Introduction to Linux Security Fundamentals

Master the essential Linux security concepts every hacker needs to know. This hands-on lab covers user permissions, file security, network basics, and reconnaissance techniques using real tools in a live Kali Linux environment.

BEGINNER
Estimated: 45 minutes
Type: GUI Desktop
Tasks: 6
XP: 110 XP
Sign in to start this lab
Sign In

Tasks

0 / 6 completed

Preview Mode

You can browse the tasks below. Sign in to track your progress and launch the lab machine.

Sign In to Start
1

Welcome to Your Hacking Lab

🎯 Learning Objectives

  • Navigate the Kali Linux desktop environment
  • Open and use the terminal emulator
  • Understand the basic file system layout

Welcome, Operator!

You're about to enter a fully configured Kali Linux environment - the same operating system used by professional penetration testers and security researchers worldwide.

💡 Pro Tip: Kali Linux comes pre-installed with over 600 security tools. Throughout this lab, you'll learn to use some of the most essential ones.

Your First Steps:

  1. Click "Start Machine" above to launch your lab environment
  2. Wait for the desktop to fully load (usually 30-60 seconds)
  3. Open a terminal by clicking the terminal icon in the taskbar or pressing Ctrl+Alt+T

Once your terminal is open, you're ready to continue to the next task!

The terminal icon looks like a black rectangle with a white cursor. You can also right-click on the desktop and select "Open Terminal Here".
2

Understanding Linux Users & Permissions

Who Are You?

In Linux, every action is performed by a user. Understanding user permissions is fundamental to both system administration and hacking.

$ whoami

kali

The whoami command tells you your current username. Try it now!

Key User Types in Linux:

User Type Description
root Superuser with unlimited access (UID 0)
kali Default user in Kali Linux
System users Service accounts (www-data, mysql, etc.)

⚠️ Security Note: Running commands as root is powerful but dangerous. Always use the principle of least privilege!

Your Task:

Run the whoami command in your terminal and enter the username below:

Type "whoami" (without quotes) in your terminal and press Enter. The output is your answer.
3

Navigating the File System

The Linux File System

Unlike Windows with its drive letters (C:, D:), Linux has a single hierarchical file system starting from / (root).

/home

User home directories

/etc

System configuration files

/var

Variable data (logs, websites)

/usr

User programs & utilities

Essential Navigation Commands:

pwd     # Print Working Directory - where am I?
ls      # List files in current directory
ls -la  # List ALL files with details (including hidden)
cd /    # Change to root directory
cd ~    # Change to home directory (~ is shortcut)
cd ..   # Go up one directory

Your Task:

Navigate to your home directory using cd ~, then use pwd to find the full path. Enter it below:

Run "cd ~" to go to your home directory, then "pwd" to print the path. The answer should start with /home/
4

File Permissions Decoded

Understanding Permission Strings

When you run ls -la, you'll see something like this:

-rwxr-xr-x  1 kali kali  4096 Jan 15 10:30 script.sh
drwxr-xr-x  2 kali kali  4096 Jan 15 10:30 Documents
-rw-------  1 root root  1679 Jan 15 10:30 secret.key

Breaking Down Permissions:

d rwx r-x r-x
Type
d=dir, -=file
Owner
User perms
Group
Group perms
Others
Everyone else

Permission Values:

  • r (read = 4) - View file contents or list directory
  • w (write = 2) - Modify file or create/delete in directory
  • x (execute = 1) - Run as program or enter directory

🔐 Hacker Insight: When pentesting, always check for world-writable files (-rw-rw-rw-) and SUID binaries (-rwsr-xr-x) - these are common privilege escalation vectors!

Try running ls -la /etc/passwd to see the permissions on a critical system file.

The /etc/passwd file should have permissions like -rw-r--r-- meaning everyone can read it but only root can write to it.
5

Network Reconnaissance with Nmap

Your First Reconnaissance

Nmap (Network Mapper) is the most essential tool in any hacker's arsenal. It's used to discover hosts, services, and vulnerabilities on networks.

🛠️ Tool Profile: Nmap

  • Type: Network Scanner
  • Used for: Host discovery, port scanning, service detection
  • Skill level: Essential for all security professionals

Basic Nmap Commands:

# Ping scan - check if host is alive
nmap -sn 127.0.0.1

# Quick port scan
nmap 127.0.0.1

# Service version detection
nmap -sV 127.0.0.1

# Operating system detection (requires root)
sudo nmap -O 127.0.0.1

Your Task:

Run a ping scan on localhost:

nmap -sn 127.0.0.1

Look at the output. What status does it show for the host? (Hint: it's a 2-letter word)

⚠️ Legal Warning: Only scan networks and systems you have explicit permission to test. Unauthorized scanning is illegal in most jurisdictions!

The output will say "Host is ___" - the answer is the word after "is" (lowercase).
6

Lab Complete!

🎉

Congratulations, Operator!

You have completed your first security lab

📚 What You Learned:

  • Navigating the Kali Linux environment
  • Understanding Linux user permissions
  • Reading and interpreting file permissions
  • Using Nmap for network reconnaissance
  • Basic terminal commands for navigation

🚀 Next Steps:

🔍 Web Application Hacking

Learn to find vulnerabilities in web applications using tools like Burp Suite and SQLMap.

🔓 Password Cracking

Master hash cracking techniques with John the Ripper and Hashcat.

📶 Wireless Security

Explore WiFi security testing with Aircrack-ng and related tools.

Remember: With great power comes great responsibility. Always hack ethically and legally! 🛡️

Lab Environment
Open in Tab