Hello. Today we're going to be talking
about file organization for a small
penetration test company. What is a pen
test? A pen test is an attack on a
computer or a network for the purposes
of trying to find out what weaknesses
the device(s) happen to have so that they
can be taken care of before the bad guys
try to attack. Pen tests are conducted
with legal written permission by the of
the owners of the attacked devices. So
this company has just started conducting
penetration tests. They've got five
clients so far and they have started to
create a number of different files for
each of the different clients they have.
For example, a nondisclosure agreement or
NDA that pretty much says we won't let
anybody else other than the owners of
the devices know what we found out, so
we're not going to tell anybody, "Hey, this
company has these weaknesses." They have
the letter with written permission to be able
to conduct the tests; this one permission
is sometimes called informally a
"get-out-of-jail-free card." The pen
testers have been taking notes as
they've been conducting the tests and
they've developed a final report and
they have all this documentation on each
of the different clients. Now at this point, I
have all the relevant files in a
directory that's inside my home
directory. I'd like to copy all of that
information into the directory we happen
to be in at the moment. The command to
copy things is "cp," and because we're
going to be copying a directory, we're
going to throw in the -r. Next, we
have to say what it is we'd like to copy. We'd like to copy files that are in my
home directory . The tilde ~ represents the
home directory, and I'm going to start
typing the name of the directory that
we'd like to copy. It begins with an
"f" - it's "files for video". As it happens I
only have one particular item in
my home directory that begins with the
letter "f," so I'm going to hit the tab key
now to autocomplete this relatively long
name. I just happened to delete the slash
that came at the end. When you hit "tab"
and you have the name of a
directory, the name will end with a
slash / , so you can keep typing
additional information. As it happens, I
don't wish to type anything else, so I just
deleted this /. It really doesn't matter
whether you have that there or not. I'd like
to copy that information into our
current directory. cp always requires two
arguments; basically, you're saying, "copy
what where": What do I wish to copy? The
directory "files for video". Where do I
want to copy it? Here. A single dot . , as
you'll recall, represents "Here. The
current directory." and if I do an ls
right now, I can see that I do, in fact,
have a "files for video" directory. I'm now
going to switch into my "files for video,"
directory, so I type "cd f" and I
hit the tab. Now you'll notice that
everything that begins with "f" in this
directory goes on to have an "il" as the next two characters, so Linux was able to
autocomplete the "il," but it
doesn't know at this point: Do I want to
keep typing "es" for "files"? Do I want to type the "lters" for "filters"? It doesn't know, so I'm going
to give it an "e" and hit tab. It fills in
the "s" for us. If I hit an "f" it'll in the rest of the "for." Hit "v," hit tab again and it fills in the rest of
"video," so you can see that you can hit
tab multiple times. So now my "files for
video" is my active directory and I'm
going to take a look inside it and I see
that I've got a fair number of files
here. Now if we are only ever going to be
having five clients then everything
could stay in one directory,
but we're starting to realize that -- wait
a minute -- we're going to have a whole lot
more clients coming up, and this
directory that we have is just going to be
getting larger and larger and larger,
and it's going to become less and less
easy to be able to find the files that
we would like, so we better come up with
some sort of an organization so that
we'll be able to find the files that we
wish quickly and easily. There are a
couple of different approaches we could
take with these particular files. One
approach -- and the one we're going to be
using -- looks like this. I've ignored all
the directory structure that's not
relevant to us at the moment. We are in
the CIS one forty-one directory. We're
going to create a directory for all of
our pen test information. I'm just
calling it "PT" for "pen test," and then we're
going to have a separate directory for
each of our different clients. Within
each of the client directories, we'll
have the relevant information -- our
get-out-of-jail-free card, our
non-disclosure agreement, the running
notes, and the final pen test report. We
could have organized things in a different
way; instead of organizing by client, we
could have organized by type of
information. So we could have put all of
our get-out-of-jail free cards in one
directory all of our NDAs in another
directory, and so forth. On both this and
the past slide, some details are omitted
just so that the slides wouldn't get too
cluttered. So the client information for
the notes and the reports
directories were omitted here. Up here,
the information for the specific files
underneath client3 and for client5
have been omitted, but you can
extrapolate what they would be. So okay,
we're going to have to create some
directories. We'll start off by creating
the PT directory for our pen tests. The
command to create a directory is mkdir.
