Practical Labs (Linux for Cybersecurity – Level One)

Hands‑on practice is essential for mastering Linux in cybersecurity. These labs allow students to apply the concepts learned in previous modules through guided exercises. Each lab focuses on a practical security skill used by system administrators and cybersecurity professionals.

1. Installing Kali Linux in VirtualBox

Objective:
Learn how to install a security-focused Linux distribution in a virtual environment.

Tools Required

• VirtualBox
• Kali Linux ISO image

Steps

1. Download Kali Linux ISO from the official website.
2. Install VirtualBox.
3. Create a new virtual machine:
   • Type: Linux
   • Version: Debian (64-bit)
4. Allocate resources:
   • RAM: 2–4 GB
   • Disk: 20–40 GB
5. Attach the Kali ISO file.
6. Start the VM and follow the installation prompts.

Lab Outcome

Students will be able to run Kali Linux safely in a virtual environment for cybersecurity practice.

2. Navigating the Linux File System

Objective:
Practice navigating directories and managing files.

Commands to Practice

pwd
ls
cd
mkdir labfiles
touch testfile.txt
ls -l

Exercise

1. Create a directory called cyberlab.
2. Create three files inside it.
3. Navigate between directories using cd.
4. List files with detailed information.

Expected Skills

• Understanding Linux directory navigation
• Creating and managing files and folders

3. Managing Users and Permissions

Objective:
Understand user management and file security.

Commands

sudo adduser student1
sudo passwd student1
sudo usermod -aG sudo student1

Permission Practice

touch secret.txt
chmod 600 secret.txt
ls -l secret.txt

Exercise

1. Create a new user account.
2. Create a file owned by that user.
3. Change file permissions so only the owner can read it.

Expected Skills

• Creating users
• Managing permissions
• Securing files

4. Basic Network Scanning with Nmap

Objective:
Perform simple network reconnaissance.

Tool Used:
Nmap

Example Commands

nmap localhost

Scan a network range:

nmap 192.168.1.0/24

Scan specific ports:

nmap -p 22,80,443 localhost

Exercise

1. Scan your local machine.
2. Identify open ports.
3. Record the services running on those ports.

Expected Skills

• Running network scans
• Identifying active services

5. Analyzing Logs for Suspicious Activity

Objective:
Identify potential security threats using log analysis.

Important Log Files:

• /var/log/auth.log
• /var/log/syslog

Commands

sudo tail /var/log/auth.log

Search failed login attempts:

sudo grep "Failed password" /var/log/auth.log

Using journalctl:

sudo journalctl -u ssh

Exercise

1. Attempt a failed login (incorrect password).
2. Open the authentication log.
3. Identify the failed login entry.

Expected Skills

• Viewing Linux logs
• Detecting suspicious login attempts
• Understanding system auditing basics

Lab Completion Outcome

By completing these labs, students will be able to:

• Install and configure a Linux security environment
• Navigate the Linux file system confidently
• Manage users and secure files using permissions
• Perform basic network reconnaissance
• Analyze system logs for suspicious activities