10.2 Project 1 Day 2 Activity Guide
10.2 Project 1 Day 2 Activity Guide
Today, you will continue to play the role of a security professional tasked with auditing
and hardening a Linux server owned by BSC.
Today’s focus is on BSC’s Linux server’s SSH settings, system packages, services, and
logging configurations:
Instructions
Lab access:
Please return to your same lab used in the previous class
© 2024 edX Boot Camps LLC. Confidential and Proprietary. All Rights Reserved.
If the lab doesn’start, you can rebuild the lab with the following 2 commands:
In Part 1 of today’s activity, you will be hardening the SSH setting for BSC’s Linux
server. As SSH is a common method attackers use to breach remote Linux servers, it is
important to harden SSH with strict controls.
● Use the following SSH configuration manual to assist with your tasks:
sshd_config(5): OpenSSH SSH daemon config file - Linux man page
In Part 2, you will be reviewing and updating your system packages. This is important
because app developers often release patches to protect from security vulnerabilities.
Having the latest version of your packages minimizes your security risks.
In Part 3, you will be reviewing and disabling any unnecessary services. This is
important because having unnecessary services running increases your attack surface.
Follow the below steps to identify and remove any unnecessary services.
© 2024 edX Boot Camps LLC. Confidential and Proprietary. All Rights Reserved.
Part 4: Enabling and Configuring Logging
In Part 4, you will be configuring and checking logging settings on Baker Street’s Linux
server. Logging is a crucial part of the hardening process as logging can help identify
security issues such as suspicious network activity, unauthorized access, or other
anomalous activity.
© 2024 edX Boot Camps LLC. Confidential and Proprietary. All Rights Reserved.