Advertisement

HexaGuard: Mastering the Art of Digital Shadows

🔥Understanding Operating Systems (Theory & Hands-on) 🔥

Hexa Guard February 06, 2025

We’ll break this down into structured learning with both theory and hands-on tasks to help you gain a deep understanding. Let's get started!

1️⃣ What is an OS? How Does It Manage Hardware & Software?

Theory:

An Operating System (OS) is system software that acts as an intermediary between hardware and software. It manages system resources (CPU, Memory, Storage, I/O devices) and provides a user interface.

Key Responsibilities of an OS:

  • Process Management: Handles multitasking, scheduling, and execution.
  • Memory Management: Allocates RAM for processes and ensures efficient memory usage.
  • File System Management: Organizes, stores, and retrieves files on disk.
  • Device Management: Controls hardware like keyboards, printers, and network adapters.
  • Security & User Management: Implements authentication, permissions, and access control.

🔹 Hands-on Task 1: Check OS Details

Windows:
Open Command Prompt (Win + R → cmd) and run:

powershell

systeminfo | findstr /B /C:"OS Name" /C:"OS Version"

Linux/macOS:
Open a terminal and run:

bash

uname -a
cat /etc/os-release

📝 Observe the OS name, version, and kernel details.

2️⃣ Types of OS & Key Differences (Windows, Linux, macOS, Unix)

Theory:

FeatureWindowsLinuxmacOSUnix
Open Source?NoYes (Mostly)NoMostly
Kernel TypeHybrid (Windows NT)Monolithic (Linux Kernel)Hybrid (XNU)Monolithic
Command ShellCMD/PowershellBash/Zsh/FishBash/ZshShell (csh, ksh)
FilesystemNTFS, FAT32EXT4, XFS, BtrfsAPFS, HFS+UFS, ZFS
SecurityLower (More Malware)HighVery HighHigh

🔹 Hands-on Task 2: Check System Type & Kernel

Windows:

powershell

systeminfo | findstr /B /C:"System Type"

Linux/macOS:

bash

uname -srm

📝 Compare the outputs of different OSes.

3️⃣ OS Architecture: Kernel, User Space, System Calls, Libraries

Theory:

🔹 Kernel: Core of the OS that directly interacts with hardware. ( learn about kernel by clicking here)
🔹 User Space: Applications and processes running outside the kernel.
🔹 System Calls: Interface between applications and the kernel (e.g., open(), read(), write()).
🔹 Libraries: Precompiled functions that applications use (e.g., glibc for Linux, ntdll.dll for Windows).

🔹 Hands-on Task 3: Check Running Kernel & System Calls

Windows:

powershell

Get-WmiObject Win32_OperatingSystem | Select-Object Version

Linux/macOS:

bash

uname -r    # Kernel version
strace ls   # Trace system calls (Linux only)

📝 Compare kernel versions across different systems.

4️⃣ Boot Process (Windows vs. Linux)

Theory:

🔹 Windows Boot Process:

The Windows Boot Process follows a structured sequence of events that leads from powering on the system to loading the Windows operating system fully into memory. 

  1. BIOS/UEFI → click here
  2. MBR/GPT → click here
  3. Bootloader (Windows Boot Manager) → click here
  4. NT Kernel (ntoskrnl.exe) → click here
  5. User Space (Explorer, Apps).

🔹 Linux Boot Process:

The Linux boot process involves several key steps, similar to the Windows boot process, but with a few distinctions due to the nature of Linux. Below is a detailed breakdown of each phase in the process.