It's pronounced "make dir," but it's
spelled mkdir. OK, so we've created our
pen test directory. You can see I've just
executed another ls, and we can see our
pen test directory PT. Inside this
directory, we're going to be creating a
directory called "client1,"
so
mkdirPT /client1
Now when we go to move our files, we can
shorten their names as well. We no longer
have to have "PT" and "client1" as part
of the name of each of these files
because we can get the information that
it's about a pen test and it's for
client one just from our directory
structure. So the syntax of the command
to move files is very similar to the
syntax of the command for copying. The
command for moving is "mv" and it's
"move what where": What are we going to be moving? We're going to be moving our PT client one's get-out-of-jail-free card. Where are we going to be moving it? We're
going to be moving it into the PT
directory -- inside there into the client1
sub directory -- and from there we're
going to call the file simply GooJFC for
"get-out-of-jail-free card." We can execute an ls command, and we can see that we no
longer have the get out of jail free
card for client one in our current
directory. If we do an ls for our PT/client1 directory, you can see that in
fact we do have the file with the
shortened name inside the directory. Now
we're going to do the same thing for
each of our other three client1 files.
I'm going to use the up arrow to
retrieve my most recent mv command and
I'm using the left arrow and the
backspace to move to where I need to be
and to delete the letters I don't want in
here. This is just a quicker way of
coming up with the command rather than having to type it all again by hand. Up arrow
notes and report. I'm going to clear the
screen screen quickly with the ctrl^L
keyboard shortcut, and ls shows us that we no longer have client1
files in the current directory, but if we
do a ls of PT/client1, we can see that
we have all of the files that we had
before in our client1 directory. Now
okay, we're going to go ahead and create
a client2 directory mkdir PT/client2
and we could copy all of the files here individually into that
directory; so we could, for example, say
mv PTclient2GooJFC Pt/client2/GooJFC
and we could
do that similar sort of thing for all of
the remaining files. There is, however, a
faster way to accomplish our task. We
could we'd once again start out saying
mv PTclient2 but now instead
of listing an end of each individual
file we can use an asterisk; the
asterisk says, "substitute here any zero
or more characters," so just in this one
phrase
PTclient2*
it's as if here we typed all of the files whose names begin with
PTclient2
Where do we want to put them? we want to put them in PT/client2
to let's verify that we did what we
wanted to do. ls. We don't see anything
about client2 in our current directory.
ls PT/client2
We have all four of out
client2-related files within our
client2 directory. Now, the downside of
this is that we would need to rename the
NDA, the notes, and the report file if we
so desired to shorten up the names. In
the interests of not boring you I'm not
going to go through and shorten all
those right now. In real life we might
or might not choose to do so. At this
point, I'm going to very quickly create
client three, four, and five directories
and put the relevant files into them. So
mkdir PT/client3 PT/client4 PT/client5
You can use the "mkdir" command with
multiple different arguments, so that's
just created the client3, client4, and
client5 directories within our PT
directory. I'm now going to move all the
relevant files for client3 into the
client3 directory, client 4 into the client4 directory, and client 5 into the client5 directory.
directory if I do a quick LS I can see I
I don't have any ordinary files inside my
current directory; I could do an
ls PT/client3 PT/client4 PT/client5
if I so desired, but ls actually has a nice
option of -R
The capital R says< "show me a recursive listing." What this
means is this is saying not only show me
what's immediately inside the PT
directory, but if there are any
directories in the PT directory, show me
their contents and if there are any
directories within their contents, show
its contents all the way down the
directory structure. So now we can see
all at once that the PT directory
contains the client1 through client5
directories and we can see the contents
of each of the individual client
directories. I'll say as an aside that
there are ways that you would be able to
shorten the names to remove the PT
client in a fashion that's more
efficient than just doing it by hand. How you would do that, though, is
beyond the scope of this discussion. OK, I
just cleared the screen again and I'm
going to cd into the PT directory and
make a new directory for a hypothetical
client six. and I'm going to
cd into the client6 directory. One
command that is very useful if you would
just like to create an empty file -- in
fact it's the command that I use to
create all the files we've worked with
today -- that's the "touch" command. So I
could say
touch NDA
and I've created an empty 0 bytes file called NDA.
