Introduction to Cybersecurity Tools in Linux

Linux is widely used in cybersecurity because it supports powerful open-source tools for network scanning, monitoring, and penetration testing. This module introduces some essential tools for beginners and how to use them ethically.

1. Basic Reconnaissance Tools

Reconnaissance tools are used to gather information about networks, systems, and services.

Common tasks include:

• Identifying live hosts on a network
• Scanning open ports and services
• Capturing network traffic for analysis

Examples of tools:

• Nmap – Network scanning
• Wireshark – Packet analysis
• Netcat – Port scanning and network communication

⚠️ Note: Reconnaissance should always be performed on networks you own or have explicit permission to test. Unauthorized scanning is illegal.

2. Installing and Running Tools

On Debian-based systems (Ubuntu, Kali, Parrot OS):

sudo apt update
sudo apt install nmap wireshark netcat

On Red Hat-based systems:

sudo yum install nmap wireshark nc

After installation, you can run these tools from the terminal.

3. Introduction to Nmap

Nmap is a versatile network scanning tool.

Key Features:

• Scan hosts on a network
• Discover open ports
• Identify services and operating systems

Example Usage:

Scan a single IP:

nmap 192.168.1.10

Scan a range of IPs:

nmap 192.168.1.1-20

Scan for specific ports:

nmap -p 22,80,443 192.168.1.10

Scan with service and OS detection:

nmap -sV -O 192.168.1.10

4. Introduction to Wireshark

Wireshark captures and analyzes network traffic.

Key Features:

• Capture packets from a network interface
• Filter traffic by IP, protocol, or port
• Analyze suspicious packets

Basic Usage:

Start Wireshark GUI:

wireshark

Start capture from terminal (tshark):

sudo tshark -i eth0

Wireshark is essential for network monitoring, incident response, and troubleshooting.

5. Introduction to Netcat

Netcat is a flexible networking tool.

Key Features:

• Connect to remote hosts
• Send or receive data
• Scan open ports

Example Usage:

Check if a port is open:

nc -zv 192.168.1.10 22

• -z → scan without sending data
• -v → verbose output

Create a simple chat between two hosts:

# Host 1
nc -l 1234

# Host 2
nc 192.168.1.10 1234

6. Understanding Ethical Usage

Using cybersecurity tools ethically is critical:

1. Only scan or test systems you own or have permission to access
2. Avoid causing disruption to production systems
3. Follow local laws and organizational policies
4. Document findings responsibly for security improvement

🔒 Ethical usage ensures your skills are used for defense and learning, not illegal hacking.

Cybersecurity Importance

• Reconnaissance is the first step in penetration testing
• Identifying vulnerabilities before attackers do
• Monitoring and analyzing networks for suspicious activity
• Practicing responsible and ethical security testing

Module Summary

Students should now understand:

1. The purpose of basic reconnaissance tools in Linux
2. How to install and run Nmap, Wireshark, and Netcat
3. How to use Nmap to scan hosts, ports, and services
4. How to capture and analyze network traffic with Wireshark
5. How to check open ports and transfer data with Netcat
6. The importance of ethical usage in cybersecurity