Advanced Linux Administration & Security Lab
Lab Setup
-
Environment:
- Use VirtualBox, Hyper-V, VMware, or a cloud-based Linux instance (Debian, Ubuntu, or CentOS).
- Install necessary tools:
sudo apt update && sudo apt install lynis htop tmux ufw -y
-
System Performance Monitoring
- Monitor real-time system performance:
top htop vmstat 5 10
- Monitor real-time system performance:
-
Process & Service Management
- List all running services:
systemctl list-units --type=service - Restart a failed service:
sudo systemctl restart apache2
- List all running services:
-
Advanced Bash Scripting
- Create a script to log disk space usage:
#!/bin/bash df -h > /var/log/disk_usage.log - Automate it with cron:
Add:
crontab -e0 * * * * /home/user/disk_monitor.sh
- Create a script to log disk space usage:
-
Networking & Firewall Security
- Check open network connections:
ss -tulnp - Block inbound SSH (for security):
sudo ufw deny 22
- Check open network connections:
-
Security Hardening
- Audit system security:
sudo lynis audit system - Set strict file permissions:
sudo chmod 750 /secure_data
- Audit system security:
-
Log Analysis & Troubleshooting
- Find failed SSH login attempts:
sudo journalctl -u sshd | grep "Failed password" - Monitor system logs:
sudo tail -f /var/log/syslog
- Find failed SSH login attempts:
Lab Completion Tasks
๐ธ Screenshots Required:
- Running performance monitoring tools (
htop,vmstat). - A custom Bash script in action.
- Network security settings (
ufw,iptables). - Results of a security audit (
Lynis). - Log analysis of failed logins.
๐ Reflection Questions:
- What was the most difficult part of this project?
- How do security hardening techniques help prevent attacks?
- How can automation improve system administration?
Next Steps
This lab reinforces real-world Linux administration and security skills. Continue exploring server hardening, automation, and intrusion detection to advance your expertise.