Linux Linux Security and Administration (Andy Vickler) (Z-Library)

Linux Linux Security and Administration

© Copyright 2021 - All rights reserved. The contents of this book may not be reproduced, duplicated or transmitted without direct written permission from the author. Under no circumstances will any legal responsibility or blame be held against the publisher for any reparation, damages, or monetary loss due to the information herein, either directly or indirectly. Legal Notice: This book is copyright protected. This is only for personal use. You cannot amend, distribute, sell, use, quote or paraphrase any part or the content within this book without the consent of the author. Disclaimer Notice: Please note the information contained within this document is for educational and entertainment purposes only. Every attempt has been made to provide accurate, up to date and reliable complete information. No warranties of any kind are expressed or implied. Readers acknowledge that the author is not engaging in the rendering of legal, financial, medical or professional advice. The content of this book has been derived from various sources. Please consult a licensed professional before attempting any techniques outlined in this book. By reading this document, the reader agrees that under no circumstances is the author responsible for any losses, direct or indirect, which are incurred as a result of the use of information contained within this document, including, but not limited to, —errors, omissions, or inaccuracies.

Table of Contents Introduction Chapter One: Using Linux on Virtual Machines Installing a Workstation Player Choose the Correct Distro Linux Distros Setting Up the Virtual Machine Customizing Virtual Hardware Download and Install Tools Installing Linux on VMware Running Linux on a Virtual Machine Installing a Linux Distro on a Windows Virtual Machine Chapter Two: Securing User Accounts on Linux Don’t Login Using a Root Account Using Sudo Accounts Reducing the Damage Fine-Grained Permissions Managing User Account Security Adding New Users Disable Root Login Password Policies in Linux Restrict SSH Access Understanding Account Privileges Manage Linux User Accounts Reducing Privileges Managing Passwords Reduce the Use of Shared Accounts Control Access to Accounts Maintain Logs

Record and Manage Privileged Activity Notify or Alert in Case of Suspicious Activity Unify and Centralize Chapter Three: Securing Servers Using Firewalls Ports Using the Firewall-cmd Interface Bock Everything Creating a Zone Removing or Adding Services Unblocking a Service Removing and Adding Ports Walls of Fire Chapter Four: Securing Your Server Updating Servers Regularly Creating a Secondary User Account Setting up SSH Keys Checking and Configuring the Firewall Limiting the Use of Open Ports Setting Up Live Kernel Patches Hardening the Kernel Hardening User Space Using Secure Boot Setting Up Two-Factor Authentication Step One Step Two Step Three Step Four Step Five Turning Off Internet Protocols Understanding the Applications/Tools before Installation

Removing Unnecessary Startup Processes Reviewing Activities Regularly Start Backing Up Only Install the Things You Need Use SELinux Securing the Console Access Restricting the Use of Old Passwords Checking Listening Ports Disabling Login through the Root Change Ports Disabling Shortcuts Logging In Without Passwords Use fail2ban Creating a New Privileged Account Uploading the SSH Key Securing SSH Creating a Firewall Removing Unused Network Services Chapter Five: Password Encryption Methods in Linux Pretty Good Privacy (PGP) and Public-Key Cryptography S/MIME, SSL and S-HTTP S/MIME SSL S-HTTP Linux IPSEC Implementation Secure Telnet (stelnet) and Secure Shell (ssh) Pluggable Authentication Modules or PAM CIPE or Cryptographic IP Encapsulation

Using Shadow Passwords John the Ripper and Crack Chapter Six: Tools to Encrypt and Decrypt Password Protected Files GNU Privacy Guard or GnuPG Bcrypt Ccrypt 4-Zip Openssl 7-Zip Nautilus Encryption Utility Encryption Decryption Chapter Seven: Using Tools to Encrypt Files on Linux Tomb Cryptmount CryFS GnuPG VeraCrypt EncFS 7-zip Dm-crypt eCryptfs Cryptsetup Chapter Eight: Using Cryptsetup to Setup Encrypted Filesystems and Swap Space Using a Drive, Loop Device, or Partition for Encryption Testing the Encryption Installing cryptsetup

