group that you want to watch
the most.
ls –lah lists folder content in long format. –l - long listing format, -a – all files, h - human-readable
Example: ls –lah /home/user
-rw------- 1 gene gene 2.4K Dec 10 22:03 .bash_history
21. ROOT AND SUDO
ROOT (SU–SUPER[SWITCH] USER)
• Has unlimited privileges
• Has only one password
• Can make a damage to the
system without warning
• Username is always known to bad
guys
• Has only super user role
SUDO (SUPER USER DO)
• Minimizes root privileges
• Root password is not shared or
used
• Prompts for password for every
major step
• Easier “undo” as it logs every step
• Easier admin role transfer
• Authentication timeout
su – switches to root account
su user switches to a user account ,
-c command – will run a command as a user
sudo command – prompts for user password and confirms a
request to execute a command
The sudo command makes it easier to practice the principle
of least privilege
22. LINUX COMMANDS
Task Linux Windows
Information about system uname - a winver
Current date and time date date /t , time /t
Clear screen clear cls
Compare files diff fc
Find a string in a file grep find
View a file less more
Display location in a file
system
pwd chdir
List files in a directory Ls -la dir
Find IP ifconfig ipconfig
See System information lscpu systeminfo
See file system usage df -aTh Disk Manager, net use
See running processes ps –ef tasklist
See command description whatis <command> help
See environmental variables env set
See what user is logged in whoami whoami
See network protocols in use netstat netstat
23. LINUX FUN
• Killing Daemons
• Avoiding Zombies
• Fortune Telling
• Finding Jokes
• Saying “Thank you !”
25. LINUX – Know before the audit
• Linux is not going out of business
• Linux is an intelilgent Operating System
• Linux follows standards
• Linux administration is a culture
• Linux audit can be easily automated
26. LINUX AUDIT CHALLENGES
TOP 5 SYSADMIN’S COMPLAINTS ABOUT AUDIT
• You're vague: Please do your homework
before making request
• You make urgent, last-minute requests:
Please let me know about your request in
advance
• You waste your sysadmin's time: Please let
me know about everything you need at
once
• You abuse your rights: Running an
application as root isn't a fix
• You take your sysadmin for granted: Not
getting the slightest recognition when
everything works, but being excessively
blamed when something fails
27. LINUX AUDIT - “Secrets”
• Develop a relationship with Linux admin before the
audit
• Establish credibility with Linux admin
• Communicate the Audit process
• Scope
• Timeline
• Deliverables
• Be current
• Don’t be afraid to be a geek
29. LINUX AUDIT - What should we look at?
/etc - Primary system configuration directory
/home/$USER - User data and user configuration
information
/var/log - Security logs, application logs, etc.
30. LINUX AUDIT - Basic system profiling
Linux distribution name and version
/etc/*-release
Computer name
/etc/hostname
IP Address(es)
/etc/hosts
/var/lib/dhclient
31. LINUX AUDIT - User accounts
Basic user data
/etc/passwd
Group membership
/etc/group
Admin users
/etc/sudoers
/etc/passwd (UID 0 account has admin privileges)
32. LINUX AUDIT - User login history
User, time, login durations
/var/log/wtmp (use last command)
Other logs
/var/log/auth.log
/var/log/sudo.log
Commands
last, lastlog, w, who
33. LINUX AUDIT – No place like $HOME
User files
/home/<user>
/root
Important user files
$HOME/.* - (Hidden files/directories start with “.”)
$HOME/.bash_history - commands history
$HOME/.ssh – remote access information
35. RESOURCES TO LEARN LINUX
GENERAL
• LinuxCommand.org
• The Linux System Administrator's
Guide
• GNU Operating System
• More… 12 Resources to Learn
Linux
SECURITY AND AUDIT
• SANS Pen Testing
• LinuxSecurity.com
• Linux-Audit.com
• Linuxtopia.org
37. ABOUT SPEAKER
Gene Kartavtsev, CISA, PCIP
Gene has 20 years of Information Technology experience, which includes IT audit, security,
architecture, engineering and support.
Prior to focusing on IT Governance, Risk and Compliance, Gene worked at several global financial
services and Media companies, including Bloomberg L.P and Thomson Reuters, where he sharpened
his skills in information systems engineering and architecture. He participated in thousands of
complex IT implementations and was often involved in solving technology challenges vital to the
success of the core business.
In 2012 while working at JetBlue on a PCI controls implementation project, Gene discovered the
interesting world of IT compliance. (Maybe insert something here about what you liked about IT
compliance)
Later, after moving from New York to Minnesota Gene followed his passion in IT Risk Management
and Compliance and has held several roles that have required a combination of technical expertise
and knowledge of the latest IT regulations. Gene has rounded out his practical knowledge with
CISA, PCIP, and ISA certifications.
Gene recently joined Express Scripts, where he enjoys working with the challenges of applying
multiple IT regulatory standards to many areas of large company operations.
Other interests include spending time with the family, traveling and bicycle randonneuring - a long-
distance, unsupported, noncompetitive cycling within prescribed time limits.
LinkedIn: https://www.linkedin.com/in/gkartavtsev
Email: gkartavtsev@gmail.com