Linux Installation
• Apa itu Linux ?
• Perangkat lunak sehari hari
• Introducting Fedora
• Instalasi FC 5
• Otomasi Perkantoran
1
Linux Fundamental
2
Linux Fundamental
Introducting Fedora
3
Linux Fundamental
PROSES INSTALASI
Di bawah ini adalah langkah langkah instalasi Linux fedora core
5, menggunakan media CDROM:
1. langkah pertama, anda masukan CD 1 kedalam CD-ROOM,
tampilan awal akan seperti di bawah ini:, anda bisa ketikan
text untuk mode text, atau tekan enter untuk mode grafis,
untuk saat sekarang anada tekan enter.
4
Linux Fundamental
5
Linux Fundamental
6
Linux Fundamental
7
Linux Fundamental
8
Linux Fundamental
9
Linux Fundamental
9.Jika ingin lebih aman lagi booting grub anda bisa di berikan
password.
10
Linux Fundamental
11
Linux Fundamental
12
Linux Fundamental
13
Linux Fundamental
14
Linux Fundamental
15
Linux Fundamental
16
Linux Fundamental
17
Linux Fundamental
18
Linux Fundamental
19
Linux Fundamental
20
Linux Fundamental
Terakhir adalah mensetting sound card, itu pun kalau pc anda ada
sound cardnya
21
Linux Fundamental
Setelah ini maka anda kan masuk ke tampilan window ( ingat bukan
windows )Fedora core 5 yang cantik.
• Linux Shell
• Menggunakan Linux Shell
• Perintah dasar linux
• Linux File system
• vi editor
Linux Shell
Pendahuluan
1. Pemakaian interaktif
2. Untuk mengontrol session UNIX
contohnya: Set home dir., mail directory, startup file dll
3. Pemrograman
Unix shell menyediakan sekumpulan instruksi khusus yang dapat
digunakan untuk membuat program shell scripts
22
Linux Fundamental
Kenapa Shell ?
Shell interface
[root@samba tmp]#
23
Linux Fundamental
& adduser alias bg cat cd chgrp chmod chown cp fg find grep gzip
halt hostname kill less login logout ls man mesg mkdir more mount
mv passwd pwd rm rmdir shutdown su tail talk tar umount unalias
unzip wall who xhost + xset zip
&
Lihat juga:
adduser
# adduser udin
# passwd udin
24
Linux Fundamental
alias
$ alias dir=ls
bg
cat
$ cat /nama/suatu/file
25
Linux Fundamental
cd
chgrp
chmod
1. r untuk read,
2. w untuk write, dan
3. x untuk execute.
26
Linux Fundamental
Contoh lain, untuk memberi ijin baca(4) dan tulis(2) file coba3
kepada user, baca(4) saja kepada group dan other, perintahnya
adalah:
chown
cp
$ cp <file1> <file2>
fg
find
27
Linux Fundamental
Contoh hasil:
. /public/docs/account.doc
. /public/docs/balance.doc
. /public/docs/statistik/prospek.doc
./public/docs/statistik/presconf.doc
grep
Format perintah:
gzip
$ gzip <namafile>
28
Linux Fundamental
halt
Perintah ini hanya bisa dijalankan oleh super useratau Anda harus
login sebagai root. Perintah ini untuk memberitahu kernel supaya
mematikan sistem atau shutdown.
hostname
Untuk menampilkan host atau domain name sistem dan bisa pula
digunakan untuk mengesset nama host sistem.
Contoh pemakaian:
kill
PID adalah nomor proses yang akan di hentikan. Tidak tahu PID
proses mana yang mau dibunuh? Cobalah bereksperimen dengan
perintah:
less
login
logout
29
Linux Fundamental
ls
man
$ man <perintah>
mesg
Perintah ini digunakan oleh user untuk memberikan ijin user lain
menampilkan pesan dilayar terminal. Misalnya mesg Anda dalam
posisi y maka user lain bisa menampilkan pesan di layar Anda
dengan write atau talk.