I'm going to be switching topics a little
bit so that I can talk about a couple of
other things that I did wish to talk
about in this video. So this is not
directly pentest related, but suppose for
some reason you wish to have the
calendar -- the output of the cal command
-- display not on your screen, but put it
into a file. You can redirect the output
of the "cal" command. This is saying, "Don't
show me the calendar -- the output of the
cal command -- on the screen. Instead, put
it into a file that we're going to call
'calendar'." We now have a calendar file, and
if we use the "cat" command to display the
contents of the calendar file, we can see
that it is in fact the calendar for the
month in which I'm recording this video.
Maybe we'll have another file that's
going to show the output of the "date"
command and we'll just call that file
"day," and a cat of day reveals that it
does in fact give us the output of the
date command. Why am I creating these
files? It's because I'd like to show you
something about the mv command that
also applies to the cp command and is
very important. We've seen a couple of
ways in which the mv or the cp commands
can be used. With "copy what where," if "where"
is the name of a file that does not
exist, cp or mv will create a file by
that name with the contents of the
original file. So if i say cp x y then both of them will have
identical content. If the "where" is the
name of a directory, what we saw
mv command holds true with the cp
command, that the "copy what where," if the "where" is s directory it will take the
"what" file specified and it will create a file within
the specified directory with the
contents of that file, so if I said
cp x y
with "y" being the name of a directory,
what will result is there's going to be
a file called y/ x with the x in the x
directory containing the same content as
the original file named x. There's a
third possibility, though. The first
possibility was the "what" was the name of
a file that did not yet exist. The second
possibility was the name of a directory. The third possibility
is the name of a file that does exist. Suppose we decided to
take information from "cal" and "date" and
put it into a single file. I'm just going
to call "when". So we can move the contents of our "day" file into a file called "when".
We no longer have a file called "day." The
file called "when" now has the output of
the date command.Now watch very carefully: this is what I wanted to show you.
If I type
mv calendar when
-- "when" is a file that already exists; it
contains the output of the date command --
this is what's currently in the "when" file.
I did not get any error messages. mv was
perfectly happy to move the contents of
calendar into the "when" file. An ls command shows again we no longer have
a "calendar" file, but look at the contents
of the "when" file. You see what happened
in the calendar file, but the information
from the output of the "date" file -- what had
been in the "when" file before we copied
the calendar contents into "when" -- that is
gone, and this is the important caveat: If
you're using mv or you're using cp
and the second argument is the name of a
file that exists, that file's original
contents will be replaced with the
contents of whatever was in the first
argument, so be very careful with cp and
mv. OK, so we've created quite a number of
different files here and I'd like to
clean up all the files that we worked
with today. They're just ones that were
created for this video; there's really no
pen test company. I'm going to clean up
the files, so the first thing I'd like to
do would be to delete the directory that
I'm in right now and all of its contents.
To delete a directory use the "rmdir"
command. I'm going to
try to delete the directory I'm in right
now and this period is usually used to
mean "here". We saw it in an action earlier
when we said cp -r cis141 .
We're saying copy that
one directory here. Dot (.) is a perfectly
valid argument for many commands, but
it's not valid for the "rmdir" command, and
there's a reason for it which you could
probably figure out on your own if you
stopped to think for a moment. If we deleted
the directory we were in, where would we
be? We just got rid of the directory we
were currently in and we have to be in
some directory so rmdir basically
says you can't delete the directory
you're in, so I'm going to go up one
level and I'm going to try deleting my client6
directory and rmdir still is not
going to be very happy. It's saying the
directory is not empty; you've got files
in it, so we can delete all those files.
we could type in rm -- the command to
delete a file -- client6/NDA and we
could type in rm client6/when, and
now we can try again rmdir client6
Because we deleted everything inside
client6, client6 was an empty directory.
Because client6 is now an empty directory,
rmdir we'll go ahead and delete it without any complaints.
