Linux and Cybersecurity Basics

Welcome to your first comprehensive lesson on Linux fundamentals and cybersecurity awareness! This module introduces you to working in a Linux environment, understanding essential terminal commands, managing file systems and permissions, and recognizing common security vulnerabilities that occur in real-world deployments.

Linux Navigation and Command Line Skills

Understanding the file system hierarchy in Linux is crucial. Some of the most common directories include:

  • /home – user directories
  • /etc – system configuration files
  • /var – logs and variable data
  • /bin and /usr/bin – essential system commands

Essential navigation commands:

  • pwd – Display the current directory
  • ls – List files and directories
  • cd – Change directory

Try it:

pwd
ls
cd /etc
pwd
ls
cd
pwd

Creating and Modifying Files

Creating and editing files from the command line is a daily skill in Linux.

  • touch filename – Create a new empty file
  • nano filename – Open a file in a text editor within the terminal
  • cat filename – Display file contents

Try it:

touch welcome.txt
nano welcome.txt
cat welcome.txt

You can also redirect output into files:

echo "Hello, Linux" > message.txt

Permissions and Superuser Access

Linux permissions control who can read, write, or execute a file. Each file has three permission sets:

  • Owner
  • Group
  • Others

Permission symbols:

  • r = read
  • w = write
  • x = execute

Key commands:

  • chmod – Change permissions
  • chown – Change file ownership
  • sudo – Execute commands as a superuser

Try it:

ls -l welcome.txt
chmod 755 welcome.txt
ls -l welcome.txt
sudo chown root:root welcome.txt
ls -l welcome.txt

Using lsof -i and kill -9

These are important tools for inspecting and managing running processes and open connections on a Linux system.

lsof -i

lsof stands for List Open Files, and -i is used to show files related to network connections.

Use it like this:

lsof -i

You can also use:

lsof -i :{port}

to only show processes using a specific port.

This command shows:

  • Which processes are using the network
  • The protocol (TCP/UDP)
  • The local and remote addresses and ports
  • The PID (Process ID) of the program

Example output:

COMMAND     PID          USER   FD   TYPE             DEVICE SIZE/OFF NODE NAME
java       8424 bob  203u  IPv6 0xf6f39ec321176c54      0t0  TCP *:8585 (LISTEN)
Python     9562 bob    6u  IPv4 0xdf23f16399fa347a      0t0  TCP *:8587 (LISTEN)
Python     9566 bob    6u  IPv4 0xdf23f16399fa347a      0t0  TCP *:8587 (LISTEN)
ruby       9863 bob    9u  IPv4 0x9f18f2240ef5cb69      0t0  TCP localhost:ipsec-msft (LISTEN)
ruby      79529 bob   12u  IPv4 0x92b41537d66ff50d      0t0  TCP localhost:piranha1 (LISTEN)

This tells you:

  • The command (like java, Python, ruby) that’s listening
  • The PID of the process
  • The port it’s listening on (e.g., 8585, 8587, 4500, 4600)

kill -9

Use kill to stop a running process, and -9 sends the SIGKILL signal which forcefully ends it.

Use it like this:

kill -9 <PID>

For example:

kill -9 9562

This will terminate the Python process with PID 9562 immediately.

⚠️ Be cautious using kill -9, as it does not let the process clean up before quitting. Only use it if a process won’t stop with a regular kill.

Together, lsof -i and kill -9 help you:

  • Monitor which programs are using network resources
  • Terminate any suspicious or misbehaving network process

Basic Cybersecurity Awareness

Understanding Linux also means being aware of how misconfigurations can lead to vulnerabilities.

No SSL (Insecure Web Services)

When web services use HTTP instead of HTTPS, all communication is unencrypted and can be intercepted. Developers should:

  • Always use HTTPS in production.
  • Install SSL certificates via Let’s Encrypt or similar tools.

Default Credentials

Devices and software often ship with default usernames and passwords such as:

  • admin:admin
  • root:toor

Best practice:

  • Always change default credentials after setup.
  • Disable unused accounts.

Open Ports

Open ports allow services to communicate over a network. Attackers often scan for open ports to find vulnerabilities.

Check open ports:

netstat -tuln
ss -tuln

Use firewalls (like ufw) to limit exposure:

sudo ufw allow 22
sudo ufw deny 80

Open or Unrestricted File Permissions

Files with permissions like 777 are a major security risk. They allow anyone to read, write, and execute the file.

Exposed Personal Data and APIs

Never store API tokens, secrets, or passwords in:

  • Public folders (e.g., /var/www/html)
  • Git repositories
  • Files like config.json without access control

Use environment variables and secure vaults instead.

Summary Checklist

Area What You Should Know
Filesystem Navigate with cd, ls, pwd; understand Linux directory structure
File Operations Use touch, nano, cat, and echo to manage files
Permissions Understand chmod, chown, and how Linux file modes affect access
Superuser Use sudo carefully to gain elevated privileges
SSL and HTTP Avoid transmitting sensitive info over HTTP
Default Credentials Change them and audit system users
Open Ports Use netstat/ss to find ports; limit access with ufw or iptables
Exposed Data Never hardcode secrets or leave tokens in public directories

Guided Practice Exercise

Try these steps in your terminal or sandbox environment:

  1. Create a directory named myproject inside your home folder:

    mkdir ~/myproject

  2. Navigate to that folder and create a file called notes.txt:

    cd ~/myproject
touch notes.txt
  3. Open and edit the file using nano, then view it using cat.

  4. Check its permissions with ls -l, and make it read-only for others:

    chmod 744 notes.txt

  5. Check which ports are open on your system:

    ss -tuln

  6. Use sudo to list files in /root (if allowed):

    sudo ls /root

Conclusion

This foundational lesson prepares you to confidently use a Linux terminal and identify basic cybersecurity issues in a deployment environment. Mastering these basics sets the stage for advanced topics like scripting, automation, and secure server administration.

Hands-On Challenge

Now it’s time to put your Linux skills to the test! In your repository, you’ll find a linuxcyberA directory that contains various files and folders for this challenge. Complete the following tasks to find the flags and test your knowledge.

Challenge Tasks

Task 1: Navigation Master

Navigate to the linuxcyberA directory and use the ls command to list all files and directories. One of the items you see will give you your first flag!

cd linuxcyberA
ls

Task 2: File Content Explorer

Navigate into the secret directory within linuxcyberA and use the cat command to read the contents of whatisthis.txt. This file contains your second flag!

cd secret
cat whatisthis.txt

Task 3: Permissions Expert

Navigate to the permissions directory within linuxcyberA and use cat to read file1.txt. Inside this file, you’ll find a question about file permissions. Answer the question and format your response as a flag!

cd permissions
cat file1.txt

The question asks: “What is the file permission which means that anyone can access a file?” Format your answer as: flag{your_answer}

Challenge Scoring System

Enter the flags you discovered below to check your progress:

Flag 1 (Navigation):
Flag 2 (File Reading):
Flag 3 (Permissions):

Progress Tracker

Your Progress: 0% Complete

Challenge Hints

  • Task 1: Remember that ls lists the contents of your current directory
  • Task 2: Make sure you’re in the correct directory before using cat
  • Task 3: Think about the most permissive file permission setting in Linux (hint: it’s a 3-digit number)

Good luck with the challenge! This hands-on practice will reinforce your understanding of essential Linux commands and cybersecurity concepts.