1
00:00:00,000 --> 00:00:19,519
Hey guys and welcome back. So now what I want to do is to change gears and talk about user

2
00:00:19,519 --> 00:00:26,480
notification. Now when we talk about user notification, what we're really talking about is just simply

3
00:00:26,480 --> 00:00:34,159
communicating to a particular user via some type of message. Now we have different types of messages

4
00:00:34,159 --> 00:00:40,640
that we can actually have on our system. One big distinction we're going to see is the concept of a

5
00:00:40,640 --> 00:00:48,240
pre-login message. This is a message you will see before you log into the system as well as a post

6
00:00:48,240 --> 00:00:54,960
login message which you can guess of course is a message after you log in to the system. Now really

7
00:00:54,960 --> 00:01:00,560
this might just seem like a surface level concept. We've got one that we see before and one that we

8
00:01:00,560 --> 00:01:07,840
see after we log in but this is actually something we should give a little bit of consideration to.

9
00:01:07,840 --> 00:01:15,519
Simply put, if you put too much information in a pre-login message, actually think about what is

10
00:01:15,519 --> 00:01:21,200
going on. You have a user who's not actually authenticated into the system. They've not even

11
00:01:21,200 --> 00:01:28,320
logged on yet after all and if you are displaying to them information which may be sensitive then

12
00:01:28,320 --> 00:01:35,359
ultimately you could be compromising the system or the security of your system. Similarly if you

13
00:01:35,359 --> 00:01:41,200
happen to be too guarded and you provide not enough information then maybe you are actually

14
00:01:41,200 --> 00:01:47,200
leaving out details that your users would really like to know about. Now there are some particular

15
00:01:47,200 --> 00:01:53,760
files that we can use to communicate this type of information. The very first file I want to talk

16
00:01:53,760 --> 00:02:02,079
to you about is the Etsy issue file. Try to remember this location. So let's say you try to log in to

17
00:02:02,079 --> 00:02:08,560
your particular server whatever it may be and you happen to be presented with a log on screen. You

18
00:02:08,560 --> 00:02:14,800
might happen to notice information such that it may tell you about the kernel for example or maybe

19
00:02:14,800 --> 00:02:20,240
it tells you about the system architecture. This information can actually be specified within the

20
00:02:20,240 --> 00:02:27,760
Etsy issue file because ultimately all this is is a text file that contains a message or say for

21
00:02:27,760 --> 00:02:35,439
example a system ID that is to be printed to the screen before the login prompt. Okay so this is

22
00:02:35,439 --> 00:02:42,960
something we see before login. Now one thing to consider here is that the Etsy issue file this

23
00:02:42,960 --> 00:02:49,600
is only going to be displayed for local logins. If you try to log in over the network maybe say over

24
00:02:49,600 --> 00:02:57,520
ssh you will not see any messages that you have specified within the Etsy issue file. Instead

25
00:02:57,520 --> 00:03:04,400
if you want to be able to see information when you log in remotely over say for example ssh

26
00:03:04,400 --> 00:03:10,800
instead you would want to make changes to a file called Etsy issue dot net and the name is kind of

27
00:03:10,800 --> 00:03:16,160
in the clue it's like the issue file but you're reaching it over the network. So if you happen

28
00:03:16,160 --> 00:03:23,600
to be using things like telnet or ssh these remote login technologies you can specify information to be

29
00:03:23,600 --> 00:03:30,080
printed onto the screen before the login prompt. Now when you happen to be constructing say for

30
00:03:30,080 --> 00:03:38,240
example the Etsy issue file there actually are some special values within this particular file

31
00:03:38,240 --> 00:03:43,760
and we'll actually get to see what those look like in the next nuggets but for now let me just

32
00:03:43,760 --> 00:03:49,200
highlight what some of these are. So when you log in through this particular file you will see some

33
00:03:49,200 --> 00:03:55,520
type of text information but you will also see some type of special characters and you'll be able to

34
00:03:55,520 --> 00:04:01,520
tell those special characters because they will be using backslashes so you may as well see a backslash

35
00:04:01,520 --> 00:04:09,120
b for example. Now when you happen to use the backslash b value within the Etsy issue file what

36
00:04:09,120 --> 00:04:15,120
this is actually going to do is going to display the speed of the connection this is actually going