An ls shows us we no longer have a client6
directory. Suppose we wish to delete
client5's directory and the first
thing we wanted to do was to delete
everything that's inside the client5
directory. Stop and think a minute to see
if you can figure out how you could
delete everything in there all in one
line. Just a reminder: the contents of the
client5 directory. Well, one thing we
could do would be to type in
rm client5/ this-filename client5/this-filename client5/this-filename
That would be a lot of typing. Another
thing we could do will be to type in
rm client5/*
That removes everything that's inside client5. Now in
this particular case, that's exactly what
we wanted to have happen, but be very
careful with that asterisk, especially
when you're using it in
with a command such as "rm." If we had
had a file in the client5 directory
that we did, in fact, wish to preserve, it's
too late. It's gone, and there is no trash
bin or recycle bin or anything along
those lines from which to be able to
retrieve the data. It's not there
anymore. One thing that we could do -- I'm
going to go ahead and rmdir client5. With a client4 we could say rm -i client4/*
What client that -s is saying is
"Be interactive about your
deletions -- ask me, for each individual
file, "'Do you really wish to remove this?'"
I do wish to remove all of them, but
you can see that this provides a little
bit of a safety net to make sure that
we're really not deleting anything we
don't wish to
have deleted. So now I'm going to go
ahead and delete client4, and if we
wanted, we could do the same things with
clients3, client2 and client1, but there's an easier way of doing
things if you know for a fact that you wish to remove not only the directory,
but everything underneath the directory.
Any ordinary files or directory files
inside it any directory files that are
in directory files, that are inside it
all the way down -- you know for a fact you
wish to get rid of everything. Instead of
removing them the rmdir command,
you can use rm -r. rm -r, as you can see, works even
if the directory contains data, and it's
nice to be able to have both methods of
being able to delete directories. If you
know for 100% certain
that you do wish to
delete not only directory but everything
underneath it, you can do so with rm -r, but that is very powerful.
If you have any hesitation whatsoever, if
you want to make sure that you're just
removing empty directories, rmdir is the
command for you. I'm going to go up a
directory and say rm -r PT
you'll note that at this point the PT directory contains two
subdirectories which in turn contain a
bunch of different files. all of which
are now gone. So what we have seen so far
today is how you can copy and
move the files. You can create an empty file
with the touch command. We've seen that rmdir will
remove an empty directory. rm -r will
remove a directory that may or may not
be empty. If you wish to have an
interactive way of working with rm, you
could use -i. We've seen that an asterisk
can substitute for
any zero or more characters, and again
the asterisk is extremely powerful but
you have to be careful with it. The
asterisk is an example of what is sometimes called
a "globbing character." Another globbing
character is a question mark, and that
says, "Substitute exactly one character."
Instead of "Substituting here zero
or more," substitute exactly one. So
we've also talked a little bit as an
aside about what pen testing is and some
of the documentation -- not all but some of
the documentation -- that is involved in
pen testing. That was just an added bonus.
If you have any questions, please do feel
free to ask your teacher and do be
prepared -- if you are one of the Delaware
Technical Community College CIS 141
students for whom this video
was created -- do be prepared to come
into the classroom and to be able
to conduct various organizations of
groups of files. So we've seen one
example here. Are there any other
principles for organizing files? There actually are
a variety of different tips I'd like to
talk about, some of which we've already
made mention of; others of which we have
not. One is when you're organizing files,
it's a good idea to keep data files
separate from application files. One
reason for this is that data files are
going to be backed up much more
frequently than application files, and by
keeping them separate, it makes it easier
to execute a backup strategy.
You also want to have consistency in naming conventions for files and for folders or directories. We don't want to have client1
for one directory and PTclient2 for
another and thirdclient for a third. If
we're using client followed by number, we
want to keep that throughout.
