dig v/s host v/s nslookup

Dig and nslookup are two tools that can be used to query DNS servers. 

They both perform similar functions, but there are some key differences. For example, nslookup can only be used to query one DNS server at a time, while dig can query multiple DNS servers simultaneously. Additionally, dig provides more detailed information about the DNS records that are returned, while nslookup only displays the A and AAAA records.

Nslookup is a network administration command-line tool for querying the Domain Name System (DNS) to obtain domain name or IP address mapping, or other DNS records. Nslookup has two modes: interactive and non-interactive.

dig uses the OS resolver libraries. nslookup uses is own internal ones. 

What is dig and nslookup?

dig

(on Mac OS X and Linux) and nslookup (on Microsoft Windows) are the primary command-line tools for troubleshooting DNS issues. While web-based tools are convenient and easy to use, it is often faster to use a command-line tool on your own system.

nslookup is deprecated.

nslookup

is an abbreviation of name server lookup and allows you to query your DNS service. The tool is typically used to obtain a domain name via your command line interface (CLI), receive IP address mapping details, and lookup DNS records. This information is retrieved from the DNS cache of your chosen DNS server.

host

 command is an easy to use command-line utility for performing DNS lookups under Linux, macOS, BSD and Unix-like systems. We can use it to find or convert DNS names to IP addresses and vice versa.

It also performs DNS lookups related to the DNS query. The host command's default behavior displays a summary of its command-line arguments and supported options.

List of DNS record types

Before you use the host command you should aware of common types of resource records of the DNS. Here are most common resource records:

By default, host command looks for A, AAAA, and MX records only.

Border Gateway Protocol

BGP(Border Gateway Protocol)

BGP stands for Border Gateway Protocol. It is a standardized gateway protocol that exchanges routing information across autonomous systems (AS). When one network router is linked to other networks, it cannot decide which network is the best network to share its data to by itself.

Border Gateway Protocol considers all peering partners that a router has and sends traffic to the router closest to the data’s destination. This communication is possible because, at boot, BGP allows peers to communicate their routing information and then stores that information in a Routing Information Base (RIB).

The main goal of BGP is to find any path to the destination that is loop-free. 

The types of BGP are as follows −

Internal BGP

Routes are exchanged, and traffic is transmitted over the Internet using external BGP or eBGP. Autonomous systems can also use an internal BGP version to route through their internal networks, known as internal BGP.

External BGP

External BGP is like international shipping; some specific standards and guidelines need to be followed when shipping a piece of mail internationally. Once that piece of mail reaches its destination country, it has to go through its local mail service to reach its final destination.

Each country has its internal mail service that doesn’t necessarily follow the same guidelines as other countries. Similarly, each autonomous system can have its internal routing protocol for routing data within its network.

Resource Public Key Infrastructure (RPKI)

What is RPKI?

RPKI  is a security layer in BGP routing that provides full cryptographic trust towards ownership where the owners have a publicly available identifier. With BGP, the ground truth of ownership does not exist. Anyone is allowed to advertise a better route, whether maliciously or accidentally. Resource Public Key Infrastructure makes BGP more secure and reliable. Using RPKI, legitimate holders of number resources are able to control the operation of Internet routing protocols to prevent route hijacking and other attacks.

Routing information to a small network creates an overload. Malicious routing brings sensitive information to the wrong place. BGP errors have the potential for fraud and large-scale outages. Some notable cases are:

• Amazon – Route 53 BGP hijack of Amazon DNS for a cryptocurrency heist.
• Google – Misconfiguration of BGP filtering during an update routed traffic to China, Russia, and Nigeria.
• Mastercard, Visa, and major banks – Leaked 36 prefixes of payment services.
• YouTube – An attempt to block the YouTube website in Pakistan ended up taking it down.

RPKI Benefits

Implementing and using RPKI comes with the following benefits:

• Proof of origin. Resource holders have ownership proof to use specific resources through a signed certificate trust chain, helping prevent mistakes about the information origin.
• Cryptographic identity verification. Resource holders have a way to prove ownership to customers when distributing resources.
• Route hijacking prevention. Resource users protect the information provided by resource holders through a digital signature, which a verified resource holder generates and supplies to the user. Attempts to alter the signature renders it invalid.

Why do we need RPKI?

Routing protocols are potentially at risk of attacks that can harm individual users or network operations as a whole. RPKI was specified by the IETF to provide a secure means to certify the allocation of Internet number resources, as a step towards securing routing. The Internet Architecture Board considers a "properly designed and deployed RPKI an absolute prerequisite to having a secure global routing system, which is in turn a prerequisite to having a reliable worldwide Internet."

IANA

Internet Assigned Numbers Authority (IANA) 

This is a non-profit organization responsible for coordinating the activities for the smooth functioning of the Internet. Since the internet is a global network, IANA undertakes the responsibility to allocate and maintain unique codes and numbering systems that are used in Internet protocols. IANA liaisons with Internet Engineering Task Force (IETF) and Request for Comments (RFC) teams for working on Internet-connected systems. It is responsible for maintaining a collection of registries for coordination of IP addressing and Domain Name Service (DNS) root zones.