mkdir
more
mount
30
Linux Fundamental
$ mount
/dev/hda3 on / type ext2 (rw)
none on /proc type proc (rw)
/dev/hda1 on /dos type vfat (rw)
/dev/hda4 on /usr type ext2 (rw)
none on /dev/pts type devpts (rw,mode=0622)
mv
Untuk memindahkan file dari satu lokasi ke lokasi yang lain. Bila
argumen yang kedua berupa sebuah direktori maka mv akan
memindahkan file ke direktori tersebut. Bila kedua argumen berupa
file maka nama file pertama akan menimpa file kedua. Akan terjadi
kesalahan bila Anda memasukkan lebih dari dua argumen kecuali
argumen terakhir berupa sebuah direktori.
passwd
pwd
rm
rmdir
31
Linux Fundamental
shutdown
su
tail
talk
tar
Menyimpan dan mengekstrak file dari media seperti tape drive atau
hard disk. File arsip tersebut sering disebut sebagai file tar.
Sintaknya sebagai berikut:
Contoh:
32
Linux Fundamental
umount
# umount <filesystem>
unalias
$ unalias dir
unzip
$ unzip <namafile>
wall
33
Linux Fundamental
who
Untuk menampilkan siapa saja yang sedang login. Perintah ini akan
menampilkan informasi mengenai login name, jenis terminal, waktu
login dan remote hostname untuk setiap user yang saat itu sedang
login. Misalnya:
$ who
root ttyp0 May 22 11:44
flory ttyp2 May 22 11:59
pooh ttyp3 May 22 12:08
xhost +
xset
34
Linux Fundamental
Penjelasan:
/bin User programs dan script scripts yang banyak di gunakan dalam
startup
/boot berisi informasi Boot, termasuk didalamnya kernel
/dev file yang berisi Device linux
/etc berisi file-file configurasi
/etc/sysconfig Menyimpan konfigurasi file-file spesifik sperti
konfigurasi jaringan
/home Directory home User
/initrd digunakan pada saat proses booting dan proses mount
containing special device drivers
/lib Libraries, berisi module- module LInux
/lib/modules Loadable kernel modules
/lost+found Recovered data yang bersal dari cluster-cluster yang rusak
/mnt file temporary yang biasanya di gunakan untuk mounting
/opt Digunakan untuk menyimpan aplikasi yang
/proc Kernel pseudo-directory yang mendukung access menuju informasi
kernel dan konfigurasinya
/root Home directory untuk System administrator (root)
35
Linux Fundamental
vi editor
[ketikan i]
36
Linux Fundamental
Menggerakan Cursor
37
Linux Fundamental
Inserting text
Format contoh
Operators
c change
d delete
y yank
38
Linux Fundamental
Menghapus text
39
Linux Fundamental
Kesimpulan
Perintah pada shell sebenarnya sangat mudah. Semua daftar
perintah mudah dihafal. Contohnya ls berasal
dari kata list, cp berasal dari kata copy. Namun untuk melihat
argument (atribut) yang lengkap dapat anda
ketikkan :
$man nama_perintah
$man cp
Untuk keluar dari man ketik q
Securing Linux
Host Security
40
Linux Fundamental
secara periodic cek lah beberapa logs file untuk melihat ada
kemungkinan kelemahan d dalam bisa di cek di directory
/var/log/
installkan security update dari fedora jika terdapat
vulnerabilities di dalamnya.
User root
Anda bisa login sebagai User root untuk memanage system adminstrator PC
linux anda. User root sering disebut juga superuser karena mempunyai
weweang penuh untuk melakukan apapun dalam system komputer linux.
Jika anda login sebagi user biasa untuk menjadi super user anda
ketikan su
$su
#exit
41
Linux Fundamental
Penambahan
Anda bisa add user atau addgroup atau edit existing user atau
grup dari user manager.
