We are going to discuss on below Topics :

1. Linux Security Problems
2. Local Filesystem Security
3. Local Authentication in Linux
4. Remote Auhentication
5. Network Security
6. Security Tools & Distros
7. Patching a Bash Vulnerability
8. Security Monitoring & Logging

1. Linux Security Problems

Important Points to be remembered :

1. Remove unnecessary packages.
2. After any installation work on security aspects.
3. Always remember : Accessibility , Software Installation Rights , Data permission and Recovery from Failure
4. Password Protection Policy
5. Integrity Checks : MD5 checksum - This will provide hash value which can be checked for any issues. To use this , there is also a package : sudo apt-get install gtkhash

How to check user as ROOT access ?

useradd Linux
passwd Linux
usermod -aG sudo testing
su testing
groups
sudo whoami

Once its populating 'root' at the last , this user as ROOT access.

NMAP :

1. Scan a network.
2. Gather information about a network.
3. https://nmap.org/
4. This can check what ports are running , status , etc.

2. Local Filesystem Security

1. ls
2. ls -FC ( directories will have '/' at the end , executables will have '@' at the last , etc )
3. ls -l
4. ls -a ( hidden files )
5. ls -lh ( size )
6. ls -d */
7. ls -lah ( always use to practice this ! )

chmod :

u - user/owner
g - group
o - Others

r - Read
w - write
x - Execute

Adding the permission ,

chmod u+x file_name
chmod g+x,o+x file_name
chmod o-x file_name ( remove the permission )
chmod a+r file_name ( a - for all users , it will provide read permission for all users like u,g,o )
chmod a-r file_name
chmod o+x -R ( R for recessive for a directory )

we can also reference one file permission to other ,
chmod --reference=file1 file2

Now OCTAL representation ,

r = 4
w = 2
x = 1

Read and Execute Permission,

r-x = 4+0+1 = 5
rwx = 4+2+1 = 7
r-- = 4+0+0 = 4

chmod 754

Access Control List :

1. ACL
2. Check whether ACL is installed or NOT , check using any file : getfacl file_name

Here user3 won't have access to the directory.
We can save the permission of a directory for future purpose,
getfacl -R /directory>permissions.acl
We can also restore the permission,
setfacl --restore=permission.cal

move command :

1. mv file_name /directory ( files will be deleted in the old directory )
2. Rename file and directory can be done with this.
3. mv -V *.txt /directory ( like Verbose )
4. mv -i file_name /directory ( it helps to notify if there is any same file_name in the target directory , it will give a pop up )
5. mv -uv *.txt /target (TBD) Its like updating the file.
6. mv -bv *.txt /target (TBD) it will create backup file
7. mv -nv *.txt /target (TBD)

Notes :

1. usermod -aG (TBD)
2. what is the difference between useradd or adduser ? (TBD)
3. passwd -d username (TBD)
4. Add the user to the group , usermod -G group1 user1
5. Add group , addgroup group1