Setting the Encrypted Partition Testing Encryption Adding Additional Layers of Security Chapter Nine: Using Access Control Lists in Linux Introduction to Access Control Lists (ACL) Uses of ACL List of Commands to Set Up ACLs Adding Permissions to Users Adding Permissions to Groups Allowing Files and Directories to Inherit ACL Entries Removing a Specific Entry in the ACL Removing Entries in ACL Modifying the ACL Adding Permissions for Users Adding Permissions to Groups Allow Files or Directories to Inherit the ACL Entries Viewing ACL Removing ACL Using Default ACLs Chapter Ten: Downloading and Installing Kali Linux Downloading Kali Linux Hard Disk Installation Booting Kali Linux for the First Time Setting the Defaults Initial Network Setup Password System Clock Disk Partitioning Configuring the Packet Manager Installing the GRUB Loader Completing the Installation

USB Drive Installation Windows Non-Persistent Installation Linux Persistent Installation Chapter Eleven: The Penetration Testing Life Cycle The Five Stages of the Penetration Testing Life Cycle Stage 1: Reconnaissance Stage 2: Scanning Stage 3: Exploitation Stage 4: Maintaining Access Stage 5: Reporting Chapter Twelve: Scanning Network Traffic Firewalls and Ports PING Traceroute Nmap: The King of Scanners Conclusion References

Introduction If you are new to using Linux, it will be difficult for you to find the right information online. This book has all the information you need to help you install the operating system and show you how you can use it either on your system or a virtual system. The book also has information about how you need to configure user access and other information to maintain the network and server's security on the Linux system. You do not have to know anything about Linux before you use it since the information in this book will guide you every step of the way! The book introduces the idea of using Linux on a virtual system and provides information on the different distributions of Linux. You can use this information to determine which distros work best for you and download that onto your system. You will also learn about the importance of a root account and the other accounts on the server. The book also provides information about the methods used to control access to users. You will learn how you can grant and revoke privileges to users to help you protect the data. The book covers how you can secure the information, files, and folders in the operating system. You will be introduced to a list of tools you can use to secure the data on your systems and how you can encrypt and decrypt information using these tools. You can also use passwords to encrypt and decrypt the files and folders on the server and network if you need to. Since Linux is an operating system, and the data is stored on a server or network, you need to test the network and server's strength. This book will shed light on the method you can use to identify any vulnerability in the system. It will also let you know how you can use scanning to identify the holes in your system. You can use the information in this book to determine how to overcome those vulnerabilities. Thank you for purchasing the book. I hope you learn more about Linux and how you can protect the information in your files and folders.

Chapter One: Using Linux on Virtual Machines Have you wanted to use Linux but did not want to use it on your system? Your system may have trouble if you use dual-booting, and the best thing to do is to use Linux on a virtual machine. It is easy for you to use Linux on a virtual machine if you use Windows. The procedure is straightforward. In this chapter, we will look at installing and using Linux on a virtual machine, a VMware Workstation specifically. If you want to use a virtual machine, you need to find a PC, which allows you to use virtualization. You may have tried to install Linux on your system using a CD, but you may not be sure about dual booting. You should install the Linux operating system on your PC but using a virtual machine. Virtual machines are environments that replicate the conditions of the hardware on your device. The environment mirrors everything in your personal computer and is limited only by the system's different components. This means you cannot expect to have a four-core CPU on a processor which only has two cores. You can achieve virtualization on multiple systems, and the result of this will be superior on computers that have CPUs that support visualization. You can use different virtual machines to install the Linux operating system on your computer. VMware is one of the leading manufacturers of virtual machines and applications. In this chapter, we will look at how you can install Linux OS in Windows using a workstation player designed by VMware. Installing a Workstation Player If you want the workstation player, you need to download the latest version from the VMware website. They constantly upgrade their workstation player application and tool. For this example, we will use the VMware workstation 15 player, and this file is 150 MB in size. The latest versions can be heavier, so make sure you have good Internet connectivity. These workstation players are available for home, non-commercial, and personal use and are free. Non-profit organizations and students can use this

