# Introduction to Linux Lab

## Ubuntu Server LTS Lab Activity for Cybersecurity

### Objective

This lab activity is designed to introduce undergraduate cybersecurity students to Ubuntu Server LTS, focusing on basic system administration, security configurations, and common cybersecurity tools in a server environment.

### Prerequisites

* VMware Workstation Player installed on your computer
* Ubuntu Server 22.04 LTS ISO file downloaded (or the latest LTS version available)

### Part 1: Setting up the Ubuntu Server Virtual Machine

#### Step 1: Create a New Virtual Machine

1. Open VMware Workstation Player
2. Click on "Create a New Virtual Machine"
3. Choose "Installer disc image file (iso)" and select your Ubuntu Server ISO
4. Follow the wizard, allocating at least 20GB of disk space and 2GB of RAM

#### Step 2: Install Ubuntu Server

1. Start the virtual machine and follow the Ubuntu Server installation prompts
2. Choose to install Ubuntu Server (minimized installation)
3. Configure network settings (DHCP is usually fine for this lab)
4. Set up a username and password for the administrator account
5. Choose to install OpenSSH server when prompted
6. Do not select any additional featured server snaps

#### Step 3: Update the System

1. After installation, log in with your credentials
2. Update the package list and upgrade installed packages:

   ```
   sudo apt update
   sudo apt upgrade -y
   ```

### Part 2: Basic System Administration

#### Step 1: User Management

1. Create a new user:

   ```
   sudo adduser securitystudent
   ```
2. Add the new user to the sudo group:

   ```
   sudo usermod -aG sudo securitystudent
   ```
3. Switch to the new user:

   ```
   su - securitystudent
   ```

#### Step 2: File Permissions

1. Create a directory and a file:

   ```
   mkdir securefiles
   echo "This is a secret" > securefiles/secret.txt
   ```
2. Change permissions:

   ```
   chmod 700 securefiles
   chmod 600 securefiles/secret.txt
   ```
3. Verify permissions:

   ```
   ls -l securefiles
   ls -l securefiles/secret.txt
   ```

### Part 3: Basic Security Configurations

#### Step 1: Configure the Firewall

1. Check firewall status:

   ```
   sudo ufw status
   ```
2. Enable the firewall:

   ```
   sudo ufw enable
   ```
3. Allow SSH:

   ```
   sudo ufw allow ssh
   ```

#### Step 2: Secure SSH

1. Edit SSH configuration:

   ```
   sudo nano /etc/ssh/sshd_config
   ```
2. Make the following changes:
   * Change `PermitRootLogin` to `no`
   * Set `PasswordAuthentication` to `no`
   * Set `MaxAuthTries` to `3`
3. Restart SSH service:

   ```
   sudo systemctl restart ssh
   ```

### Part 4: Installing and Using Cybersecurity Tools

#### Step 1: Install Nmap

1. Install Nmap:

   ```
   sudo apt install nmap -y
   ```
2. Perform a basic scan (replace with a safe, authorized IP):

   ```
   sudo nmap 192.168.1.1
   ```

#### Step 2: Install and Configure Fail2ban

1. Install Fail2ban:

   ```
   sudo apt install fail2ban -y
   ```
2. Copy the configuration file:

   ```
   sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
   ```
3. Edit the configuration:

   ```
   sudo nano /etc/fail2ban/jail.local
   ```

   * Find the `[sshd]` section and set `enabled = true`
4. Restart Fail2ban:

   ```
   sudo systemctl restart fail2ban
   ```

### Part 5: Log Analysis

#### Step 1: Examine System Logs

1. View the system log:

   ```
   sudo less /var/log/syslog
   ```
2. Search for SSH-related entries:

   ```
   sudo grep sshd /var/log/auth.log
   ```

#### Step 2: Monitor Real-time Logs

1. Use the `tail` command to monitor logs in real-time:

   ```
   sudo tail -f /var/log/auth.log
   ```
2. In another terminal or from another machine, attempt to SSH into the server and observe the log entries

### Part 6: Basic Web Server Setup

#### Step 1: Install Apache Web Server

1. Install Apache:

   ```
   sudo apt install apache2 -y
   ```
2. Allow HTTP traffic through the firewall:

   ```
   sudo ufw allow 'Apache'
   ```

#### Step 2: Configure a Basic Web Page

1. Edit the default web page:

   ```
   sudo nano /var/www/html/index.html
   ```
2. Add some basic HTML content:

   ```html
   <html>
     <body>
       <h1>Welcome to my secure server!</h1>
     </body>
   </html>
   ```
3. Save and exit the editor

#### Step 3: Access the Web Server

* From another machine on the network, open a web browser and navigate to the IP address of your Ubuntu Server

### Conclusion

In this lab, you've learned how to set up an Ubuntu Server LTS virtual machine, perform basic system administration tasks, configure security settings, install and use common cybersecurity tools, and analyze system logs. You've also optionally set up a basic web server. These skills form a foundation for further exploration of Linux servers in cybersecurity contexts.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://www.cs4066.com/introduction-to-linux-lab.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.