Network forensics and security

Objectives of this Lab:
The objective of this assignment is to get used to the Linux platform. You will do that by writing a small program (in either C, C++ or Java) that will access system status information available from the Linux /proc directory.
Access the (/proc) directory and know about the system information from various files in this and its sub-directories.
How to proceed with the Program:
Information in the /proc directory is available just as though the files were regular text files. You may open those files, read out the data, save or print that data, and then close the file. Repeat for each file that you need to gather all of the needed data. When you have gathered all of the information you need, you can print your results to the display.
Type the program into an editor and compile the program at the command prompt.
Compiling and execution is done as in Week 4 Linux project.
If you do not find a description of some system call by the man command, then try the Web search engine google for help (Use a Web browser to access ).

Where to look for information in (/proc) directory ?
Search the (/proc ) directory and its sub-directories for the files which contain information required for this lab. You can refer to the online manual for more information on proc (man proc). For example, you can type the following in the command line
more /proc/hostname
to find the hostname of the machine.
Exercise : Write a program in C or C++ or Java to display the following information.
1. General information.

In this section you will assemble some basic facts about the system
Machine name (hostname) # get this information from /proc/sys/kernel/hostname
System date and time # get this information from /proc/driver/rtc
Kernel version # get this information from /proc/version
Memory usage (used and free memory) # get this information from /proc/meminfo
2. Time information.

In this section you will print out how long the system has been up and how busy it has been.

a. Duration of uptime # get these information from /proc/uptime
b. Duration of idletime

The skeleton of the program
(1) read file ?/proc/uptime? to obtain Totaltime and Idletime
(2) read file ?/proc/sys/kernel/hostname? to obtain the hostname
(3) read file ?/proc/version? to obtain the kernel version
(4) read file ?/proc/meminfo? to obtain the amount of used memory and free memory

(5) read file ?/proc/driver/rtc? to obtain time and date

Leave a Reply