BIOS/UEFI →
  • When the system is powered on, the BIOS (Basic Input/Output System) or UEFI (Unified Extensible Firmware Interface) firmware initializes the hardware components.
  • Performs the Power-On Self-Test (POST) to check for hardware issues.
  • Identifies the bootable device (HDD, SSD, USB, etc.).
  • Loads the bootloader from the Master Boot Record (MBR) or EFI System Partition (ESP).
GRUB Bootloader →
  • The bootloader is responsible for loading the Linux kernel into memory.
  • The most commonly used bootloader is GRUB (Grand Unified Bootloader).
  • GRUB presents a boot menu where users can choose:
    • Kernel versions
    • Different operating systems (if dual-boot is configured)
    • Recovery mode options
  • GRUB loads the selected kernel into RAM and hands over control.
Init/Systemd →
  • The init system (older Linux distros) or systemd (modern Linux) takes over.
  • Systemd is the most commonly used initialization system today.
  • It starts services based on predefined configurations.
  • Executes scripts to mount filesystems, enable networking, and launch essential daemons.
  • Systemd organizes processes using targets instead of traditional runlevels.
Kernel →
  • The Linux kernel is loaded into memory and starts executing.
  • It initializes hardware drivers and mounts the root filesystem.
  • The kernel loads essential modules required for system operation.
  • It executes initramfs (initial RAM filesystem), which provides necessary drivers to mount the root filesystem.
  • The kernel then starts the first process: init (or systemd in modern systems).


    • User Space (Shell, GUI).

    __________________________________________________________________________________

    🔹 Hands-on Task 4: Check Boot Process Logs

    Windows:

    powershell

    Get-EventLog -LogName System -Newest 10 | Format-Table TimeGenerated, EntryType, Message

    Linux/macOS:

    bash

    dmesg | less
systemctl list-units --type=service --state=running

    📝 Analyze how your system booted up.

    5️⃣ Filesystem Structure & Permissions

    Theory:

    🔹 Windows: Uses NTFS, FAT32.
    🔹 Linux/macOS: Uses EXT4, XFS, Btrfs, APFS.
    🔹 Key Directories in Linux:

    • /home → User files
    • /bin → Essential binaries
    • /etc → Configuration files
    • /var → Logs
    • /boot → Kernel & bootloader files

    🔹 File Permissions (Linux):

    • r (read), w (write), x (execute)
    • chmod (change file permissions)
    • chown (change file ownership)

    🔹 Hands-on Task 5: Check Filesystem & Modify Permissions

    Windows (Check File System):

    powershell

    fsutil fsinfo drives
fsutil fsinfo volumeinfo C:

    Linux/macOS (Check Filesystem & Permissions):

    bash

    df -hT
ls -l /etc/passwd
chmod 700 myfile.txt
chown user:user myfile.txt

    📝 Observe the file structure and change permissions.

    6️⃣ Process & Memory Management

    Theory:

    🔹 Process: A running instance of a program.
    🔹 Virtual Memory: Uses disk space as extra RAM (paging/swapping).
    🔹 Context Switching: Switching between running processes.
    🔹 Thread: A lightweight process (multiple threads run in a process).

    🔹 Hands-on Task 6: Monitor Processes & Memory

    Windows (Check Processes & RAM Usage):

    powershell

    tasklist | Sort-Object WS -Descending | Select-Object -First 10

    Linux/macOS (Check Processes & RAM Usage):

    bash

    ps aux --sort=-%mem | head -10
top
htop   # (if installed)

    📝 Observe running processes and memory usage.

    💯 Conclusion & Next Steps

    🔥 You've learned:
    ✅ What an OS is & how it manages hardware/software.
    ✅ Different OS types and their differences.
    ✅ OS architecture, boot process, and system calls.
    ✅ Filesystem structure & permissions.
    ✅ Process & memory management.

    🎯 Next Steps:

    • Experiment with boot logs & system monitoring.
    • Deep dive into privilege escalation in OS security.
    • Learn kernel exploitation and OS hardening techniques.
    Hexa Guard

    Posted by Hexa Guard

    Hexa Guard is your go-to platform for mastering cybersecurity and ethical hacking. We specialize in providing educational resources, hands-on training, and cutting-edge security solutions to combat cyber threats. Our mission is to create a safer digital world by empowering individuals and organizations with practical skills and knowledge in ethical hacking, penetration testing, and red teaming. Join us to secure the future ethically—one step at a time! ����

    Post a Comment

    0 Comments