version since they do not have to shell out any money on installing the operating system. A VMware workstation player performs all the functions a standard virtual machine must. You can also use VMware products since each product offers a wide range of visualization solutions that you can use for any business. If you want to learn more about their products, you can read about them on their website. After you download the VMware workstation player, click on the installer and follow the installation wizard steps to set up your virtual workstation. It is recommended that you download the Enhanced Keyboard Driver during the installation since you may not need it now but will need it later. Complete the installation and reboot your system when the wizard prompts you. Choose the Correct Distro You should read about the different Linux distributions available to you and choose the one that works best for you. Some Linux distributions work best on virtual machines, while others cannot work on them. All 64-bit and 32-bit versions of Linux work well on virtual machines. You cannot run Linux distros, such as Raspberry Pi and other ARM architecture Linux distributions on virtual machines. If you want to use an ARM Linux environment on your Windows machine, you should try QEMU. If you do not know which distro you need to choose, choose any from the list below: Linux Distros Since there are many options available, you may find it hard to choose the right Linux distro for your system. How do you know that is the best one you should use for your system? What if you want to game using Linux distros? Do you want to use a pretty distro that uses the same structure as macOS? In this section, we will look at the different Linux distros lists available for you. These distros have been used actively by various individuals over the last few years. It is best to download a Linux distro that you can use safely on your system. You should also check if the distro you use is updated regularly using security patches. Business Linux Distros Red Hat Enterprise Linux

This distro is like Fedora, but it is used commercially. This distro was designed for enterprise customers. You can use any of the different addons and variants. If you want to be an administrator, you need to be certified. SUSE Linux Enterprise This Linux distro version is designed for an enterprise and can be used by businesses. It is for this reason this variant is easy for one to use with different office programs. You can run this distro on various devices, and it can be used even on critical systems. Many versions of this distro are also available on the Linux website. Gaming Linux Distros SparkyLinux Game Over Edition SparkyLinux has various versions, but this version which focuses on gaming, is the most used. This gaming version comes with various pre-installed games, an LXDE desktop, PlayOnLinux, Steam, and Wine. There are numerous premium and free games available on this distro which you can use easily. SteamOS Many gamers have started using Linux as their operating system since it comes with a Steam client. It is easier to install the SteamOS version of Linux if you are a gamer. One of the best Linux distros you can use for gaming is SteamOS, and this is optimized to perform well in any game and comes with in-built sound drivers, proprietary graphics, and a Steam client. General-Purpose Linux Distros Ubuntu This is a Debian-based operating system, and it uses GNOME as the desktop environment. You cannot update this environment since it is used as the default. This Linux distro has regular patch updates, and it improves with every new release. The latest versions of this OS are designed for hybrids, desktops, and laptops. Therefore, if you are moving from Windows to

macOS, you need to use the Ubuntu OS. openSUSE This distro is a general OS built by Linux for various projects, but it is primarily used for openSUSE projects. This distro is used both by beginners and by experienced Linux users. This distro comes with an administration program called YaST which controls and monitors the installation, package management, and other functions. Fedora This Linux distro was developed by IBM-owned Red Hat and uses a default GNOME desktop environment. You can switch to LXDE, XForms Common Environment (Xfce), Cinnamon, KDE and MATE, and other desktop environments. Some variations of Fedora, like Fedora spins, can be used by people who have specific requirements. Debian Debian is an old Linux distro and is the best version compared to other Linux distros. This also comes with a default GNOME desktop environment, but it can also be used in the FreeBSD kernel. Developers are working on making this compatible with other kernels like the Hurd. Some Linux distros, such as Raspbian and Ubuntu, are based on Debian. Slackware Linux This is another distro that has been built specifically for simplicity and security. It is a distro that is Unix-like and is used for server and file management since it has web, FTP, and email servers available for use. If you have never tried managing a server or using a Unix server, you can use this server as a live disc. You can also use this as a virtual machine to learn how to use Linux distros better. Mageia This Linux distro was developed by a non-profit fork community and had

