Linux System Hardening
This guide contains the answer and steps necessary to get to them for the Linux System Hardening room.
Table of contents
- Physical Security
- Filesystem Partitioning and Encryption
- Firewall
- Remote Access
- Securing User Accounts
- Software and Services
- Update and Upgrade Policies
- Audit and Log Configuration
Physical Security
- What command can you use to create a password for the GRUB bootloader?
The answer can be found in the text.
Click for answer
grub2-mkpasswd-pbkdf2
- What does PBKDF2 stand for?
A quick search can give us the answer.
Click for answer
Password-based Key Derivation Function 2
Filesystem Partitioning and Encryption
- What does LUKS stand for?
The answer can be found in the text.
Click for answer
Linux Unified Key Set
- We cannot attach external storage to theVM, so we have created a
/home/tryhackme/secretvault.imgfile instead. It is encrypted with the password2N9EdZYNkszEE3Ad. To access it, you need to open it usingcryptsetupand then mount it to an empty directory, such asmyvault. What is the flag in the secret vault?
First we must open the encrypted image using cryptsetup.
sudo cryptsetup luksOpen secretvault.img secretvault
or
sudo cryptsetup open --type luks /path/to/dump desired-name
Now we can mount this device to the myvault folder and look inside.
Now we can check to see if the device is mounted and look for our flag.
Click for answer
THM{LUKS_not_LUX}
Firewall
- There is a firewall running on the Linux VM. It is allowing port 22 TCP as we can ssh into the machine. It is allowing another TCP port; what is it?
For this we can use the handy ufw command.
Click for answer
12526
- What is the allowed UDP port?
The can be found with the previous command.
Click for answer
14298
Remote Access
- What flag is hidden in the sshd_configfile?
To find the flag, we must open the files located at:
Click for answer
THM{secure_SEA_shell}
Securing User Accounts
- One way to disable an account is to edit the passwd file and change the account’s shell. What is the suggested value to use for the shell?
The answer to this question can be found in the text.
Click for answer
/sbin/nologin
- What is the name of the RedHat and Fedora systems sudoers group?
The answer to this question can be found in the text.
Click for answer
wheel
- What is the name of the sudoers group on Debian and Ubuntu systems?
The answer to this question can be found in the text.
Click for answer
sudo
- Other than tryhackme and ubuntu, what is the username that belongs to the sudoers group?
This can be found by looking through the /etc/passwd file and filtering on 'root'.
Click for answer
blacksmith
Software and Services
- Besides FTPS, what is another secure replacement for TFTP and FTP?
The answer to this question can be found in the text.
Click for answer
SFTP
Update and Upgrade Policies
- What command would you use to update an older Red Hat system?
The answer to this question can be found in the text.
Click for answer
yum update
- What command would you use to update a modern Fedora system?
The answer to this question can be found in the text.
Click for answer
dnf update
- What two commands are required to update a Debian system? (Connect the two commands with&&.)
The answer to this question can be found in the text.
Click for answer
apt update && apt upgrade
- What does yum stand for?
A quick search should give us the answer.
Click for answer
Yellowdog Updater Modified
- What does dnf stand for?
A quick search should give us the answer.
Click for answer
Dandified YUM
- What flag is hidden in the sources.list file?
We can find the file by using:
Click for answer
THM{not_Advanced_Persistent_Threat}
Audit and Log Configuration
- What command can you use to display the last 15 lines of kern.log?
The answer to this question can be found in the text.
Click for answer
tail -n 15 kern.log
- What command can you use to display the lines containing the word denied in the filesecure?
The answer to this question can be found in the text.
Click for answer
grep denied secure