Introduction
Objective
- Tried teaching computer security to data scientists
- Had to back up every few minutes to explain underlying concepts
- "What does it mean to 'mount' a filesystem?"
- "What does it mean to 'background' a job?"
- "What is a 'port'?"
- Answer those questions step-by-step so that securing a web service will make sense
What This Is
- Notes and working examples that instructors can use to perform a lesson
- Musical analogy
- This is the chord changes and melody
- We expect instructors to create an arrangement and/or improvise while delivering
- Please see the license for terms of use, the Code of Conduct for community standards.
Scope
- Intended audience
- Ning did a bachelor's degree in economics and now works as a data analyst for the Ministry of Health
- They are comfortable working with common Unix command-line tools, writing data analysis scripts in Python, and downloading data from the web manually
- They want to understand what happens when they install a package or run a pipeline in the cloud
- Their work schedule is unpredictable and highly variable, so they need to be able to learn a bit at a time
Prerequisites
- Unix shell commands covered in [this Software Carpentry lesson][sc_shell]:
pwd
;ls
;cd
;.
and..
;rm
andrmdir
;mkdir
;touch
;mv
;cp
;tree
;cat
;wc
;head
;tail
;less
;cut
;echo
;history
;find
;grep
;zip
;man
- current working directory; absolute and relative paths; naming files
- standard input; standard output; standard error; redirection; pipes
*
and?
wildcards; shell variable with$
expansion;for
loop
- Python for command-line scripting
- variables; numbers and strings; lists; dictionaries;
for
andwhile
loops;if
/else
;with
; defining and calling functions;sys.argv
,sys.stdin
, andsys.stdout
; simple regular expressions; reading JSON data; reading CSV files using [Pandas][pandas] or [Polars][polars] - create an environment with [uv][uv]; activate it and install packages
- variables; numbers and strings; lists; dictionaries;
Learning Outcomes
- Explain what environment variables are and write programs that use them.
- Create a virtual environment and explain what this actually does.
- Create
requirements.txt
file for Python and explain version pinning. - Explain what a filesystem is (disk partitions, inodes, symbolic links)
and use
df
,ln
, similar commands to explore with them. - Explain what a process is and use commands like
ps
andkill
to explore and manage them. - Explain what a job is and use commands like
jobs
,bg
, andfg
to manage them. - Explain what
cron
jobs are and how to create them. - Explain the difference between a container and a virtual machine.
- Create and manage [Docker][docker] images.
- Explain what ports are and write Python code that uses sockets and HTTP.
- Explain what certificates are and how they are used to support HTTPS.
- Explain what key pairs are and how they are stored, and create and manage key pairs.
- Explain what IP addresses are and how they are resolved.
- Explain how traditional password authentication works and describe its weaknesses.
Setup
- Download the latest release
- Unzip the file in a temporary directory to create:
./site/*.*
: files and directories used in examples./src/*.*
: shell scripts and Python programs./out/*.*
: expected output for examples
Acknowledgments
FIXME