7.1.1.6 Lab – Hardening a Linux System (Answers Solution)

May 16, 2022 Last Updated: May 16, 2022 Cybersecurity Essentials No Comments
Tweet Share Pin it

7.1.1.6 Lab – Hardening a Linux System (Answers)

Instructor Note: Red font color or gray highlights indicate text that appears in the instructor copy only.

Objectives

Demonstrate the use of a security auditing tool to harden a Linux system.

Background / Scenario

Auditing a system for potential misconfigurations or unprotected services is an important aspect of system hardening. Lynis is an open source security auditing tool with an automated set of scripts developed to test a Linux system.

Required Resources

  • PC with Ubuntu 16.04 Desktop LTS installed in a VirtualBox or VMware virtual machine.

Step 1: Open a terminal window in Ubuntu.

a. Log in to Ubuntu using the following credentials:

User: cisco
Password: password

7.1.1.6 Lab - Hardening a Linux System (Answers Solution) 10

b. Click the terminal icon to open a terminal window..

7.1.1.6 Lab - Hardening a Linux System (Answers Solution) 11

Step 2: The Lynis Tool

a. At the command prompt, enter the following command to change to the lynis directory:

cisco@ubuntu:~$ cd Downloads/lynis/

7.1.1.6 Lab - Hardening a Linux System (Answers Solution) 12

b. At the command prompt, enter the following command and enter the password password when prompted:

cisco@ubuntu:~/Dowloads/lynis$ sudo ./lynis update info

7.1.1.6 Lab - Hardening a Linux System (Answers Solution) 13

This command verifies that this is the latest version and updates for the tool at the time of writing of this lab.

Step 3: Run the Tool

a. Type the following command in terminal and press Enter:

cisco@ubuntu:~/Downloads/lynis$ sudo ./lynis --auditor cisco

7.1.1.6 Lab - Hardening a Linux System (Answers Solution) 14

As displayed above, the tool will begin auditing using the user cisco as the auditor.
Notice: You will receive warnings.

b. To continue with each stage of the audit press Enter. You will receive warnings as shown below.

7.1.1.6 Lab - Hardening a Linux System (Answers Solution) 15

c. You will receive suggestions, as shown below.

7.1.1.6 Lab - Hardening a Linux System (Answers Solution) 16

d. You will receive a notification for any configuration that is weak as shown below:

7.1.1.6 Lab - Hardening a Linux System (Answers Solution) 17

e. You will receive detailed security enhancement suggestions as well as a final summary which provides the location where you can find the log file.

7.1.1.6 Lab - Hardening a Linux System (Answers Solution) 18

Step 4: Review Results

a. Scroll up to the results section after the tool is finished running.

How many Warnings did you receive?
Answers will vary. There was 1 warning in this example.

How many Suggestions did you receive?
Answers will vary. There were 33 suggestions in this example.

b. Scroll through the suggestions and select one. You will research a suggestion that you can implement to address the issue.

Which suggestion are you addressing?
Answers will vary.

What is your suggested solution?
Answers will vary.

References

Lynis: https://cisofy.com/lynis/ 

 

Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x