P4-Y 4/24 DevOps for Dev Tools

KASM HACKS:

1. In 3-4 sentences, please explain the significance of virtual desktops and KASM. How can virtual desktops such as these be utilized in our AP CSP environment? (0.45) Virtual desktops are a technology that allows users to access and use remote computing resources, such as operating systems and applications, from any device with internet access. KASM (Kali Application Streaming Manager) is a specialized virtual desktop environment designed for cybersecurity education, providing a safe and controlled environment for learning and practicing cybersecurity skills, particularly with the Kali Linux operating system. In an AP CSP (Advanced Placement Computer Science Principles) environment, virtual desktops like KASM can be utilized to provide students with hands-on experience in cybersecurity concepts and skills, without the need for expensive hardware or risking damage to real systems. Students can learn and practice cybersecurity techniques in a controlled environment, honing their skills in a safe and secure manner.

2. Attempt to work through the KASM setup with your team. Attach two screenshots to show that you have successfully gone through the setup: The first screenshot of KASM generating your credentials, and the second screenshot of the KASM workspace once you have logged in. (0.45)

This is how far I got

AWS DATABASES HACKS:

1. QUIZ: https://vardaansinha.github.io/devops/2023/04/23/DifferentAWS.html
   1. C
   2. A
   3. C
2. QUIZ #2: https://vardaansinha.github.io/devops/2023/04/02/AWSSQL.html
   1. C
   2. D
   3. C

DuckDNS and AWS HACKS:

1. HACK 1: Create a diagram (Canva). What are the pros and cons of using DuckDNS? Show a diagram of an application running on AWS using a DuckDNS system.

1. HACK 2: Write a reflection. Why do we use DNS? How does DuckDNS work? What makes DuckDNS unique? How is DuckDNS useful for our projects? What are the steps to setup DuckDNS? DNS is essential for accessing websites using domain names instead of IP addresses. DuckDNS is a free dynamic DNS service that provides a stable domain name for devices with dynamic IP addresses. It's simple to set up and versatile for different projects. DuckDNS can be used for self-hosted services, remote access to home networks, and IoT projects. To set up DuckDNS, sign up for a free account, configure your router to update your IP address with DuckDNS, and test your domain name to ensure it's working correctly. Overall, DuckDNS is a convenient and free option for hosting services from home or accessing devices remotely.

2. HACK 4: In 2-3 complete sentences, talk about any outdated Nginx/Docker functionalities that may need to be addressed or any confusions you may have in regards to the deployment process from Trimesters 1 and 2. It's important to stay updated with the latest versions of Nginx/Docker and to be aware of any deprecated features or changes in the deployment process. It's also helpful to have a clear understanding of the underlying technologies and best practices for configuring and securing your server.

