Linux Fundamentals and Host Based Security

This flashcard set covers essential Linux fundamentals, including distributions, kernel structures, command-line tools, file management, system administration, and host-based security tools like iptables and PAM.

Free and Open-Source Software (FOSS)

A classification of software which is freely available to be used, modified, or copied without a license and where the source code is openly available on the internet.

Debian

One of the oldest Linux distributions still in use, maintained by The Debian Project, known for stability, and serves as the basis for Ubuntu.

Alpine Linux

A lightweight and simple distribution that does not use GNU Core Utilities or systemd; commonly used in containerized setups and routers.

Monolithic Kernel

A system architecture where the entire OS runs in "kernel space" and handles communication between the OS and system hardware.

bash (Bourne Again Shell)

An application located at /bin/bash that interprets commands and allows interaction with the Linux kernel.

SSH (Secure Shell)

A tool used for encrypted remote access to Linux machines, commonly using OpenSSH and configured via /etc/ssh/sshd_config.

Absolute Path

A file path that starts from the root directory "/".

Relative Path

A file path that starts from the current directory, often using shorthand like "." or "..".

Hidden Files

Files with names beginning with a "." that are hidden from view by default unless a specific flag (like -a) is used.

Standard Streams

The three communication channels for input and output: stdin (input), stdout (output), and stderr (error).

tee

A command that redirects output to a file while simultaneously displaying it on the screen.

$PATH

An environment variable that indicates where the shell should look for binaries, scripts, and executables by default.

tar (tape archive)

A utility that turns multiple files into one file and can preserve file permissions, but does not compress files unless specified.

gzip

A common Linux compression utility used to create .gz files.

Soft Link (Symbolic Link)

A pointer to another file that acts like a Windows shortcut; the link breaks if the source file is moved.

Hard Link

A direct link to file data that remains functional even if the source file is moved or deleted.

grep

A command-line utility used to search through files or filter command output for specific search terms.

diff

A utility used to compare two files and display the specific differences between them.

root

A powerful superuser account with administrative rights (UID 0) or the top-level directory (/) of the filesystem.

sudo (Super User Do)

A command that allows a permitted user to execute commands as another user, typically root, for easier auditing and security.

User ID (UID)

A numerical value associated with an account; root is always $0$, system accounts are $1-99$, and user accounts are $1000$ or greater.

/etc/passwd

A file that maps Usernames to UIDs and contains home directory and default shell information.

/etc/shadow

A secured file containing usernames and their associated password hashes, as well as password expiration data.

chmod

The command used to change file permissions for the owner, group, and others.

Daemon

A background process, often ending in "d" (e.g., sshd), that is usually started at boot and associated with a specific system service.

systemd

The first daemon started by the kernel, assigned PID $1$, responsible for managing other daemons and services.

journalctl

A systemd utility used to view and filter logs stored in the system journal.

Package Manager

A tool (like apt or dnf) used to install, remove, update, and maintain software packages and their dependencies.

iptables

A Linux host firewall that controls traffic using three chains: INPUT, OUTPUT, and FORWARD.

firewalld

A zone-based host firewall that provides a user-friendly front end to the netfilter kernel framework.

AAA

A security framework consisting of Authentication, Authorization, and Accounting.

PAM (Pluggable Authentication Modules)

A framework used for authentication rules where modules can be enforced in different ways and are sensitive to rule order.

Users & Groups in Linux

Users are individuals who can log into a Linux system, while groups are collections of users that can be assigned permissions for accessing files and resources.

Important Files in Linux

Key files include /etc/passwd (user account information), /etc/shadow (user passwords), /etc/group (group information), and /etc/sudoers (sudo permissions).

Linux File Permissions

Linux uses a permission model that allows read (r), write (w), and execute (x) permissions for three categories: owner, group, and others.

Important Daemons in Linux

• sshd: The OpenSSH server daemon that handles secure shell connections. - systemd: The system and service manager for Linux that initializes the system and manages services.

Hard Links

Hard links create an additional directory entry for a file that shares its inode.

Common Commands & Tools

Common tools include ls (list directory contents), cp (copy files), mv (move files), rm (remove files), and chmod (change file permissions).

PAM (Pluggable Authentication Modules)

A framework that manages how authentication is carried out in the system. Allowed modules can be stacked for various authentication policies.

soft links

Soft links are pointers to another file path and can break if the original file is moved.