[cs615asa] HW1

Jan Schaumann jschauma at stevens.edu
Sat Feb 7 00:48:40 EST 2015 

Hello,

I've just sent out grades for HW1.  If you have submitted HW1 and did
not receive a grade, please let me know ASAP.

A few general notes, in no particular order:

A few of you have created AWS credential files (certificate, key, or ssh
keys) on linux-lab that are readable by other users.  That means that
anybody else on the system can use them to access _your_ AWS account and
(ab)use your credit card there.  You want to review those permissions
and ensure that you're the only user who has access to these files.


Many of you noted that in order for you to be able to ssh to the
instance, you'll have to open up the necessary firewall rules.  Many of
you then issued the following command:

ec2-authorize <some group> -P tcp -p 22 -s 0.0.0.0/0

Please review whether or not that is the best option and if you can
tighten this up.  We will talk about security a lot in this class, and
you want to follow what is known as the Principle of Least Privilege and
only allow what is absolutely necessary.  How can you allow any system
from Stevens access via SSH, but not anybody from anywhere?


Some of you also went on to open access to port 80.  Why?


Many of you followed some of the online guides I had linked in the
assignment to the letter, creating a keypair named "pstam-keypair".
What does "pstam" stand for here?

When reading online guides, it's crucial that you do not just blindly
follow them and copy and paste commands you do not understand, but
instead read them, understand them, and then change them as needed.


When trying to identify the partition table on OmniOS, many of you ran a
command that produced output that looked like this:

/dev/dsk/c1t2048d0s2 is part of active ZFS pool syspool. Please see
zpool(1M).

What does that mean?  Did you look up the referenced command?

Unix tools do not print such messages just for the fun of it -- you
should always strive to understand all output from the commands you run.


When trying to identify the partition table on Linux, many of you ran
the command 'fdisk -l', which then produced output indicating that no
valid partition table could be found.  Is that expected?  Does that make
sense?


Many of you created and HTML document that garbled the output of the
commands.  That is, the formatting was not preserved.  At the same time,
your HTML often times included formatting that suggested that it was
generated from some other program, perhaps a word processing program.

You may recall that I noted that all work is to be done on linux-lab.  I
want you to use a Unix editor to create your documents.  Please do so.


In general, all assignments will require you to do some decisions on
your own and to be able to justify those decisions as well as to
understand the methods by which you solved them.  Running commands
requires you to understand what they do and what the output means.
Please reference the manual pages of the commands in question.

-Jan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 478 bytes
Desc: not available
URL: <http://lists.stevens.edu/pipermail/cs615asa/attachments/20150207/c96268b2/attachment.sig>

More information about the cs615asa mailing list