You want your names to be short but descriptive. You don't want to have great big lengthy
things that, as you saw in our example, can
be kind of hard to read and take a while to
type, so make them fairly short. Use
common abbreviations (I used PT for
"pen test") and if a folder/directory -- I
put in "folder" here because these tips
are not Linux specific, they apply
equally to Windows or to any other
operating system -- but if you do see your
container object (whatever it's called)
start to have too much information and
it starts to become unwieldy, create
subfolders and sub-directories. A few
possible ways you can organize things
are completed versus incomplete, so if
you've got different files for different
projects, when you've finished a
particular file -- you've done the work
that is involved with that file -- you can
move it from the "incomplete" to the
"completed" directory. You might organize
things by file type, so you'll have all of
your workbooks together, all your
documents in a separate directory, all of
your slideshows in a third. You might
wish to organize things by project -- that
is, in essence, what we did here -- where we
had client1, client2, client3, and
each client involved a separate pen test.
If you're dealing with Windows,
put your documents in the document folder, create subfolders within the "Document" folder.
You can use jump lists. I'm going
to be panning down on my screen so that
you can see my taskbar so I can
demonstrate a jump list. If I right-click
on one of the icons in the taskbar, what
shows up is a jump list. These are my
pinned items, these are ones that are
going to be staying on my list even if I
haven't happened to use them in a while.
these are files that I've recently used. As I
added new files, open up new files, the
older ones will drop from the list. If
I'd like to make sure that something
stays on this list, I can pin it by
clicking on the pushpin. I can unpin
a pinned item by clicking on the push pin
again. You might wish use the recent
items on the start menu, but if for security
reasons you don't wish to have a "recent
items" on the start menu or you don't
wish to have a jump list, there
are ways of getting rid of those as well.
If you have certain files that you open
very, very, very frequently, you might wish
to create a desktop shortcut in
Windows to the particular item. That way,
you can go to it directly without having
to navigate the folder structure. If you
are trying to find particular files, you
can go into "computer" and for our
discussion right now. I'd actually like
to talk a little bit about how things
are set up at Del Tech. We have a u: drive
that teachers can add information to or
make changes to. Students can look at and can copy files from it, but they're not
allowed to make changes. I think the
u: drive is an excellent example of
organization. Even if you've never looked
at the u: drive before, if you know that
this video is for our CIS 141
class, you'd be able to just glance at
the names of these folders. They're very
short but they're descriptive. You should
be able to figure out that this is the folder
that you would be interested in. If you
happen to know
that my last name is "Mancini," you'd be
able to look at these and you'd be able
to zero in on exactly which folder would
have information that is relevant, and
then from here again you can go into the
relevant folder. At this point, I'd like
to look at the folder that just says
"Windows." This contains a number
of miscellaneous files for the purposes
of practicing organization. Again,
this is a relatively small number of
files in this folder, but pretend that
there were quite a number and we wish to
find a particular one. I happen to be in
the "Details" view right now. You can
change your view by going to the View
menu. You're going to "Details." If you
don't happen to see your view menu, you
could go to the drop-down list for
"Organize," and choose "Layout," and you'll be able to see your menu bar, then you can
bring up the View menu. We're
currently in the details view now. The
nice thing about the details view -- or one
of the nice things beyond the fact that
it gives you a lot more information
about all the different files -- is that
you can organize things quickly. If you
knew that the file you were interested
in was one that had been modified fairly
recently, you can click on "Date Modified,"
and if you click on it once, it organizes
things from the most recently to the
least recently modified files. These
files haven't been modified in quite a
while. If you click on it again, it
reverses the organization. If you knew
that you wished to get rid of some files --
maybe you're running out of space -- and
you wanted to see if are there a couple of
really large files that you wish to get
rid of, you could sort by size. The
default order is sorting by name, and if
you happen to have a mixture of both
files and folders, the folders by default
will show up first a through , then the
ordinary files a through z. So, again, I
hope you found these tips useful. Keep
them in mind. Again, if you happen to be a
CIS 141 student at Delaware
Technical Community College, be sure to
practice the commands that we discussed
earlier in this video: cp, mv, touch, the ls with the -R option, rmdir, rm -r, the
-i option, rm without any options. Practice the globbing
character, the asterisk. Be prepared to
come into class and be able to do
something similar to what was done in
this particular presentation.You will be
given a directory that has a lot of
files, and that you are going to have to try
to come up with an appropriate
organization for. Again, I hope you found
this video interesting and useful and
informative. If you have any questions,
please do speak with your instructor