This Lab focuses on auditing the network security of Linux hosts. You will audit a Kali Linux host and an Ubuntu 8 host that is intentionally configured to be vulnerable to attacks. The techniques you learn apply to all modern distributions of Linux. By including the auditing techniques as part of routine system administration you can reduce the attack surface of your systems, potentially identify when systems have been compromised, and improve your overall security posture.
The local network for this Lab is contained within a Hyper-V virtual environment. The hosts that you will audit are virtual machines running in the Hyper-V environment.
This Lab is designed for the CREST Practitioner Security Analyst (CPSA) certification examination but is of value to security practitioners in general.
Lab Objectives
Upon completion of this Lab you will be able to:
- Perform network security audits of Linux systems
- Understand how to construct commands specific to your auditing needs
- Generate summary reports of system-wide network socket usage
- Identify network sockets being used by specific processes and connections
Lab Prerequisites
You should be familiar with:
- TCP and UDP network protocol basics
You can fulfill the prerequisites by completing the OSI and TCP/IP Networking Models Course.
Updates
July 9th, 2020 - Enabled direct browser RDP connection for a streamlined experience
Logan has been involved in software development and research since 2007 and has been in the cloud since 2012. He is an AWS Certified DevOps Engineer - Professional, AWS Certified Solutions Architect - Professional, Microsoft Certified Azure Solutions Architect Expert, MCSE: Cloud Platform and Infrastructure, Google Cloud Certified Associate Cloud Engineer, Certified Kubernetes Security Specialist (CKS), Certified Kubernetes Administrator (CKA), Certified Kubernetes Application Developer (CKAD), and Certified OpenStack Administrator (COA). He earned his Ph.D. studying design automation and enjoys all things tech.