How To Add a User and Grant Root Privileges on Ubuntu

Step 1: Add the Username austin@wazuh:~$ sudo adduser ansible Adding user `ansible' ... Adding new group `ansible' (1002) ... Adding new user `ansible' (1002) with group `ansible' ... Creating home directory `/home/ansible' ... Copying files from `/etc/skel' ... Enter new UNIX password: Retype new UNIX password: No password supplied Enter new UNIX password: Retype new... Continue Reading →

Linux Security: Packet Capture and Analysis

It's crucial for any security or systems administrator to be able to capture and analyze network traffic. This allows for advanced troubleshooting as well as security review. Use a tshark capture filter to collect TCP traffic on port 80. Use a tshark capture filter to collect TCP traffic on port 80. Store the capture command... Continue Reading →

Linux Security: Working with IP sets and iptables

IP Sets can facilitate the management of a complex firewall ruleset. This exercise refreshes basic skills with the iptables command and begins developing an understanding of working with IP Sets.  Create a new IP set called 'clienthosts' that contains the IP and Port combinations for each client server. Be sure the 'ipset' is configured to persist a... Continue Reading →

Linux Security: Working with OpenVPN (and iptables)

Install and Configure the OpenVPN server on 'vpn-server' Install OpenVPN: Run yum install -y openvpn.Copy the server config: cp /usr/share/doc/openvpn-2.4.7/sample/sample-config-files/server.conf /etc/openvpn/Edit the server config to contain the following topology configuration: topology subnet Install the provided server certificates Run cp /home/cloud_user/certs/ca.crt /home/cloud_user/certs/server.crt /home/cloud_user/certs/server.key /etc/openvpn. Generate the required Server Keys Generate the dhparamopenssl dhparam -out /etc/openvpn/dh2048.pem 2048Generate... Continue Reading →

Linux Security: Create a Custom Scan Policy with OpenSCAP

Create a Customer OpenSCAP Policy 1. Use VNC to connect to the server using it's public IP address on port 5901.2. Open SCAP Workbench: Applications > System Tools > SCAP Workbench3. Select RHEL7 next to Select content to load:. Click the Customize button next to Profile. Provide a New Profile ID of xccdf_org.ssgproject.custom_profile_1.4. In the customizing window: Click the Deselect All button at the top.5. Under Services > Obsolete Services > Telnet, check the box... Continue Reading →

Linux Security: Working with the Audit Log

Create audit rules to watch `/etc/passwd` for reads, `/etc/sudoers/` for reads and writes, and `/sbin/visudo` for executions. Run these commands auditctl -w /etc/passwd -p w -k userwatch auditctl -w /sbin/visudo -p x -k sudowatch auditctl -w /etc/sudoers -p rw -k sudowatch Generate an audit rule list in `/home/cloud_user/rules.txt` Run this command auditctl -l > /home/cloud_user/rules.txt... Continue Reading →

Linux Security: Performing a Compliance Scan and Active Remediation Using OSCAP

Install the Necessary Packages Become rootsudo su Install the OpenSCAP scanner and the SCAP security guide.yum install -y openscap-scanner scap-security-guide Run a Compliance Scan with Remediation Use the following command to run a scan with remediation:oscap xccdf eval --remediate --profile xccdf_org.ssgproject.content_profile_rht-ccp --results scan-results.xml /usr/share/xml/scap/ssg/content/ssg-rhel7-ds.xml Report from the Scan Results Run the following command to generate a... Continue Reading →

A WordPress.com Website.

Up ↑