/etc/password
File /etc/passwd adalah list file semua account user name, file
ini adalah file text, tidak ada privileges khusus untuk membuka
file ini. File ini mempunyai 7 bagian di pisahkan dengan tanda :,
seprti terlihat dari gambar di bawah ini:
Login shell
Home directory
Informasi user
Group ID
42
Linux Fundamental
User ID
Password di eckripsi atau dalam arti kata
password di simpan di file /etc/shadow
Set lah session time out untuk user root, sehingga jika anda lupa
logout maka login anada akan keluar secara otomatis.caranya
tambahkan baris TMOUT=(jumlahdetik) di bawah baris “HISTSIZE=”
di dalam file /etc/profile.contoh disini berupa 60 detik anda
akan logout secara otomatis
TMOUT=60
Supaya efeck nya terlihat anda harus logout, dan login ulang.
Disabling Ctrl-Alt-Delete
Langkah ke 2
Untuk memberikan effeck coba ketikan:
# /sbin/init q
43
Linux Fundamental
If you are an experienced system administrator, you already know that it’s not the cost of
managing an Internet presence that worries corporate management; their main concern is
security. To get your management’s backing for the website, you need to lay out a plan to
keep the corporate network secure from intruders.
You may think that you can avoid jeopardizing the internal network by connecting only
the external servers, such as Web and FTP servers, to the Internet. However, this simplistic
approach is not wise. It is like deciding not to drive because you may have an accident.
Not having a network connection between your Web server and your internal network
also has the following drawbacks:
_ You cannot use network file transfers, such as FTP, to copy documents and data
from your internal network to the Web server.
_ Users on the internal network cannot access the corporate Web server.
_ Users on the internal network do not have access to Web servers on the Internet.
Such a restriction makes a valuable resource—the Web—inaccessible to the
users in your organization.
A practical solution to this problem is to set up an Internet firewall and to put the Web
server on a highly secured host outside the firewall.
In addition to using a firewall, here are some of the other steps you should take to address
network security (the “Securing the Network” section explain these further):
_ Enable only those Internet services you need on a system. In particular, do not
enable services that are not properly configured.
_ Use secure shell (ssh) for remote logins. Do not use the “r” commands, such as
rlogin and rsh.
_ Secure any Internet services such as FTP or Telnet that you want to run on your
system. You can use the TCP wrapper access control files—/etc/hosts.allow
and /etc/hosts.deny—to secure some of these services.
_ Promptly fix any known vulnerabilities of Internet services that you choose to
run. Typically, you’d do this by downloading and installing the latest server
RPM file from Fedora download sites listed at http://fedora.redhat.com/
download/mirrors.html.
Learning Computer Security Terminology
Computer books, magazine articles, and experts on computer security use a number of
terms with unique meanings. You need to know these terms to understand discussions
about computer security (and to communicate effectively with security vendors). Table
22-1 describes some of the commonly used computer security terms.
Table 22-1: Commonly Used Computer Security Terminology
Term Description
Application A proxy service that acts as a gateway for application-level protocols, such as
gateway FTP, Telnet, and HTTP.
Authentication The process of confirming that a user is indeed who he or she claims to be.
The typical authentication method is a challenge-response method, wherein
the user enters a user name and secret password to confirm his or her identity.
Backdoor A security weakness a cracker places on a host in order to bypass security
features.
Bastion host A highly secured computer that serves as an organization’s main point of
presence on the Internet. A bastion host typically resides on the perimeter
network, but a dual-homed host (with one network interface connected to
the Internet and the other to the internal network) is also a bastion host.
Buffer overflow A security flaw in a program that enables a cracker to send an excessive
amount of data to that program and to overwrite parts of the running
program with code in the data being sent. The result is that the cracker can
execute arbitrary code on the system and possibly gain access to the system
as a privileged user.
Certificate An electronic document that identifies an entity (such as an individual, an
organization, or a computer) and associates a public key with that identity. A
certificate contains the certificate holder’s name, a serial number, expiration
44
Linux Fundamental
dates, a copy of the certificate holder’s public key, and the digital signature of
the Certificate Authority so that a recipient can verify that the certificate is real.
Certificate An organization that validates identities and issues certificates.
Authority (CA)
Confidentiality Of data, a state of being accessible by no one but you (usually achieved by
encryption).
Cracker A person who breaks into (or attempts to break into) a host, often with
malicious intent.
