Linux Networking & Security Fundamentals - Day Two: Welcome Back!!

LINUX NETWORKING & SECURITY
FUNDAMENTALS - DAY TWO
Welcome back!!
1
DAVE PROWSE | HTTPS://PROWSE.TECH
DISCLAIMER & WARNING
The information contained in this webinar is for educational

purposes only. The author, O’Reilly, Pearson, or any other entity
is not responsible for any misuse of the information.
Practice the concepts provided in this training course on systems

that you own, or have authorization to use.
Do not attempt any of the procedures on live work systems or

production systems.
2
Audience Poll
What continent are you located on? (individual information will not be stored)
A. North America
B. South America
C. Europe
D. Australia (Oceania)
E. Asia
F. Africa
G. Antarctica
3
AGENDA
DAY 2 – LINUX SECURITY FUNDAMENTALS

PART I Security 101 PART V User Security
PART II Working with Services PART VI Securing SSH
PART III Updates & Upgrades PART VII Wrap-up
PART IV Firewalls
4
Audience Poll
Which Linux distribution(s) do you use most?
A. Debian
B. Ubuntu
C. Fedora
D. Red Hat
E. CentOS
F. OpenSUSE
G. Kali
H. Arch Linux
I. Manjaro
J. Gentoo
K. Slackware
L. Other (feel free to tell us in the group chat)
5
PART I
SECURITY 101
6
PART I
Security 101
IMPORTANT
THE PESSIMIST Nothing is ever 100% secure!
WHAT TO DO?
THE CIA
There is always a way around any
given security precaution.
7
PART I
Security 101
THE PESSIMIST
WHAT TO DO?
THE CIA
8
PART I
Security 101
THE PESSIMIST
WHAT TO DO?
THE CIA
9
PART I
Security 101
THE PESSIMIST
WHAT TO DO?
THE CIA
10
PART I
Security 101
We now accept the fact

THE PESSIMIST
that learning is a lifelong
process of keeping
WHAT TO DO? abreast of change. And
THE CIA the most pressing task is
to teach people how to
learn.
Peter Drucker
11
PART I
Security 101
THE PESSIMIST
WHAT TO DO?
THE CIA
12
Quiz Question
Which of the following has essentially the same meaning as layered security?
A. user awareness
B. vigilance against hackers
C. defense in depth
D. principle of least privilege
13
PART I
Security 101
THE NETWORK
MAP
14
PART II
WORKING WITH SERVICES
15
PART II
Working with
Services
systemctl
LEARN MORE: start

enable
systemctl --help
stop
man systemctl
disable
restart
list-unit-files list-units
unit file commands unit commands
16
PART III
UPDATES & UPGRADES
17
PART III
apt upgrade
Updates and apt list
Upgrades apt apt update
--upgradeable
apt install
<package(s)>
.deb
LEARN MORE:
dnf update
apt --help
man apt dnf dnf update

dnf update
--downloadonly
or
.rpm
apt moo :) dnf install
<packagename>
dnf check-update
man dnf
man pacman
YaST2
man zypper pacman -Syu
pacman pacman -Syyu
.rpm zypper .pkg
.repo {refresh | install} .tar
18
Quiz Question
You need to find out if OpenSSH is running as a server on a Debian system.

What command should you run?
A. apt list --upgradeable

B. iptables -S
C. systemctl status sshd
D. dnf status openssh
19
PART IV
FIREWALLS
20
PART IV
Firewalls Command Description
ufw status shows whether UFW is active or inactive
ufw enable starts and enables the firewall
UFW ufw show added lists ufw rules
firewalld ufw reset disables ufw and deletes rules
iptables & nftables