various features that a major desktop environment should have. The default desktop used by this distro is GNOME and KDE. SparkyLinux This version of Linux evolved when the developers were testing the Debian version of Linux. This edition of Linux has a customized lightweight LXDE desktop. You can also use this with other customized desktops. Gentoo Linux You can use this distros version on any desktop. It is compatible with multiple requirements, and its performance and versatility make it one of the best versions of Linux OS. Gentoo Linux has Portage, that is an advanced package management system. Since Gentoo can be used on different systems, you gain complete access to your system and control it the way you need to. It does, however, become a problem for a newcomer. CentOS Community Enterprise Operating System or CentOS is a distro built by the Red Hat community and is a rebuild of the Red Hat Linux Enterprise. This is a free version of the distro. If you do not want to work with different Linux distros, you can use the Red Hat enterprise at work and the CentOS at home. Lightweight Linux Distros Linux lite The Linux lite distros are based on the Ubuntu LTS releases and have a very minimal footprint. It uses a simple and clean Xfce desktop. This distro also uses a simple Windows-style Start menu which makes any Windows user feel at home. This distro has a small resource footprint, which means you can use it on a PC with 512 MB RAM and 700 MHz CPU. It is for this reason this version is called light. You can use this version on an old computer or on your laptop if you want to maximize battery life. Lubuntu

This is another lightweight version of Linux based on Ubuntu, and it is perfect to use on laptops or desktops. It uses a lightweight desktop environment and has in-built lightweight applications which are designed for speed and energy-efficiency. You can use this OS on old mobile devices, computers, and netbooks. It does not need high-speed RAM and has few system requirements. If you want to purchase the best operating system to maintain your device’s battery life, you should definitely pick this. Xubuntu This derivative of the Ubuntu distros uses an Xfce desktop which means it is lightweight and elegant. You can use it on different notebooks and laptops. If you have devices with low specs, you can use this distro on them. Since it is light, it does not need many system resources. It is for this reason you can use it on old devices, as well. Puppy Linux Puppy Linux uses a small distribution that you can run using RAM. This means this version is great for older laptops or computers, and you can use this distro even on computers or laptops without hard drives. Most companies and individuals use this tool to remove malware. Manjaro Linux This Linux distro is an easy-to-use, fast and lightweight distribution which mirrors the Arch Linux distro. This version uses the benefits of Arch Linux and is more accessible and user-friendly. It is for this reason a beginner can also work with Manjaro Linux. The default desktop used is Xfce, but you can switch to other options depending on what you are comfortable using. Arch Linux This version of Linux is a distribution developed with user experience in mind. The Arch Linux distribution is aimed at keeping things simple and easy. It is updated regularly through patches. Arch has Pacman, a custom- made package manager used in Linux, making it easy for users to build, share and modify packages. This distro is recommended if you are a beginner,

since it requires some hands-on experience with the operating system. NuTyX Do you want to customize the system you currently use? If yes, you should use this distro. NuTyX allows you to ship bloatware-free and barebones across the OS. You can also customize the OS using the concept of collection. You have a choice for everything you want to use. For example, you may find a selection of window managers or desktop environments, and you can choose to use the one that works best for you. Using these choices, you can develop a user-determined operating system that has multiple possibilities. You can use this as a focused home theater or a versatile desktop. Bodhi This is an Ubuntu-based distribution operating system, and it comes with a beautiful and lightweight Enlightenment desktop. Bodhi can be customized, and it comes with applications and themes. You can use these to expand on the basic operating system you may have downloaded. Multimedia Linux Distros Fedora Design Suite You can save time on installing artistic applications and tools by using Fedora, a spin-off of the Fedora design suite. This design suite comes with GIMP and Inkscape. It also comes with different applications and tools which can be used for art and illustration. This is a distro focused on DTP. Ubuntu Studio The Ubuntu studio was released in 2007 and is the default choice used by Linux users. If you are creative, you can use this distro to work on your talents. This distro also comes with an Xfce desktop environment and has low kernel latency. Therefore, everything about this distro is geared towards the production of media. You can use different distros for this as well, but Ubuntu studio is the best for photographers, music producers, designers, and