Decryption The process of transforming encrypted information into its original, intelligible
form.
Denial of Service An attack that uses so many of the resources on your computer and network
(DoS) that legitimate users cannot access and use the system.
Digital signature A one-way MD5 or SHA-1 hash of a message encrypted with the private key
signature of the message originator, used to verify the integrity of a message and
ensure nonrepudiation.
Distributed A variant of the denial-of-service attack that uses a coordinated attack from a
Denial of Service distributed system of computers rather than a single source. It often makes
(DDoS) use of worms to spread to multiple computers that can then attack the target.
DMZ Another name for the perimeter network. (DMZ stands for demilitarized
zone, the buffer zone separating North and South Korea.)
Dual-homed host A computer with two network interfaces (think of each network as a home).
continued
Term Description
Encryption The process of transforming information so that it is unintelligible to anyone
but the intended recipient. The transformation is accomplished by a
mathematical operation between a key and the information.
Exploit tools Publicly available and sophisticated tools that intruders of various skill levels
can use to determine vulnerabilities and gain entry into targeted systems.
Firewall A controlled-access gateway between an organization’s internal network and
the Internet. A dual-homed host can be configured as a firewall.
Hash A mathematical function converts a message into a fixed-size numeric value
known as a message digest or hash. The MD5 algorithm produces a 128-bit
message digest, whereas the Secure Hash Algorithm-1 (SHA-1) generates a
160-bit message digest. The hash of a message is encrypted with the private
key of the sender to produce the digital signature.
Host A computer on any network (so called because it offers many services).
Integrity Of received data, a state of being the same data that was sent (unaltered in
transit).
IPSec (IP Security A security protocol for the network layer that is designed to provide
Protocol) cryptographic security services for IP packets. IPSec provides encryptionbased
authentication, integrity, access control, and confidentiality. (Visit
www.ietf.org/html.charters/ipsec-charter.html for the list
of RFCs related to IPSec.)
IP spoofing An attack in which a cracker figures out the IP address of a trusted host and
then sends packets that appear to come from the trusted host. The attacker
can only send packets, but cannot see any responses. However, the attacker
can predict the sequence of packets and essentially send commands that will
set up a back door for future break-ins.
Logic bombs A form of sabotage in which a programmer inserts code that causes the
45
Linux Fundamental
Term Description
___
Proxy server A server on the bastion host that enables internal clients to access external
servers (and enables external clients to access servers inside the protected
network). There are proxy servers for various Internet services, such as FTP
and HTTP.
Public-key An encryption method that uses a pair of keys, a private key and a public key,
cryptography to encrypt and decrypt the information. Anything encrypted with the public
key can be decrypted with the corresponding private key, and vice versa.
Public Key A set of standards and services that enables the use of public-key
Infrastructure cryptography and certificates in a networked environment. PKI facilitates
(PKI) tasks, such as issuing, renewing, and revoking certificates, and generating and
distributing public-private key pairs.
Screening router An Internet router that filters packets.
Setuid program A program that runs with the permissions of the owner regardless of who
runs the program. For example, if a setuid program is owned by root, that
program has root privileges regardless of who has started the program.
Crackers often exploit vulnerabilities in setuid programs to gain privileged
access to a system.
Sniffer Synonymous with packet sniffer—a program that intercepts routed data and
examines each packet in search of specified information, such as passwords
transmitted in clear text.
Spyware Any software that covertly gathers user information through the user’s Internet
connection and usually transmits that information in the background to
someone else. Spyware can also gather information about email addresses
and even passwords and credit card numbers. Spyware is similar to a Trojan
horse in that users are tricked into installing spyware when they install
something else.
Symmetric-key An encryption method wherein the same key is used to encrypt and decrypt
encryption the information.
Threat An event or activity, deliberate or unintentional, with the potential for causing
harm to a system or network.
Trojan horse A program that masquerades as a benign program but, in fact is a back door
used for attacking a system. Attackers often install a collection of Trojan horse
programs that enable the attacker to freely access the system with root
privileges, yet hide that fact from the system administrator. Such collections of
46
Linux Fundamental
47