Hardening

🎯 Goal Master SSH for secure remote access, authentication hardening, port forwarding, and tunneling. Learn to configure SSH servers securely, use key-based authentication, and leverage SSH tunnels for accessing internal networks. 1. SSH Fundamentals & Key-Based Authentication Why SSH Keys Over Passwords? Passwords are weak: Vulnerable to brute force attacks Can be keylogged or phished Easily forgotten or reused SSH keys are strong: 4096-bit RSA or ed25519 provide cryptographic security Private key never leaves your machine Cannot be brute forced in reasonable time Generate an SSH Key Pair Recommended: Ed25519 (modern, fast, secure) ...

Goal Understand why system hardening matters and master the foundational principles of defense-in-depth security. Learn how attackers exploit unhardened systems and how layered defenses contain breaches. Prerequisites: Weeks 1-10 (especially Week 5 SSH hardening, Week 9 physical security) This is Part 1 of 4 - Subsequent parts cover MAC systems, kernel hardening, and sandboxing. 1. Why System Hardening Matters The Attacker’s Advantage Without hardening: Single vulnerability → Full system compromise Example attack chain: ...

Goal Understand the difference between traditional Linux permissions (DAC) and Mandatory Access Control systems (AppArmor/SELinux). Learn to audit your system’s security posture using Lynis and systematically fix vulnerabilities. Prerequisites: Week 11a (Hardening Foundations) This is Part 2 of 4 - Covers MAC concepts and security auditing. 1. Understanding Mandatory Access Control (MAC) What is MAC vs DAC? DAC (Discretionary Access Control) - Traditional Linux: Owner decides who can access their files Example: You create secret.txt, you decide who can read it Problem: Malware running as your user inherits ALL your permissions Weakness: If Firefox is exploited, attacker gets access to everything you own MAC (Mandatory Access Control) - AppArmor/SELinux: ...

Goal Learn to harden the Linux kernel using sysctl parameters and implement AppArmor profiles to confine applications. These are the core technical controls that limit what attackers can do even after gaining code execution. Prerequisites: Week 11b (MAC Systems & Security Auditing) This is Part 3 of 4 - Covers kernel hardening and AppArmor implementation. 1. Kernel Hardening with sysctl What is Kernel Hardening? The Linux kernel has hundreds of tuneable parameters that affect security. Kernel hardening means configuring these parameters to: ...