Introduction to Linux Lab

Ubuntu Server LTS Lab Activity for Cybersecurity

Objective

This lab activity is designed to introduce undergraduate cybersecurity students to Ubuntu Server LTS, focusing on basic system administration, security configurations, and common cybersecurity tools in a server environment.

Prerequisites

  • VMware Workstation Player installed on your computer

  • Ubuntu Server 22.04 LTS ISO file downloaded (or the latest LTS version available)

Part 1: Setting up the Ubuntu Server Virtual Machine

Step 1: Create a New Virtual Machine

  1. Open VMware Workstation Player

  2. Click on "Create a New Virtual Machine"

  3. Choose "Installer disc image file (iso)" and select your Ubuntu Server ISO

  4. Follow the wizard, allocating at least 20GB of disk space and 2GB of RAM

Step 2: Install Ubuntu Server

  1. Start the virtual machine and follow the Ubuntu Server installation prompts

  2. Choose to install Ubuntu Server (minimized installation)

  3. Configure network settings (DHCP is usually fine for this lab)

  4. Set up a username and password for the administrator account

  5. Choose to install OpenSSH server when prompted

  6. Do not select any additional featured server snaps

Step 3: Update the System

  1. After installation, log in with your credentials

  2. Update the package list and upgrade installed packages:

    sudo apt update
sudo apt upgrade -y

Part 2: Basic System Administration

Step 1: User Management

  1. Create a new user:

    sudo adduser securitystudent

  2. Add the new user to the sudo group:

    sudo usermod -aG sudo securitystudent

  3. Switch to the new user:

    su - securitystudent

Step 2: File Permissions

  1. Create a directory and a file:

    mkdir securefiles
echo "This is a secret" > securefiles/secret.txt

  2. Change permissions:

    chmod 700 securefiles
chmod 600 securefiles/secret.txt

  3. Verify permissions:

    ls -l securefiles
ls -l securefiles/secret.txt

Part 3: Basic Security Configurations

Step 1: Configure the Firewall

  1. Check firewall status:

    sudo ufw status

  2. Enable the firewall:

    sudo ufw enable

  3. Allow SSH:

    sudo ufw allow ssh

Step 2: Secure SSH

  1. Edit SSH configuration:

    sudo nano /etc/ssh/sshd_config

  2. Make the following changes:

    • Change PermitRootLogin to no

    • Set PasswordAuthentication to no

    • Set MaxAuthTries to 3

  3. Restart SSH service:

    sudo systemctl restart ssh

Part 4: Installing and Using Cybersecurity Tools

Step 1: Install Nmap

  1. Install Nmap:

    sudo apt install nmap -y

  2. Perform a basic scan (replace with a safe, authorized IP):

    sudo nmap 192.168.1.1

Step 2: Install and Configure Fail2ban

  1. Install Fail2ban:

    sudo apt install fail2ban -y

  2. Copy the configuration file:

    sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

  3. Edit the configuration:

    sudo nano /etc/fail2ban/jail.local

    • Find the [sshd] section and set enabled = true

  4. Restart Fail2ban:

    sudo systemctl restart fail2ban

Part 5: Log Analysis

Step 1: Examine System Logs

  1. View the system log:

    sudo less /var/log/syslog

  2. Search for SSH-related entries:

    sudo grep sshd /var/log/auth.log

Step 2: Monitor Real-time Logs

  1. Use the tail command to monitor logs in real-time:

    sudo tail -f /var/log/auth.log

  2. In another terminal or from another machine, attempt to SSH into the server and observe the log entries

Part 6: Basic Web Server Setup

Step 1: Install Apache Web Server

  1. Install Apache:

    sudo apt install apache2 -y

  2. Allow HTTP traffic through the firewall:

    sudo ufw allow 'Apache'

Step 2: Configure a Basic Web Page

  1. Edit the default web page:

    sudo nano /var/www/html/index.html

  2. Add some basic HTML content:

    <html>
  <body>
    <h1>Welcome to my secure server!</h1>
  </body>
</html>

  3. Save and exit the editor

Step 3: Access the Web Server

  • From another machine on the network, open a web browser and navigate to the IP address of your Ubuntu Server

Conclusion

In this lab, you've learned how to set up an Ubuntu Server LTS virtual machine, perform basic system administration tasks, configure security settings, install and use common cybersecurity tools, and analyze system logs. You've also optionally set up a basic web server. These skills form a foundation for further exploration of Linux servers in cybersecurity contexts.

PreviousUnit 4NextHacking Linux Lab

Last updated