CDT507 - Computer Forensics

and Cyber Security

PREPARING THE LINUX HOST

Joram Kinuthia
University of Nairobi

Lecture 2
 Recap
2

 Course resources
 Intro to digital forensics
 Digital forensic analysis goals
 Digital forensic process
 Open source tools
 Artifacts
 Lab work

10 September 2020
 Outline
3

 Preparing the Linux Host

 Ubuntu over view

10 September 2020
 Linux Command line
4

 cd changes directories. “cd ..” goes up a directory, “cd /”

goes to the top of the directory structure, and “cd ~” goes
to your home directory.
 ls lists the contents of a directory (equivalent to “dir” in a
Windows command prompt). “ls” will list the current
directory, and “ls –1” will provide a verbose listing.
 pwd will print the current directory you are in, in case
you get lost.
 mkdir will create a new directory
 cp will copy a file. “cp –r” will copy a directory and all
items in the subdirectory.
 mv will rename (or, move) a file or directory

10 September 2020
 Linux Command line
5

 rm will delete (or, remove) a file. “rm –r” is required to

delete a directory (and all its subdirectories!)
 cat will dump the contents of a file to the screen. Long
files can be viewed a page at a time using less or more.
 The pipe character “|” is used to chain the output from
one command to the input of the next.
 The greater than sign “>” is used to send the output to a
named file instead of the screen.
 Double arrows “>>” append the output instead of
overwriting.
 Finally, man and info can be used to get usage
information for any command.

10 September 2020
Linux File System
6

10 September 2020
 Extracting Software
7

 Linux source code is usually distributed in

compressed archives known as tarballs.
 To extract these we will use the tar command along
with a handful of flags.
 To extract tarballs with tgz or tar.gz extensions
(GZippped tarballs), use the
 tar xzf {filename}
 To extract tarballs with tbz, tbz2, tar.bz2, or tar.bz
extensions (BZipped tarballs),
 tar xjf {filename}

10 September 2020
 Installing Software
8

 Install from the internet repositories

 sudo apt-get

 Also, can compile from source “building a system”

 ./configure

 make

 (sudo) make install

10 September 2020
 Version Control Systems
9

 These services enable tracking of code changes among a

distributed group of participants.
 Version control systems offer many capabilities geared
toward ensuring clean and easy collaboration on
development;
 For our use, we will only be “checking out” code—
retrieving a copy of the source code from the repository.
 The end result will be a directory tree of code similar to
what we would have after extracting a tarball.

10 September 2020
 Installing Interpreters
10

 In addition to compiling executable code, we will

need to be able to execute programs written in
interpreted languages.
 To do so, we will need to install the appropriate
interpreters—Perl, Python, and Ruby. On most Linux
distributions the Perl and

10 September 2020
 Lab work
11

• Lab work – Install build-essential on your laptop (refer chapter 2 in course

text)
• Make short notes on popular open source version control systems e.g. git,
subversion, etc
•Lab work – Install Perl, Python and Ruby
•Install webmin

10 September 2020