CYSE 270

Linux System for Cybersecurity


This course introduces the basic operations in major Linux distros for cybersecurity using both
graphical interface and command-line interface. Students will learn about the basic installation
and configuration, file systems management, shell scripts, and user authentication in Linux
systems.

Course Objectives

  • Introduce the basic concept and knowledge about different Linux distros, including the most popular distribution for cybersecurity, Kali Linux, Install and operate different Linux distros locally and remotely (on AWS cloud).
  • Understand the ownership and permissions of the files and directories,
  • Understand the shell scripts,
  • Perform essential system administration functions, such as network configuration, process and log administration, and software management, and perform security tasks, such as footprinting, firewalls, and tools in relation to Intrusion Detection.

Labs

Lab 1 – Installing Linux on VM

For our first Lab in CYSE 270, we were tasked with installing the operating system that we would be working with for the entirety of the course. Once installed, I ran some beginner commands, including echo, pwd, and ls.

Lab 2 – Working with Command Line

This lab focused on practicing basic Linux terminal skills, including navigating the filesystem, listing and identifying files, and performing simple file operations. Using both absolute and relative pathnames, I moved between system directories, viewed file contents, and examined file types. I created new directories and files, copied system files into them, renamed a directory, and then deleted selected files and folders. Each step reinforced essential command-line techniques for managing files and directories in a Linux environment.

Lab 3 – Working with VI Editor

This lab focused on learning and practicing essential skills in the vi editor on Kali Linux. I began by copying a system file into my home directory and opening it with the vi command. Using vi’s different modes, I navigated through the file, moved to specific lines, inserted new text, added new lines, repeated text multiple times, and used search commands to locate and move through occurrences of a word. I also practiced deleting words and lines, jumping to the top and bottom of the document, copying and pasting lines, and performing a global substitution to replace all occurrences of a string. The lab ended with saving and exiting the file, then renaming it at the command line. Overall, the assignment reinforced confidence with vi navigation, editing, searching, and text manipulation. All of these are core skills for working efficiently in Linux environments.

Lab 4 – Group and User Management

This lab focused on building core skills in Linux user and group account management, which is essential for system administration and cybersecurity. I used terminal commands to inspect account details, view password and aging information, create a new user with a home directory, assign a password, change the user’s default shell, and modify group memberships, including adding the user to the sudo group. I also practiced switching between user accounts. In the second half of the lab, I explored group administration by identifying shell information, viewing user and group IDs, examining file ownership, creating a new group with a custom GID, renaming groups, modifying group memberships, and managing file permissions by changing group ownership. The lab concluded with removing both a group and a user account, reinforcing how Linux handles ownership and permissions when accounts are deleted. Overall, the assignment provided practical, hands-on experience with user creation, modification, security attributes, group structure, and permission management in a Linux environment.

Lab 5 – Password Cracking

Lab 5 was my personal favorite, and it focused on understanding Linux password creation policies and practicing password-cracking techniques using John the Ripper. I began by creating six user accounts, each with a different type of password to demonstrate varying levels of complexity, from simple dictionary words and numeric-only passwords to combinations including uppercase letters, digits, and special symbols. After setting and documenting each password type, I exported the hashed passwords into a file and used John the Ripper in wordlist mode with the rockyou.txt dictionary to attempt cracking them. The cracking process was allowed to run for ten minutes, after which I recorded the number of hashes that were successfully cracked. This exercise demonstrated how password complexity significantly affects crackability and emphasized the importance of strong password creation in system security.

Lab 6 – File Permissions

This lab focused on creating users and groups, setting directory permissions, and testing access control in Linux. I created three groups and three users with correct primary groups, added them to a shared MIDAS group, and set up a shared directory with specific permissions. Using umask, I adjusted default file permissions and tested file access by switching between users. I then applied and removed the SGID bit on the shared directory to see how it affected group ownership and access to shared files. The lab demonstrated how permissions and group settings control collaboration and security in Linux.

Lab 7 – Storage Management

This lab focused on managing local storage in Linux by examining disks, adding a new virtual drive, and creating and mounting a new filesystem. I began by checking existing storage devices and partitions using ls /dev/sd*, fdisk -l, and parted -l. Then I added a new 200MB virtual disk to the VM and repeated the checks to observe the new device. After that, I created a primary partition on the new disk, formatted it with an ext4 filesystem, and mounted it to a new directory named /cyse. I verified the mount with df, created a text file on the new filesystem, and then unmounted the directory. Finally, I checked /cyse again to confirm that its contents were no longer accessible after unmounting. This lab demonstrated how to add storage, partition disks, create filesystems, and manage mounts in Linux.

Lab 8 – Shell Script

This lab focused on writing and running basic shell scripts in Linux using vi or nano. In Task A, I created a script with a shebang line that reads a number from the user and uses an if statement to check whether it is greater than 10, printing an appropriate message based on the result. In Task B, I wrote a more advanced script that takes a filename as input, checks whether it is an existing directory or regular file, and either reports its status and shows its contents or creates a new file if it does not exist. For the extra credit portion, the script adds my name to a newly created file and displays its contents. After writing each script, I made it executable with chmod +x and ran it to verify that it ran correctly.

Lab 9 – Task Automation

This lab focused on automating system backups in Linux using shell scripting and crontab. I began by creating a new user account named Alice with a home directory. Then I wrote a shell script that takes my MIDAS ID and the current date as input, builds a filename from those values, and uses the tar command to create an archive of Alice’s home directory. The script then moves the archive into /var/backups/ and compresses it with a chosen compression method to save disk space. Finally, I created a crontab entry to schedule this backup script to run repeatedly over a short period (3 minutes) and verified that new backup files were being created in /var/backups, demonstrating how automated backups can be managed efficiently with cron.

Lab 10 – Networking Basics

This lab focused on subnetting and being able to identify Network, broadcast, first IP, Last IP and Max Hosts in the network based on the Netmask and IP Address.

Lab 11 – Basic Network Configurations

This lab focused on exploring how network settings affect connectivity and system configuration in a Linux virtual machine. In NAT mode, I used commands like ifconfig, route, netstat, ping, and host to view my VM’s IP address, MAC address, routing table, active TCP connections, DNS information, and hostname settings.