37
00:04:15,120 --> 00:04:20,800
to display what is called the BOD rate. If you want to include this information you can just use

38
00:04:20,800 --> 00:04:26,480
this special character and the BOD rate i.e the speed of the connection will be displayed before

39
00:04:26,560 --> 00:04:33,360
the login prompt. Similarly if you happen to use the backslash d value this would actually display

40
00:04:33,360 --> 00:04:38,720
the current date this is kind of like what we talk about when we mention variables remember when we

41
00:04:38,720 --> 00:04:45,200
talked about bash scripting this is kind of like a variable right here this special character is going

42
00:04:45,200 --> 00:04:52,640
to represent whatever the current date happens to be if we want to see the actual operating system

43
00:04:52,639 --> 00:04:59,759
release number we could use the special character within the Etsy issue file backslash lowercase

44
00:04:59,759 --> 00:05:05,919
r and that would just print out to us the output of uname dash r which in this case here we can see

45
00:05:05,919 --> 00:05:13,279
this value. When we talk about the Etsy issue dot net file this is kind of a historical text

46
00:05:13,279 --> 00:05:20,719
file okay in that it's not automatically going to be read when we use an ssh session instead this

47
00:05:20,720 --> 00:05:27,440
was designed back in the days of telnet which is the unsecure and unencrypted version of ssh so to

48
00:05:27,440 --> 00:05:35,440
speak so if we happen to connect over ssh we absolutely can read in the values of Etsy issue

49
00:05:35,440 --> 00:05:41,440
dot net but like i say it's not going to be automatic we have to give some additional information

50
00:05:41,519 --> 00:05:51,920
and that information is that within the ssh ssh d underscore config file we actually have to point

51
00:05:51,920 --> 00:05:58,639
our banner setting to that particular location and we'll get to see what that looks like in the very

52
00:05:58,639 --> 00:06:04,480
next nugget but ultimately just understand by modifying this configuration file and changing

53
00:06:04,480 --> 00:06:12,319
this setting here to point to the Etsy issue dot net file we can indeed still receive the information

54
00:06:12,319 --> 00:06:19,600
from that configuration file over our ssh session. Now one thing i just feel i really have to kind

55
00:06:19,600 --> 00:06:24,640
of stress to you is that see all this really interesting and cool information that you can get

56
00:06:24,640 --> 00:06:32,000
using these special values such as backslash r to see the os release number and dash m to get the

57
00:06:32,079 --> 00:06:37,680
system architecture this can actually be a dangerous thing to do and again it's dangerous

58
00:06:37,680 --> 00:06:44,800
because what i just said before this is a pre-login banner we're seeing i.e this is going to be

59
00:06:44,800 --> 00:06:50,240
displayed to users who haven't actually even proven their own credentials so if you happen to be

60
00:06:50,240 --> 00:06:57,199
displaying information about your system say for example the type of architecture it has an outsider

61
00:06:57,279 --> 00:07:03,199
let's say for example a hacker could actually use this information for what is called information

62
00:07:03,199 --> 00:07:09,279
gathering reconnaissance and they could begin searching for particular vulnerabilities for

63
00:07:09,279 --> 00:07:16,159
that specific system you happen to be running so you really have to be careful advertising this

64
00:07:16,159 --> 00:07:23,360
type of information to absolutely anyone. Now another configuration file that we want to understand

65
00:07:23,360 --> 00:07:33,360
is the etse motd configuration file this is the message of the day file now this is a file that

66
00:07:33,360 --> 00:07:40,960
will be displayed post-login so once a user has logged in they can actually see the message of

67
00:07:40,960 --> 00:07:46,720
the day now you can actually be a little bit more relaxed about this information because of course

68
00:07:46,720 --> 00:07:52,000
the person who has logged in should have authenticated into the system therefore they should

69
00:07:52,000 --> 00:07:57,360
actually be an authorized user so now that we actually understand what these configuration files

70
00:07:57,360 --> 00:08:03,600
are how about we begin looking at them and making our own modifications to these files and also while

71
00:08:03,600 --> 00:08:09,120
we're at it look at a few additional commands that we can use to further communicate messages

72
00:08:09,120 --> 00:08:13,759
to our team well the good news is is that that is what we're going to be doing in the very next

73
00:08:13,759 --> 00:08:17,680
nugget so i hope this has been informative for you and i'd like to thank you for viewing