3. HACK 5: Create a Venn Diagram comparing Nginx with Lighttpd.

1. HACK 6: Complete the Python quiz and attach your output from the notebook (should be done once you do the quiz.)

Hello, kcabralomana running /home/kcabralomana/anaconda3/bin/python You will be asked 11 questions. Are you ready to take a test! Press Enter key to begin. Best of luck :) Question 1 : What does Domain Name Server represent? is incorrect! Better Luck next time. Question 2 : What does this Represent: Amazon Web Services, which is a cloud computing platform provided by Amazon. AWS is correct! Good Job! Question 3 : What is the first Step to setting up an AWS Server? 1: Connecting to a Ubuntu EC2 Instance, 2: Start updating the system, 3: Clone the repository which one wishes to deploy, 4: Run the command: main.py to start the project 1 is correct! Good Job! Question 4 : What is the third Step to setting up an AWS Server? 1: Connecting to a Ubuntu EC2 Instance, 2: Start updating the system, 3: Clone the repository which one wishes to deploy, 4: Run the command: main.py to start the project 3 is correct! Good Job! Question 5 : What is the fourth Step to setting up an AWS Server? 1: Connecting to a Ubuntu EC2 Instance, 2: Start updating the system, 3: Clone the repository which one wishes to deploy, 4: Run the command: main.py to start the project .4 is correct! Good Job! Question 6 : What is the second Step to setting up an AWS Server? 1: Connecting to a Ubuntu EC2 Instance, 2: Start updating the system, 3: Clone the repository which one wishes to deploy, 4: Run the command: main.py to start the project 2 is correct! Good Job! Question 7 : What files are you supposed to edit after finishing the first steps of setting up the server and cloning it within the AWS Server? 1: Edit the docker files and docker.yml, 2: Edit the main.py file to change the characteristcs. 1 is correct! Good Job! Question 8 : What is the first step to setting up a DuckDNS Server? 1: Sign in with your DuckDNS account using Github, 2: Configure current ip to the IP address that you want to access and click update ip button , 3: Create the subdomain, 4: Access site by typing in subdomain.duckdns.org 1 is correct! Good Job! Question 9 : What is the second step to setting up a DuckDNS Server? 1: Sign in with your DuckDNS account using Github, 2: Configure current ip to the IP address that you want to access and click update ip button , 3: Create the subdomain, 4: Access site by typing in subdomain.duckdns.org 3 is correct! Good Job! Question 10 : What is the third step to setting up a DuckDNS Server? 1: Sign in with your DuckDNS account using Github, 2: Configure current ip to the IP address that you want to access and click update ip button , 3: Create the subdomain, 4: Access site by typing in subdomain.duckdns.org 2 is correct! Good Job! Question 11 : What is the fourth step to setting up a DuckDNS Server? 1: Sign in with your DuckDNS account using Github, 2: Configure current ip to the IP address that you want to access and click update ip button , 3: Create the subdomain, 4: Access site by typing in subdomain.duckdns.org 4 is correct! Good Job! kcabralomana you scored 10/11 Total Percentage: 90.91%

CERTBOT HACKS:

1. Follow the instructions below and provide a full screenshot of all terminal commands after and including sudo certbot --apache all the way until it asks for the domain you want to secure. At this point you can take a screenshot and cancel the process. If you choose to continue the setup process and get Certbot fully working and show a before and after screenshot of your domain with http amd https connection we will grant extra credit points on hacks, or make up for lost points in other areas.

It wouldn't let me register

1. Research and compare the security features of OpenSSL and LibreSSL, and write about the recent vulnerabilities within it. Write about your research in a fastpages blog post. It can be the same post that has your screenshot for the Certbot Hacks.

OpenSSL and LibreSSL are both open-source cryptographic libraries used to secure network communications. While OpenSSL is more widely used and feature-rich, LibreSSL prioritizes security and maintainability over performance and features [2]. However, despite its aim to increase security, LibreSSL had some vulnerabilities that did not affect OpenSSL, such as CVE-2017-8301 [1]. Both libraries have reported CVEs, but OpenSSL has a longer history of vulnerabilities. C language is still used for cryptographic code due to its advantages in optimization and avoiding timing attacks, but there is a debate about whether it is the best language for all aspects of OpenSSL [2]. It is important to stay updated with the latest versions of Nginx/Docker and to be aware of any deprecated features or changes in the deployment process [2]. Additionally, one should have a clear understanding of the underlying technologies and best practices for configuring and securing the server [2][3].

References: [1] Comparing OpenSSL with LibreSSL [2] OpenSSL vs LibreSSL before the 2nd critical is revealed [3] LibreSSL: The Secure OpenSSL Alternative - Infosec Resources

SCORING GUIDELINES:

As talked about in class, we'll be looking for effort in the hacks. Though some setups may inevitably not work, we want to see that you took a stab at it and that you understand what the errors you're getting might mean.

FOR 2/4 SECTIONS OF HACKS COMPLETE: HIGHEST WILL BE A 3.2/4 POSSIBLE --> 0.8/1

FOR 3/4 SECTIONS OF HACKS COMPLETE: HIGHEST WILL BE A 3.6/4 POSSIBLE --> 0.9/1

FOR 4/4 SECTIONS OF HACKS COMPLETE: YOU CAN GET UP TO A 4/4 --> 1/1