12-4e Capstone Projects

Module Review 12-4e Capstone Projects Note 12-11 Websites and applications change often. While the instructions given in these projects were accurate at the time of writing, you might need to adjust the steps or options according to later changes. Note to Instructors and Students: A rubric is provided for evaluating student performance on these projects. Please see Appendix D. Capstone Project 12-1 Use Syslog in Ubuntu Desktop  Estimated Time: 45 minutes  Objective: Explain common ports and protocols, their application, and encrypted alternatives. (Obj. 1.5)Explain best practices for safety when working with networks and computers  Resources:  Access to the same computer used to complete Capstone Project 2-1  Context: In this project, you will view and manipulate log file entries on a computer running the Linux operating system. Because Linux versions vary in the type of GUI application that allows you to open the system log, this exercise uses the CLI instead. For this exercise, you need a computer with a Linux operating system installed, such as the Ubuntu Desktop VM that you created in Module 2 , Capstone Project 2-1 . It need not be connected to a network, but for best results, it should be a computer that has been used in the past and not a fresh install. You must be logged on to the Linux computer as a user with administrator privileges. Complete the following steps:  1 Start your Ubuntu Desktop VM and open Terminal.  2 The syslog file contains information similar to that shown in Figure 12-39 . The first step in viewing your Linux computer’s system log is to find out where the file is located. Try each of these commands until you find the syslog file that contains information similar to that in Figure 12-39 :

Figure 12-39 Log files and their locations Source: Canonical Group Limited  3 The first part of the syslog file appears. In this part of the file, you should see a list of log types and their locations, similar to the listing shown in Figure 12-39 . (If you don’t see the listing in this part of the file, press the Enter or Spacebar key until you do see it.)  4 Write down the location and filename of the file that logs all events, as indicated by *.* in the first column. (For example, it might be /var/log/syslog or /var/adm/messages.)  5 Press the Spacebar enough times to view the entire log configuration file and return to the shell prompt.  6 Now that you know the name and location of your system log, you can view its messages. At the shell prompt, enter one of the following commands, depending on your log file’s location:  If your log file is at /var/log/syslog, enter tail /var/log/syslog

(see Figure 12-40 ). If you find a larger, older log file, repeat Step 10 using this log file’s name. How do the results differ? Figure 12-40 Several older syslog files are listed Source: Canonical Group Limited  13 Close the Terminal session window and power off your Ubuntu VM. Make some notes on your Wikidot website about your activities for this project. Capstone Project 12-2 Manage Log Files in Ubuntu Server  Estimated Time: 30 minutes  Objective: Given a scenario, use the appropriate statistics and sensors to ensure network availability. (Obj. 3.1)Work with MAC addresses  Resources:  Access to the same computer used to complete Capstone Project 3-1  Context: Oftentimes it seems that working with Linux operating systems is like driving a stick shift while working with Windows is like driving an automatic. For example, to configure an installed program in Ubuntu, you must edit a text file.

Ubuntu creates various logs to track just about any event, and these logs are also stored as text files. By default, most are stored in the /var/log directory. For example, Ubuntu stores early initialization information for cloud instances (such as hostname and SSH keys) in a text file that, by default, is /var/log/cloud-init.log. (You can change the default path and filename by editing the /etc/cloud-init.conf file.) Using the installation of Ubuntu Server in a VM you created in Capstone Project 3- 1 , follow along to learn how to manage log files in Ubuntu:  1 Start Ubuntu Server and log on with your username and password. Refer to your LastPass vault if you don’t remember that information.  2 Enter the commands shown in Table 12-3 to work with Ubuntu log files. Table 12-3 Manage Ubuntu log files Command Explanation cd /var/log Goes to the directory that contains log files. ls –l | less Lists all files and subdirectories, and details about each item, one page at a time. Look for log files that have gotten excessively large. If a technician doesn’t monitor and control log files, they may get large enough to take up all available hard drive space and bring a system down. Press the spacebar to move to the next page and q to return to the prompt. ls –l cloud- init.log Lists details about cloud-init.log. Notice the file is owned by syslog. Also notice the file size. If it is 0, look for another large log file and view information about that one instead. less cloud- init.log Views and pages through the contents of the file. Note that if you want to view a file owned by root, you must use the sudo command in front of the less command. What are some common entries in this log? q Quits the less pager. grep “ownership” cloud-init.log Uses the grep command to narrow down a search in a text file for a particular string of text. Remember you must use the sudo command if you’re trying to access a file owned by root. The grep command is particularly useful for large text files when you’re searching for a particular username, event, or command. How many results did you get? If you didn’t get any results, use a word that showed up frequently when

Caution Scanning a network you don’t own or don’t have permission to scan is illegal. Do not use PRTG on public Wi-Fi networks at all. Also don’t use PRTG on any network you don’t own unless you have written permission from the owner to do so. Complete the following steps:  1 Ensure your Windows 10 VM that you created in Capstone Project 1- 1 or 1-2 is configured with the bridged network mode. In Hyper-V, the VM should be connected to a vSwitch using the External network type. In VirtualBox, the VM should use the Bridged Adapter option. Start your Windows 10 VM.  2 In the VM, go to paessler.com . Download and install PRTG . You’ll need to enter an email address—you can choose any of your email addresses for this purpose.  3 After installation, if PRTG doesn’t open automatically, open it from your new desktop shortcut. The user interface will open in a browser. The default login name and password are prtgadmin .  4 You can skip the introduction and close all other information windows on the website. If you were setting this application up for use in a production network, what is the first task you would need to do to ensure its security?  5 PRTG Auto-discovery automatically begins populating the monitoring system with devices on the network. Before you perform any other configurations, which devices were discovered automatically?  6 In the top left corner, click the Home button. How many sensors are currently configured? How many trial days do you have left? How many sensors do you have available? Note that at the end of your trial, your

PRTG will automatically revert to the free version, which supports only a few sensors, unless you pay for the full version.  7 Click the menu icon and click Devices to return to the earlier screen. Click the 2 days tab to see metrics being mapped on charts. These charts give visual output of monitored sensors and can be customized. Return to the Overview tab. You can manually add devices and their various sensors. To add your physical host computer, which is a Windows 10 computer, you must first enable SNMP. Complete the following steps on your physical host computer:  8 Open Settings and click Apps . Click Optional features . Click Add a feature . Select Simple Network Management Protocol (SNMP) and click Install . Click the back arrow to observe the installation progress.  9 After installation is complete, close Settings. In the Windows search box, type services and click the Services app. Find SNMP Service in the list and double-click it. Make the following changes: 1. Click the Agent tab and select all checkboxes in the Service group. 2. Click the Security tab, click Add , and make sure READ ONLY is selected. Add a Community Name, such as public . Click Add . 3. Under Accept SNMP packets from these hosts , click Add . Type your VM’s IP address and click Add . Click OK and then close the Services window. You’re now ready to add your physical Windows machine as a monitored device in PRTG. Complete the following steps:  10 Back in your VM’s PRTG user interface, under Windows > Clients, click Add Device .  11 Give the device a name, such as Windows10_host . Add the physical host’s IPv4 address. Choose a device icon, such as the Windows logo, and then click OK . The device is added to your list.