Tryhackme: Linux System Hardening
Task 1: Introduction
Task 2: Physical Security
What command can you use to create a password for the GRUB bootloader?
Answer: grub2-mkpasswd-pbkdf2
What does PBKDF2 stand for?
Answer: Password-Based Key Derivation Function 2
Task 3: Filesystem Partitioning and Encryption
What does LUKS stand for?
Answer: Linux Unified Key Setup
We cannot attach external storage to the VM, so we have created a /home/tryhackme/secretvault.img
file instead. It is encrypted with the password 2N9EdZYNkszEE3Ad
. To access it, you need to open it using cryptsetup
and then mount it to an empty directory, such as myvault
. What is the flag in the secret vault?
Let’s take a look at the question hint
Answer: THM{LUKS_not_LUX}
Task 4: Firewall
There is a firewall running on the Linux VM. It is allowing port 22 TCP as we can ssh into the machine. It is allowing another TCP port; what is it?
Answer: 12526
What is the allowed UDP port?
Answer: 14298
Task 5: Remote Access
What flag is hidden in the sshd_config
file?
Answer: THM{secure_SEA_shell}
Task 6: Securing User Accounts
One way to disable an account is to edit the passwd
file and change the account’s shell. What is the suggested value to use for the shell?
Answer: /sbin/nologin
What is the name of the RedHat and Fedora systems sudoers group?
Answer: wheel
What is the name of the sudoers group on Debian and Ubuntu systems?
Answer: sudo
Other than tryhackme
and ubuntu
, what is the username that belongs to the sudoers group?
Answer: blacksmith
Task 7: Software and Services
Besides FTPS, what is another secure replacement for TFTP and FTP?
Answer: SFTP
Task 8: Update and Upgrade Policies
What command would you use to update an older Red Hat system?
Answer: yum update
What command would you use to update a modern Fedora system?
Answer: dnf update
What two commands are required to update a Debian system? (Connect the two commands with &&
.)
Answer: apt update && apt upgrade
What does yum
stand for?
Answer: Yellowdog Updater, Modified
What does dnf
stand for?
Answer: Dandified Yum
What flag is hidden in the sources.list
file?
Answer: THM{not_Advanced_Persistent_Threat}
Task 9: Audit and Log Configuration
What command can you use to display the last 15 lines of kern.log
?
Answer: tail 15 kern.log
What command can you use to display the lines containing the word denied
in the file secure
?
Answer: grep denied secure
Task 10: Conclusion and Final Notes