Default global rules:
ufw default deny incoming

ufw default allow outgoing
Example rule:
ufw allow 22/tcp
21
PART IV
Firewalls
Command Description
systemctl status firewalld Checks the status of the service
UFW firewall-cmd --list-ports Displays open networking ports (if
any)
firewalld
firewall-cmd --add-port=80/tcp Opens port 80 on the system and
iptables & nftables makes it persistent across reboots
firewall-cmd --get-active-zones Shows the type of zone in use by

each network interface
firewall-cmd --zone=block --change-interface=ens3 Changes the default zone of the

ens3 network interface from public
to block
22
PART IV
Firewalls
Linux Kernel
User-space
UFW
Netfilter
tools
firewalld
- ip_tables iptables
iptables & nftables - ip6_tables ip6tables
- arp_tables arptables
- ebtables ebtables
- nftables nft
23
Quiz Question
For less complex administration, what is the best option for a front-end firewall
utility on an Ubuntu Desktop?
A. firewalld
B. iptables
C. ufw
D. nftables
24
PART V
USER SECURITY
25
PART V
User Security
Users & Passwords
su, sudo & sudoers
Hashing and PAM
26
PART V
User Security
Users & Passwords
su, sudo & sudoers
Hashing and PAM
27
PART V
User Security
Command Description
su - <username> Switches to that user account within the new user’s
home directory.
su <username> Switches to that user account but does not change the
Users & Passwords path (doesn’t open an actual new login shell associated
with that user)
su, sudo & sudoers
su - Switches to the root account
Hashing and PAM
sudo <command> Runs a command with sudo privileges (if the user is
part of sudoers
sudo -i Gives access to root account (if the user has full sudo
privileges).
Also, accesses the root account in Ubuntu and Fedora
(where the root account has no password by default)
28
PART V
User Security
User List /etc/passwd
Password list /etc/shadow
(crypto-hashed with SHA-512 by default)
Users & Passwords
su, sudo & sudoers
Hashing and PAM

PAM = Pluggable Authentication Modules
Debian Example:
/etc/pam.d/common-password
29
PART VI
SECURING SSH
30
PART VI
Using SSH
SSH Review
SSH Key Pair Demo
sshd_config
31
PART VI
Using SSH
SSH Review
SSH Key Pair Demo
sshd_config
Commands:
ssh-keygen
ssh-copy-id <user>@remote-host
Note: Keys are located in: /home/<user>/.ssh
32
PART VI
Using SSH SSH Security Considerations
- Change the SSH inbound port.
- Disable password-based SSH.

SSH Review
- Create an exclusive SSH group.
SSH Key Pair Demo
- Disable root login altogether.
sshd_config
- Lower the amount of authentication attempts.
- Lower the login grace time.
- Enable SSH timeouts.
- Implement a key management system
33
PART VIII
WRAP-UP
34
LINUX NETWORKING & SECURITY
FUNDAMENTALS
Thank you for attending!

Contact me at my website if you have
further questions.
35

Linux Networking & Security Fundamentals - Day Two: Welcome Back!!

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Linux Networking & Security Fundamentals - Day Two: Welcome Back!!

Uploaded by

Copyright:

Available Formats

LINUX NETWORKING & SECURITY

FUNDAMENTALS - DAY TWO

The information contained in this webinar is for educational

Practice the concepts provided in this training course on systems

Do not attempt any of the procedures on live work systems or

DAY 2 – LINUX SECURITY FUNDAMENTALS

Which Linux distribution(s) do you use most?

We now accept the fact

WORKING WITH SERVICES

LEARN MORE: start

UPDATES & UPGRADES

man apt dnf dnf update

You need to find out if OpenSSH is running as a server on a Debian system.

A. apt list --upgradeable

UFW ufw show added lists ufw rules

firewalld ufw reset disables ufw and deletes rules

iptables & nftables

ufw default deny incoming

firewall-cmd --get-active-zones Shows the type of zone in use by

firewall-cmd --zone=block --change-interface=ens3 Changes the default zone of the

Users & Passwords

su, sudo & sudoers

Hashing and PAM

Users & Passwords

su, sudo & sudoers

Hashing and PAM

Users & Passwords

su, sudo & sudoers

Hashing and PAM

SSH Key Pair Demo

SSH Key Pair Demo

Note: Keys are located in: /home/<user>/.ssh

- Change the SSH inbound port.

- Disable password-based SSH.

- Lower the login grace time.

- Enable SSH timeouts.

- Implement a key management system

Thank you for attending!

You might also like