Lesson 11

Date: 4/17/2019

Linux Network Security

Linux System Administration

Identifying SSH login attacks in the system logs Exercise

On testub VM, check the lines in log file auth.log and see ssh login attempts to user account jerry:

grep jerry /var/log/auth.log  | grep auth

See the successfull attempt to login:

grep jerry /var/log/auth.log  | grep -E -v '(error|[Ff]ail)'

How systems get compromized
Exercise: SSH brute force attack
Exercise: Log check for login attempts
Exercise: TCP wrappers
Exercise: denyhosts
Stack overflow
Exercise with Stack overflow
Package upgrades and verification
Open Ports List exercise
Closing Ports
IP filtering firewalls (iptables)
Building iptables rules
Simple iptables script
Exercises with iptables
Port scanning exercises
System Integrity Checks
GNUtar exercises
References
Take me to the Course Website