Thursday, 1 January 2009

ls Lists the files in a directory

The ‘ls’ command is used to list the files in a directory. This is similar to the Microsoft ‘dir’ command, but far more powerful. As all hardware, memory etc are treated as a file in *NIX, any device can be accessed as a file – if you know where it is and have the correct permissions.

ls –l
This is a command to list file entries using the 'long format'. This information is valuable. IT includes the file permissions, the size of the file, the file owner and group and it displays the time when the file was last modified. The last modified time is important to note as a change may quickly alter a vigilant system administrator to a change.

ls -a
This command option will list all files – even the hidden ones. In *NIX, a file is “hidden” similar to a Windows hidden file attribute through having a name that starts with a “.” Or full-stop.

ls -r
The “r” flag instructs the ‘ls’ command to display its output in reverse order.

ls –t
The “t” flag instructs the ‘ls’ command to display its output in order of the file timestamp. This allows you to quickly find all files that have been changed in a selected period.

Used together, these options can help you find all of the files in a directory that have been changed within the time that you have been logged into a host. For example, the command combination, ‘ls –altr | pg’ will output all of the files in the current directory in the order of timestamps starting with the most recently altered or added files and working to the oldest. Further, by piping the ‘pg’ (page) command to ‘ls’ you can see the output a single screen (page) at a time (rather than having this scroll past you faster than you can read it).

Wednesday, 31 December 2008

Current Issues with DNS

It has been a little later than I intended, but my DNS paper is complete and is listed on the SANS Reading room site.

http://www.sans.org/reading_room/whitepapers/dns/32988.php

The paper includes a survey of DNS systems on the internet with a scan of 5 million internet systems (randomly selected from the total IP address range). Of this, 281,743 systems had been found running a DNS server.

The versions discovered where analysed based on response details in a Random Forest and Perceptron based classifier I presented at SANS NS2008.

The big issue remains patching. Most systems are not anywhere close to being updated to a good state.

Monday, 29 December 2008

Part 3 - the final images from India

And here are the last of the images I have to post from India.


















Images of India at Night

And a couple images of Hyderabad at night.


Images from India - Part 2

Here are more pictures from Hyderabad, India where I recently presented at ICISS08. These are images of JNTU - the University where I presented the paper.












Here are more pictures from Hyderabad, India where I recently presented at ICISS08.

Images from India

The following is an anthology of images from Hyderabad.
There are many images, so there shall be a number of parts to this post.




















Now to part 2...