other users. Linux Distros for Beginners Endless OS If you have just started using Linux, you may want to keep everything simple. The best Linux distros to use for this is the endless OS. Families often use this since it comes with multiple applications. It is best to use this OS if you do not have an Internet connection at home. You can also use this if you are unsure about which application you need to use on your Linux OS. This is not an ideal approach for you if you are an experienced user. If you are new to using open-source operating systems, you can use this OS to obtain more information about working with Linux. Linux Mint Linux Mint is a modern and elegant distro that is powerful and easy to use. This distro is based on Ubuntu and is reliable. It was developed with the idea of a software manager in mind. This distro is one of the top-rated Linux operating systems since 2011. Many macOS and Windows refugees choose to use this as their new virtual desktop. Linux Mint also comes with various desktop options. You can use the Cinnamon desktop, that is the default for Linux Mint. Alternatively, you can use KDE, Xfce, or MATE. You can also use a Debian and Linux Mint combination if you are a beginner. Deepin Deepin is another Ubuntu-based distro, and it comes with a stylish DDE or Deepin Desktop Environment. This distro is great for new Linux users. It is simple and intuitive and features a variety of system settings panel displays. Deepin is inspired and developed based on macOS. This distro also has a software center that is easy to use. It has tools that are far superior when compared to other Linux distros. For this reason, Deepin is a great operating system to use if you are switching from macOS. Pop!_OS

This is another Ubuntu-based operating system that was manufactured based on Linux hardware manufacturer system 76. It uses a GNOME desktop as the default environment and has a theme that you can change. The colors vary depending on the brand identity of System 76. This distro also comes with its own application and installation browser, making it easier for you to install the required Linux applications. Some applications may not match the theme, but this is an easy-to-use distro for a beginner. Zorin OS If you are new to Linux, you can use Zorin OS since it is designed specifically for beginners. This distro can ease the transition from using other operating systems to Linux. This operating system is based on Ubuntu and has several applications, which are like Windows applications. This makes it easy for you to use Zorin OS since you know how to work with the applications. You can also configure the desktop on the Zorin OS distro to resemble Linux, Windows, or macOS. Elementary OS Another Ubuntu-based distro is the Elementary OS which has differentiated it from other distros greatly since 2013. One of the most common features of this distro is the use of simple and beautiful default applications and tools. These applications also maintain the operating system's aesthetic appeal, such as using the Epiphany web browser and Mail for email. Elementary OS also has different features you can use to improve the function of various operating system functions. You can use different productivity apps, as well. If you want to change the desktop layout so it matches that of a macOS, you can use the Elementary OS. RoboLinux It is difficult for you to switch from Windows to Linux and vice versa because not all applications and tools used are compatible. Various distros in Linux have found a workaround for this issue. The RoboLinux distro, unlike other distros, has a better or easy solution. It allows you to set up a Windows virtual machine easily on your device. You can set up Windows XP and later

versions easily on RoboLinux. This prevents dual booting. You can access all your Windows applications anytime you need to. Kubuntu There are different variations or derivatives developed on the Ubuntu operating system. Another popular Ubuntu option is Kubuntu, and this distro uses a KDE desktop as the default environment. If you look at the system beneath the environment, it is the same as Ubuntu and has the same releases as Ubuntu. Raspberry Pi Linux Distros Raspberry Pi is an extremely common and popular Linux machine, but the other distros mentioned in this list will not work since Pi uses an ARM processor instead of AMD or Intel 32-bit or 64-bit CPUs. It is for this reason the Raspberry Pi Foundation worked on developing specialist distros. Some of them are Pi-friendly versions of existing Linux operating systems, and these are covered in the sections below. Raspbian Stretch For Raspbian Pi, the default operating system used is the Debian-based Raspbian Stretch. The Raspberry Pi Foundation developed the latter. Raspbian Stretch is an ARM Linux distro and has multiple programming tools and applications. A beginner can use these tools to learn more about coding on Linux. Raspbian also has LXDE-based PIXEL environments, making this distro the best option, especially if you are using Raspberry Pi. Kano OS Kano OS is like Raspbian, but it focuses more on coding. The operating system is aimed at helping children learn more about how to code. The system comes with an interactive user interface, and this gives your children the tools he needs to code without too much fuss. DietPi Do you work on projects where you need to use barebones operating