There are various ways to answer most questions. If the candidate explained the key points with a suitable amount of information they got the question right.
CSS stands for Cascading Style Sheets. They are used to give a coherent style to a website.
The css information can be built into the page or included from an external .css file. The advantage of this layout is that the style of an entire site can be altered just by editing the sites css file.
xhtml stands for eXtensible HyperText Markup Language. Is is one of the new web markup languages combining HTML4 document types and XML.
It is designed to be xml conforming and operate in HTML4 agents. The advantage of this is to allow for your site to be future compatible aswell as backward compatible(5)
SSI stands for Server Side Includes. SSI’s trigger further actions whose output can be embedded into the page that it was called from.
Common uses are including other pages in the current page or executing inline CGI scripts.
The RedBrick website uses SSI both to execute inline CGI’s and to include the templates for the outline of all pages i.e the header and leftside links,the footer and right side links. (5)
- Internet Explorer, Opera, (Firefox,Netscape,Mozilla) (5)
Tasks of webgroup are to redesign the RedBrick website periodically. To maintain the RedBrick website and perform day to day updates in the form of front page announcements. To give help on web issues to members who ask for it.
Current member are : p colmmacc skyhawk emperor trevj kpodesta (5)
ASP stands for Active Server Pages. They are Microsofts answer to dynamic web content. They make use of inline VBScript.
They are not supported on RedBrick as they are essentially designed to work on microsoft IIS webservers. (5)
tar xvzf apache1_3_9.tar.gzand cd to the directory it creates.
Webservers default port is 80
SSL stands for Secure Socket Layer.SSL is a security protocol allowing for traffic to be encrypted and decrypted.. The default port for an SSL’d webserver is 443.
RedBrick makes use of it to secure the webmail service. SSL can be built into Apache2 by adding the –enable-ssl switch to the configure script.(5)
PHP as CGI:
Pro: More secure than running mod_php. Allows for all scripts to be handled by suExec and thus ran as the user who owns them.
Con: It’s slower than mod_php as before a script can run it must be passed on to suExec, suExec performs it’s own internal checkes and THEN calls php to run the script
PHP as module:
Pro: Faster than php as a CGI as the php can be run by the server using the php module.
Con: The lack of the handoff to suExec allowes for the script to be executed as the web server user. The webserver has a higher security access than a normal user as such exploited scripts could cause more harm.(4)
Virtual Hosts are a way for a single apache server to host websites for multiple different domains. Each site can have its own access controls ,error pages, etc.
RedBrick allows its members to host the websites belonging to their domains on the RedBrick server giving those domains all the availability of RedBricks services. The document root for vhosts on RedBrick is /webtree/vhosts (4)
The function of suExec is to intercept web scripts, perform some checks, and execute the script as the user who owns it. Doing this makes certain that an exploited script only has the permission of the user who owns it and is less of a danger to the server.
Yes suExec will complain. Part of the checks done is to make sure that both the user and group match. In this case the user in now in the associat group yet the scripts permissions are set to the member group. This will cause a mismatch and will throw an internal server error (4)
SSL certs work in combination with browsers to verify that a site claiming to be secure is. Most would be used to seeing a small lock in the corner of your browser. This will only be shown when the browser has verified that the website claiming to be secure is. The SSL cert holds the information required for this fact to be verified.
RedBrick creates their own SSL certs but these are not fully recognised as they are not signed by an offical cert authority.(4)
- The script is call apachectl.
apachectl startsslwill start the webserver with ssl support.(4)
- Tomcat is a webserver that can serve java servlets, jsp and also normal html.
The minimum requirement to use tomcat is a context line in tomcats server.xml file (5)
- It runs on port 8080. Users are oblivious as attempts to access urls containing *.jsp or /servlet are redirected to 127.0.0.1:8080 by apache rewrite rules (5)
- The problem is that tomcat runs as the jakarta user. PostgreSQL authenticates using ident as such the servlet is attempting to access their database using the jakarta username.
The same issue is the reason the servlet cant write to the file. The jakarta user needs write access.
The fixes are to ask an admin to give you a postgres password which you can hardcode into your servlet. Also either set the file you need to write to to 777 (not a good idea) or use an ACL to give jakarta write permission.(5)
- Java servlets are standalone java class files where as jsp is java code thats embedded into a web page.(5)
- Command is
Bad Gateway errors usually occur when tomcat has stalled or generally behaving like the spawn of satan that it is. It can be fixed by restarting tomcat.(5)
- CGI stands for Common Gateway Interface. They are used to add dynamic content to a website.
PHP stands for PHP: Hypertext Processor.
Web script permission should be 700.
3 scripting languages we support are PHP, PERL and Shell (5)
- The errors that stop it running are:
A missing ! in line 1
A missing ; after
The error that stops it running in a browser is that its missing a content type solved by adding the line
print "Content-Type:text/html\n\n";before the $date line.
- The rules are that the user must ask for committee approval as it falls under the reprovision of services standing order and if permission is granted it is usually requested that it be restricted to dcu users only.
Your reply to the user should include the above rules and thus tell them to mail email@example.com for approval(5)
#!/usr/bin/perl print "Content-type: text/html\n\n"; open (FILE,"; close FILE; ++$count; print "$count"; open (FILE,">hits"); print FILE "$count\n"; close FILE;
- Enigma = FreeBSD
Prodigy = Solaris
Carbon/Deathray = Linux.
The priviliged port range are ports from 0 to 1024.
Webmaster requires root to be able to start the webserver which binds to port 80 (5)
- NFS stands for Network File System. It is used to spread data over multiple machines. Redbrick makes use of it to mount /home and /webtree on all primary machines.
LDAP stands for LightWeight Directory Access Protocol. It is used for storing member information and login authentication Redbrick uses it to authenticate logins on all primary servers. (5)
topto get a full process list. Spot the process with the high cpu usage.
Verify its not a valid high process by your own common sense or asking the user running it.
If it’s killing the server rapidly get it’s PID number and type
kill -9 PIDto kill it.
Inform the user involved they may have a dodgy program. (5)
- The problem is that your friend is not a member of the root group a requirement to su. Yes they should try it from a console in the RedBrick server room :)
- You would use the
To edit someones /webtree quota run
edquota usernameon deathray.
To edit someones /home quota run
edquota usernameon carbon.
Update the soft and hard limits accordingly(5)
Do either 1 OR 2.
- First thing you should do is deny access to the files. Thats the most important step make them unavailable immediately.
Then respond to IRMA immediately apologising for the distribution of illegal material and that as much as we try we can’t monitor all users pages constantly.Say they are no longer available and the user has been dealt with.
Then contact the user tell them you recieved the complaint and in accordance with the Heanet AUP,our own codes of conduct and CSD regulations you have denied access to the files. Tell them they are not to distribute copyrighted material again. If they complain delete the files. If they continue, disuser.(25)
You need to install the apache server first and then add the php module.
tar xvzf apache.tar.gz cd apache ./configure --prefix=/home/apache make make install
tar xvzf php.tar.gz cd php ./configure --with-apxs2=/home/apache/bin/apxs make make install
Mod_php is generally needed if you have a large php application which is secure and not prone to exploitation, and you wish to harness the speed of doing the php processing at server level. Very useful for web boards or webmail systems.
Redbrick uses both php as cgi and php as a module :) Used as cgi on the primary webserver which the users can use and mod_php on the webmail server which has mod_userdir disabled. (25)
- 5.0 (1)
- 4.3.3 (1)
- 1.4.2 (1)
Hostname is deathray (1)