| *** mulbah07 has quit (Remote host closed the connection) | 01:57 | |
| *** mulbah07 has quit (Remote host closed the connection) | 03:03 | |
| ubuntourist | ACTION tries to open his eyes while waiting for the caffeine to kick in... | 13:29 |
|---|---|---|
| ubuntourist | Good day mulbah07. How goes your recovery and general health? | 13:30 |
| mulbah07 | sure Mr. Cole | 13:34 |
| ubuntourist | Are you recovered from your recent illness? | 13:34 |
| mulbah07 | Yeah Mr. Cole | 13:35 |
| ubuntourist | I confess I still have not been reading as much as I should and don't have any specific tasks or challenges. But... | 13:36 |
| ubuntourist | ... I do have one idea: | 13:36 |
| ubuntourist | There is a "game" designed for systems administors and computer security people called "Capture the Flag". | 13:37 |
| ubuntourist | It is sometimes abbreviated as "CtF". The name comes from a children's game with the same name. | 13:38 |
| ubuntourist | In the computer security version, you are presented with a virtual machine that you must break into. | 13:39 |
| ubuntourist | After you successfully break into a machine, you break into another, and another. Each virual machine has better and better | 13:40 |
| ubuntourist | security, making it harder and harder to break into. | 13:40 |
| ubuntourist | It's done via the web and one popular site for the games is | 13:41 |
| ubuntourist | https://overthewire.org/wargames/ | 13:41 |
| ubuntourist | In the US, some hackers make these events group parties. People bring a bit of snacks and drinks, and solve these puzzles | 13:43 |
| ubuntourist | together. | 13:43 |
| ubuntourist | ACTION is done | 13:43 |
| mulbah07 | I'm trying to read on the link | 13:46 |
| mulbah07 | so that is a game for linux sysadmin | 13:48 |
| ubuntourist | Well, it is for anyone interested in keeping their servers secure. That person is often the sysdadmin. | 13:49 |
| mulbah07 | oh okay | 13:50 |
| ubuntourist | It also teaches diagnostic skill: Players are presented with puzzles and have to do a bit of research to figure out how to solve them. | 13:51 |
| ubuntourist | I have only played the first game "Bandit". | 13:51 |
| ubuntourist | So, any questions for me or things that you would like to demonstrate? | 13:53 |
| mulbah07 | you side you haven't been reading the book | 13:54 |
| ubuntourist | Yeah. I am a bad student. 😉 | 13:55 |
| ubuntourist | My hope was that, whenever you had specific questions I would be able to either | 13:56 |
| ubuntourist | answer directly or flip open the book and skim quickly and then answer. | 13:57 |
| mulbah07 | oh okay | 13:57 |
| ubuntourist | A lot of what is in the book is designed to give you an intuition and instinct for the way everything | 13:57 |
| ubuntourist | works. You won't be needing all 900 pages every day. That is why I have forgotten | 13:58 |
| ubuntourist | much of what is in the book: Some of it is very rarely needed. Either you set up something correctly, | 13:59 |
| ubuntourist | and leave it alone for years at a time, or, there is some sudden crisis that you need to resolve, and you resolve it. | 14:00 |
| mulbah07 | can we go over chapter 10 Administering users and groups | 14:00 |
| ubuntourist | Talk to your fellow co-op members a lot to see what things they might want to have on the server. | 14:00 |
| ubuntourist | OK. Sure. I'm pretty comfortable with administering users and groups/ Ask away! | 14:01 |
| ubuntourist | ACTION waits | 14:06 |
| mulbah07 | I want to understand how PAM (Pluggable Authentication Modules) integrates with user management, and what are the best practices for securing PAM configuration files | 14:07 |
| ubuntourist | Wow! I haven't used PAM in decades! Let me do a quick skim... | 14:09 |
| ubuntourist | If I recall correctly, pam is used to set limits on what users or groups of users can do. | 14:10 |
| ubuntourist | For example, you may want to limit the amount of memory that can be manipulated by some users. | 14:11 |
| ubuntourist | The idea is that each user has a means of proving that they are allowed to do something. They are "authenticated" and authorized | 14:14 |
| ubuntourist | in ways that grant permissions to do some functions, but not others. It also sets policies for what is required to authenticate. | 14:15 |
| ubuntourist | For example, rules about password length and what characters must be in a password. | 14:16 |
| ubuntourist | Securing the PAM files? Well, usually the initial installation does a pretty good job, by setting | 14:18 |
| ubuntourist | the ownership and permissions of the files. | 14:18 |
| ubuntourist | As with most files in /etc/ the files are owned by root, | 14:21 |
| ubuntourist | and readable by all users, but only root can write to them. | 14:21 |
| ubuntourist | If you have not already done so, you could look ahead to Chapter 16 for the PAM stuff | 14:25 |
| ubuntourist | and then come back to Chapter 10. | 14:25 |
| ubuntourist | Also talk with Jeff and your current sysadmin -- whoever is maintaining your public Jetro Web Development site: | 14:26 |
| mulbah07 | alright | 14:27 |
| ubuntourist | If it will not cost too much, you might be able to set up a virtual machine that other members of your team can access. | 14:27 |
| ubuntourist | That way, they can try to break stuff that you need to fix, or they can say to you "Hey, Mr. SysAdmin, can you add this feature to our system?" | 14:28 |
| ubuntourist | You DON'T want to do that on the REAL site, because if you break it you've ruined the business. | 14:28 |
| ubuntourist | But if there is somewhere that you can set up a test site that everyone on the team can fool with, it woud be nice. | 14:29 |
| ubuntourist | It does not even need to be on the internet. It could be a computer at the school or wherever you meet together. | 14:30 |
| ubuntourist | A computer that everyone can access at any time is all you need. | 14:30 |
| ubuntourist | And everyone needs to know that you're experimenting with it: They should not expect to keep files there forever. | 14:32 |
| ubuntourist | They should back up anything they want to keep because tomorrow you might wipe the system and install a new distribution. | 14:32 |
| ubuntourist | ACTION is done | 14:33 |
| ubuntourist | ACTION needs to step away for a minute | 14:37 |
| mulbah07 | alright | 14:37 |
| ubuntourist | ACTION is back | 14:42 |
| ubuntourist | I don't know if I'm helping much. Did you have more specific questions? | 14:43 |
| ubuntourist | I guess not. So, see you next week. | 14:48 |
| *** ubuntourist has quit (Quit: Leaving) | 14:48 | |
| *** mulbah07 has quit (Remote host closed the connection) | 15:24 | |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!