Domain Name Services 

DNS is a hierarchical database that links domain names with IP addresses. IANA administers the top-level hierarchy, the DNS root zone, for efficient transfer of data between computers. It operates '.int' top-level domain for international organizations and '.arpa' zone for Internal Protocols and root servers.

Number Resources

 It coordinates the Internet Protocol addressing systems (IP), commonly known as IP Addresses, which are used for routing internet traffic. Another function is to allocate the Autonomous System (AS) numbers to Regional Internet Registries according to their needs and document the protocol assignments made by the IETF.

Protocol Assignments 

The Protocol management function involves maintaining the codes and numbers used in Internet protocols. These services are done in collaboration with IETF.

Since 1997, this role has been performed by Internet Corporation for Assigned Names and Numbers (ICANN).

Internet Corporation for Assigned Names and Numbers (ICANN) 

This is an internationally organized non-profit corporation whose major role is to keep the Internet stable, secure and interoperable. It includes participants from different parts of the world who designs policies on the Internet's unique identifiers and its naming system. As a public-private partnership, ICANN now performs IANA functions under a contract from the United States' Department of Commerce.

Major activities performed by ICANN are:

• To preserve the operational stability of the Internet.

• To promote competition and develop policies for Internet's unique identifier and naming.

• To achieve greater participation from global internet communities.

• To develop policies and procedures and follow a consensus-driven approach.

• To contract with registries and registrars (companies that sell domain names) for improving domain name system.

 

Public and Private IP's

IP Addresses

What is a public IP address?

A public IP address((or external) can be accessed directly over the internet and is assigned to your network router by your ISP(internet service provider). Personal devices are also have private IP’s that remains hidden when you connect to the internet through your router’s public IP.

What is a private IP address?

A private IP address(local vs. internal IP) which your network router assigns to your device. Each device within the same network is assigned a unique private IP address (sometimes called a private network address). Private IP addresses allows that devices connected to the same network communicate with one another without connecting to the entire internet. 

Summarizing the differences between private and public IP addresses

Identity Access Management(IAM)

About  Identity Access Management(IAM)  

An AWS web service for securely controlling access to AWS resources. It enables you to create and control services for user authentication or limit access to a certain set of people who use your AWS resources.

How IAM works?

• A principal is an entity that can perform actions on an AWS resource. A user, a role or an application can be a principal.
• Authentication is the process of confirming the identity of the principal trying to access an AWS product. The principal must provide its credentials or required keys for authentication.
• Request: A principal sends a request to AWS specifying the action and which resource should perform it.
• Authorization: By default, all resources are denied. IAM authorizes a request only if all parts of the request are allowed by a matching policy. After authenticating and authorizing the request, AWS approves the action.
• Actions are used to view, create, edit or delete a resource.

IAM Components

• Users: An IAM user is an identity with an associated credential and permissions attached to it. End Users such as employees of an organization or any other user.
• Groups: A collection of IAM users is an IAM group. You can use IAM groups to specify permissions for multiple users so that any permissions applied to the group are applied to the individual users in that group as well. Each user in the group will inherit the permissions of the group. 
• Roles: We create roles and then assign them to AWS Resources. An IAM role is a set of permissions that define what actions are allowed and denied by an entity in the AWS console.
• Policies: Policies are made up of documents, called Policy documents.  Documents are in JSON format and they give permissions as to User/Group/Roles and define their access what they are able to do. An IAM policy sets permission and controls access to AWS resources. policy would contain the following information:

# Who can access it

# What actions that user can take

# Which AWS resources that user can access

# When they can be accessed

Identity Access Management(IAM) Features

Features:

• Centralized control of your AWS account
• Shared Access to your account : You can grant other people permission to administer and use resources in your AWS account without having to share your password or access key.
• Secured access to AWS sources : You can use IAM features to securely provide credentials for applications that run on EC2 instances. These credentials provide permissions for your application to access other AWS resources. Examples include S3 buckets and DynamoDB tables.
• Granular Permissions: You can grant different permissions to different people for different resources.
• Identity Federation :  If the user is already authenticated, such as through a Facebook or Google account, IAM can be made to trust that authentication method and then allow access based on it. This can also be used to allow users to maintain just one password for both on-premises and cloud environment work.
• Multifactor Authentication : IAM supports MFA, in which users provide their username and password plus a one-time password from their phone—a randomly generated number used as an additional authentication factor.
• Provide temporary access for users/devices and services where necessary.
• Allows you to set up your own password rotation policy. IAM Password policy allows you to reset a password or rotate passwords remotely. You can also set rules, such as how a user should pick a password or how many attempts a user may make to provide a password before being denied access.
• Integrates with many different AWS services
• Supports PCI DSS(Payment Card Industry Data Security Standard) Compliance. This is an information security standard for organizations that handle branded credit cards from the major card schemes. IAM complies with this standard.
• Free to use. There is no additional cost for IAM security & creating additional users, groups or policies.

