Defensive Level 1 — Fundamentals

Linux Fundamentals

🎯 Goal

Become fully comfortable with the Linux operating system: the command line interface, file system, process management, user administration, package management, basic scripting, and essential networking commands. This is the operating language of nearly all cybersecurity tools and servers.

📚 Sub-Modules & Key Concepts

1. Introduction to Linux

  • What is Linux? Kernel, distributions (Ubuntu, Debian, CentOS/Rocky, Kali), philosophy of open-source.
  • Why Linux in Cybersecurity? Most servers, cloud workloads, network devices, and security tools run Linux. Lightweight, customizable, powerful scripting.
  • Choosing a Distribution for Learning: Ubuntu (beginner-friendly) or Kali Linux (pre-loaded with tools). Start with Ubuntu to learn fundamentals without tool distraction.

2. The Terminal & Shell Basics

  • Terminal Emulator vs. Shell: What is Bash, Zsh? Bash is the standard.
  • Basic Navigation: pwd, ls (with flags -l, -a, -h), cd (absolute vs relative paths, ., .., ~).
  • Getting Help: man (manual pages), --help, whatis, apropos.
  • File Operations: touch, mkdir, cp, mv, rm, rmdir, ln (hard and symbolic links).
  • Viewing Files: cat, less, head, tail, nl.
  • Text Editors: nano (beginner-friendly), vim (essential to know basics: insert, save, quit, search). Vimtutor to practice.

3. Linux File System Hierarchy

  • Structure: / (root), /home, /root, /etc (configuration files), /var (logs, caches), /tmp, /usr, /bin, /sbin, /opt, /proc, /dev.
  • Understanding Mount Points: mount, lsblk, /etc/fstab. Concept of "everything is a file."
  • File Types: Regular files, directories, symbolic links, device files, sockets, pipes.

4. Users, Groups & Permissions

  • Users: root (superuser), system users, regular users. /etc/passwd, /etc/shadow.
  • Groups: /etc/group, groups command.
  • Ownership: chown (change owner), chgrp (change group).
  • Permissions: Read (r=4), Write (w=2), Execute (x=1). chmod with numeric (e.g., 755) and symbolic modes.
  • SUID, SGID, Sticky Bit: Special permissions and their security implications (useful later for privilege escalation).
  • Sudo: Granting temporary root access. /etc/sudoers and visudo.

5. Process Management

  • Processes: Foreground vs. background, PID, PPID.
  • Viewing Processes: ps (aux, ef), top/htop, pidof, pgrep.
  • Signals: kill, pkill, killall (SIGTERM, SIGKILL, SIGHUP).
  • Job Control: bg, fg, jobs, Ctrl+Z, Ctrl+C.

6. Package Management & Software Installation

  • Repository-based: apt (Debian/Ubuntu), dnf/yum (RHEL/CentOS/Fedora). update, upgrade, install, remove, search.
  • Snap/Flatpak: Alternative package formats.
  • Installing from Source: ./configure, make, make install (basic awareness).
  • Managing Repositories: Adding PPAs on Ubuntu.

7. Text Processing & Data Manipulation

  • Pipes & Redirection: |, >, >>, <, 2>, &>.
  • Filters: grep (extended regex with -E), cut, sort, uniq, wc, tr, sed (basic stream editing), awk (beginner-level patterns).
  • Example: Chain commands to extract and sort IP addresses from a log file. Essential for log analysis.

8. Shell Scripting Basics

  • Variables: Defining and using VAR=value, $VAR, ${VAR}.
  • Conditionals: if, test, [ ], [[ ]].
  • Loops: for, while.
  • Input/Output: read, echo.
  • Simple Automation: Write a script to backup a directory, check disk usage, or create a user.

9. System Services & Boot Process

  • Systemd: Units, targets. systemctl to manage services (start, stop, enable, status). Logs via journalctl.
  • Systemd Timers: Replacing cron jobs.
  • Boot Process Deep Dive: POST → BIOS/UEFI → GRUB2 → Kernel → initramfs → systemd. Understand where to intervene for security.

10. Networking in Linux

  • Interface Configuration: ip command (replaces ifconfig), ip addr, ip link, ip route.
  • Network Testing: ping, traceroute, ss (replaces netstat), nslookup, dig.
  • File Transfer: scp, wget, curl.
  • SSH (Secure Shell): ssh client, key-based authentication (ssh-keygen, ssh-copy-id), /etc/ssh/sshd_config.
  • Firewall Basics: ufw (uncomplicated firewall) or iptables concepts.

🛠️ Tools & Hands-On Practice

Tool Purpose How to Use
OverTheWire Bandit Wargame to learn command line (levels 0–33). Start from Level 0, follow the prompts, use man to solve. All commands you need are in the Linux module.
"The Linux Command Line" (book) Comprehensive, free PDF/book. Read chapters and type along.
Vimtutor Built-in Vim tutorial. Run vimtutor in a terminal; takes about 30 minutes.
ExplainShell.com Breaks down complex shell commands. Paste a command, see a visual explanation.
TryHackMe – Linux Fundamentals Rooms Interactive labs. Rooms: "Linux Fundamentals Part 1, 2, 3". Great for hands-on.
Crontab.guru Helps write cron schedules. Test cron expressions visually.

📖 Free Learning Resources

  • Linux Journey – Interactive web tutorial from zero to advanced. Link
  • The Linux Command Line (William Shotts) – Free PDF, the definitive introduction. Download
  • OverTheWire Bandit – The best game to learn Linux. Link
  • TryHackMe – Linux Fundamentals – Free rooms. Part 1, Part 2, Part 3
  • edX – Introduction to Linux (Linux Foundation) – Free audit. Link
  • Jadi's Linux Tutorials (Farsi/English) – Excellent free YouTube series. Search "Jadi Linux".

🔗 Connections

  • Prerequisite: IT Fundamentals (Level 0) – you already know what an OS is, how to install it, and basic terminal use.
  • Next Step: After Linux, you'll move to Networking Fundamentals, where you'll use Linux commands like ip, ping, netstat, and tcpdump to explore how data moves.
  • Directly Enables: All security tools (Burp Suite, Nmap, Metasploit) run on Linux. Understanding processes, permissions, and logs is critical for forensics and blue teaming.

Prerequisite Computer & IT Fundamentals Next Networking Fundamentals