This shows you the differences between two versions of the page.
isc:labs:01 [2021/03/08 09:43] mihai.chiroiu [Preparation] |
isc:labs:01 [2024/03/03 13:05] (current) vlad_iulius.nastase [Preparation] |
||
---|---|---|---|
Line 11: | Line 11: | ||
===== Preparation ===== | ===== Preparation ===== | ||
- | You will solve this lab inside a virtual machine on [[https://cloud-controller.grid.pub.ro|openstack]]: | + | You may use the UPB's [[https://cloud.grid.pub.ro|OpenStack cloud to instantiate a Virtual Machine]] to be used for this lab! |
+ | [[:isc:info:virtualmachine|Read these instructions if you wanna know how!]]. | ||
+ | |||
+ | <hidden> | ||
- Log in with your LDAP credentials | - Log in with your LDAP credentials | ||
- Create a RSA key pair on //fep.grid.pub.ro// (ssh LDAP-USERNAME@fep.grid.pub.ro; ssh-keygen -t rsa -b 4096 -C "your_email@example.com") | - Create a RSA key pair on //fep.grid.pub.ro// (ssh LDAP-USERNAME@fep.grid.pub.ro; ssh-keygen -t rsa -b 4096 -C "your_email@example.com") | ||
Line 21: | Line 24: | ||
* Flavor: m1.small | * Flavor: m1.small | ||
* Instance Boot Source: Boot from image | * Instance Boot Source: Boot from image | ||
- | * Image Name: ISC 2020 | + | * Source (Image): ISC 2022 |
+ | * Network: vlan9 | ||
* Key Pair: the one you just added | * Key Pair: the one you just added | ||
* **NOTE:** if you have //only one// key pair configured, it will be chosen by default; otherwise, make sure you don't skip this step | * **NOTE:** if you have //only one// key pair configured, it will be chosen by default; otherwise, make sure you don't skip this step | ||
- From the fep console (ssh) login into the newly created VM (ssh student@VM-IP) | - From the fep console (ssh) login into the newly created VM (ssh student@VM-IP) | ||
+ | |||
+ | </hidden> | ||
{{page>:isc:rec&nofooter&noeditbutton}} | {{page>:isc:rec&nofooter&noeditbutton}} | ||
Line 103: | Line 109: | ||
* Statically compile the program (but keep a copy of the old, shared executable). | * Statically compile the program (but keep a copy of the old, shared executable). | ||
* **Hint:** curl-config %%--%%static-libs | * **Hint:** curl-config %%--%%static-libs | ||
- | * **Hint:** Note that you'll need even more development libraries: libidn11-dev librtmp-dev libssl-dev libidn11-dev librtmp-dev libssl-dev libcrypto++-dev libkrb5-dev libldap2-dev libnghttp2-dev libpsl-dev | + | * **Hint:** Note that you'll need even more development libraries: libidn11-dev librtmp-dev libssl-dev libcrypto++-dev libkrb5-dev libldap2-dev libnghttp2-dev libpsl-dev libssh-dev libzstd-dev libbrotli-dev |
* **Hint:** Getting a pthread-related linker error? Try //-lpthread// at the end of the gcc command! | * **Hint:** Getting a pthread-related linker error? Try //-lpthread// at the end of the gcc command! | ||
* Check the size difference. What does it mean? | * Check the size difference. What does it mean? | ||
Line 133: | Line 139: | ||
</solution> | </solution> | ||
- | ==== 10. [10p]Logging & Auditing ==== | ||
- | |||
- | * Write an **iptables** rule that logs all the traffic generated by curl. | ||
- | |||
- | <solution -hidden> | ||
- | <code bash> | ||
- | $ iptables -I OUTPUT 1 -p tcp --dport 80 -j LOG --log-prefix " iptables_logs: " --log-level 7 | ||
- | |||
- | $ grep "iptables_logs: " /var/log/kern.log | ||
- | </code> | ||
- | </solution> | ||
===== Feedback ===== | ===== Feedback ===== | ||
{{page>:isc:lab-feedback&nofooter&noeditbutton}} | {{page>:isc:lab-feedback&nofooter&noeditbutton}} |