Reference : https://docs.aws.amazon.com/

   https://www.simplilearn.com/

How to add a user in Linux

 Adding a User in Linux

1. Log in as root

2. Use the command useradd "name of the user"

useradd -m <username>

Example : useradd -m gauravkumar

Note: -m to create user home folder in /home directory.

Note: useradd command adds an entry to the /etc/passwd, /etc/shadow, /etc/group and /etc/gshadow files.

To be able to log in as the newly created user, we need to set the user password. To do that run the passwd command followed by the username:

sudo passwd username

We will be prompted to enter and confirm the password. Make sure we use a strong password.

3.  Use su(switching users) suffixed with the name of the user we just added above

su - gauravkumar

Note: su “-“ will execute the login profile. All the env variables and alias for the user will be available.

4. Execute below command and it will open VI editor, insert new user public keys in the vi editor. Save and Exit.

All command need to execute in /home/<new user folder>

mkdir .ssh; 

chmod 700 .ssh; 

cd .ssh; 

touch authorized_keys; 

chmod 600 authorized_keys; 

vi authorized_keys

5.At home dir

Use vi /etc/group

Check the log here: tail -f /var/log/secure

When the added user will log using the ssh keys in their env then it will show the related log here.

Deleting a User From Linux

We can use userdel command and “name of the user”.

Example : userdel gauravkumar

Note: -r option with userdel : help to delete the user as well as its home directory.

Example: userdel -r gauravkumar

Create a User with Specific Home Directory

useradd command with -m option creates the user’s home directory in /home by default. 

If we would like to create the user’s home directory in any other location, then we could use the d (--home) option.

Example which shows how to create a new user named <username> with a home directory of /opt/username:

sudo useradd -m -d /opt/gauravkumar gauravkumar

Create a User with Specific User ID 

As we know that users are identified by unique UID and username, In Linux, User identifier (UID) is a unique positive integer assigned to each user.

when a new user is created, the system assigns the next available UID from the range of user IDs specified in the login.defs file.

useradd with the -u (--uid) option to create a user with a specific UID. 

For example: to create a new user named gauravkumar with UID of 2022 we need to execute below command:

sudo useradd -u 2022 gauravkumar

We can check the user’s UID, using the id command like below:

id -u username

Result: 2022

More Linux Commands

 Linux Commands Part-2

11. find command

We could use the find command to locate files within a given directory.

find /home/ -name notes.txt command will search for a file called notes.txt within the home directory and its subdirectories.

find <directory-name>/ -name <filename>

To find files in the current directory use, find . -name test.txt

12. grep command

This help us to search through all the text in a given file.

grep mail app.properties -> This will search for the word mail in the app.properties file. 

13. df command

df command help us to get a report on the system’s disk space usage and it will show in percentage and KBs. 

If we want to see the report in megabytes, then we can use df -m

14. du(Disk Usage) command

dh command help us to check how much space a file or a directory takes. the disk usage summary will show disk block numbers instead of the usual size format.

If we want to see it in bytes, kilobytes, and megabytes, add the -h argument to the command line.

15. head command

head command help us to view the first lines of any text file. This will only show the first ten lines by default, but we have provision to change this number. 

if we only want to see the first 40 lines, command is: head -n 40 config.yml.

16. tail command

A similar command as the head command, but instead of showing the first lines, the tail command will display the last ten lines of a text file. 

we can modify this with tail -1000f test.log

This one has a similar function to the head command, but instead of showing the first lines, the tail command will display the last ten lines of a text file.

17. diff command

Diff command help us to find the difference between 2 given files. This will show the lines that do not match.

diff test.properties test_2.properties

18. chmod(change mode) command

This command sets the permissions of files or directories.

Syntax: chmod options permissions file name

Example: chmod +x <filename>

Suppose I want to set permission for a given file where the user can read, write, and execute it, members of your group can read and execute it, & others may only read it.

Command will look alike:  chmod u=rwx,g=rx,o=r <filename>

Here u,g,o stands for "user", "group", and "other". The equals sign ("=") means "set the permissions exactly equivalent to the passed value.

The letters "r", "w", and "x" stand for "read", "write", and "execute".

octal permissions notation for the above command is chmod 754 <filename>

7, 5, and 4 digits individually represent the permissions for the user, group, and others, in sequence. Each digit is a combination of the numbers 4, 2, 1, and 0:

4 stands for "read",

2 stands for "write",

1 stands for "execute", and

0 stands for "no permission."

Now, we could say that 7 is the combination of permissions 4+2+1 (read, write, and execute for user), 5 is 4+0+1 (read, no write, and execute for groups), and 4 is 4+0+0 (read, no write, and no execute for others).

19. chown(Change Owner) command

All files are owned by a specific user in Linux. This command help us to change or transfer the ownership of a file to the given username. 

chown gauravkumar test.txt will transfer the ownership of the file test.txt to gauravkumar.

20. ping command

This command help us to check connectivity status of a server. For example: ping devopswithgaurav.blogspot.com, the command will check whether you’re able to connect to devopswithgaurav and also measure the response time.