With countless job openings and growth with no end in sight, InfoSec is the place to be. Many pose the question, “Where do I start?” Over his years of training hackers and eventual security experts across a wide array of industries and occupations, the author ascertains that one of the biggest hurdles that many up-and-coming professional hackers face is the lack of a foundational knowledge or experience with Linux. In an effort to help new practitioners grow, he made the decision to pen a basic ‘How To’ manual, of sorts, to introduce foundational concepts, commands and tricks in order to provide instruction to ease their transition into the world of Linux. Out of this effort, “Linux Basics for Hackers” was born.
It goes without saying that many of our heroes in the security world are either unknown or known by their nickname or alias on IRC, in chatrooms or even in real life. As such, in an effort to properly recognize the author of “Linux Basics for Hackers – Getting Started with Networking, Scripting and Security in Kali”, who goes by the moniker “OccupyTheWeb” (or “OTW” for short), I’ll quote the About the Author section directly from the book:
“OccupyTheWeb (OTW) is the pseudonym for the founder and primary writer for the hacker and pentester training website, https://www.hackers-arise.com/. He is a former college professor and has over 20 years of experience in the information technology industry. He has trained hackers throughout the US, including branches of the US military (Army, Air Force, and Navy) and the US intelligence community (CIA, NSA, and DNI). He is also an avid mountain biker and snow boarder.”
I’ll preface this review with the notion that this book, as the title clearly indicates, is intended for beginning hackers and penetration testers who do not have a foundational knowledge or experience with Linux. For those who’ve spent a lot of time at a Linux terminal, there is nothing groundbreaking in this book. However, you may know someone who needs that early instruction time, or for whom this book might teach core skills in order that they may find satisfaction and comfort in learning to navigate and use a new operating system. Additionally, while this book is written specifically for the reader to install Kali Linux, one of if not THE most used Linux distros for penetration testing, and use its pre-installed hacking tools, the concepts herein apply to Linux in general and are useful for Ubuntu, Debian, SuSE, CentOS and other Linux distributions that readers may use in their security endeavors.
A Look Inside “Linux Basics for Hackers”
The book is laid out in such a way as to introduce the reader to progressing concepts. Each chapter covers a topic and provides some examples of the application of that topic. The chapters conclude with a few basic exercises to ensure that the reader has put their hands to a keyboard and can use what they’ve been shown. In my experience, new Linux users should probably read the book in order from front to back. However, if the reader has some familiarity with certain topics in the book, they can likely skip forward to chapters that are more applicable to their current level of knowledge.
The “Introduction” leads the reader into the definitions of ‘ethical hacking’, ‘penetration testing’ and the application of security in general terms and their relation to the author’s history with both the military and espionage. OTW presents Linux (what it is and why it’s so popular within technical ranks), and then moves into specifics about Kali Linux. Instructions are provided to install Kali into a virtual machine, so that the reader may use it as a learning environment while progressing through the book.
“Chapter 1: Getting Started with the Basics” begins the foray into the command line in Linux including navigating the filesystem and creating, deleting or finding files and folders. The author introduces the reader to various commands, such as:
- pwd (to help them determine their current directory on the system)
- find, locate or which (finding files)
- cp (copy a file)
- mv (move or rename a file)
The reader then moves into “Chapter 2: Text Manipulation”, where file and text maneuvers are introduced. It starts with the concepts of ‘head’ and ‘tail’ for displaying the first or last ‘x’ number of lines in a file and continues with ‘more’ or ‘less’ for various ways of displaying the contents of a file with or without the ability to scroll back or search for text within the file. Last but certainly not least is ‘grep’, the ability to locate one or more instances of a string or term within a file.
The next couple of chapters deal with system configuration items such as network management and package installations. In “Chapter 3: Analyzing And Managing Networks” , OTW covers the use of ifconfig and iwconfig to guide the reader through attaching their Kali instance to the network, whether through a wired or wireless network adapter respectively. He explains the basics of the network configuration files that one might need to edit manually in order to reconfigure DNS and DHCP settings, or to reconfigure the adapter’s MAC address for spoofing and man-in-the-middle attacks. This is one of many great example of how this book differs from other more general Linux books. Although the attacks themselves fall out of the scope of the book, he nonetheless recognizes his intended audience and introduces a hacking concept for the reader to explore more fully on their own. “Chapter 4: Adding and Removing Software” explores software packages – locating them, version identification, installations, updates and removals – on Linux and covers the use of both command line tools (such as apt-get) and graphical user interface (GUI) tools to accomplish these tasks.
For Linux newcomers, Chapter 5 is a lesson on “Controlling File and Directory Permissions“. The author goes over how to determine existing rights assignments for User, Group and Other and how to set them properly in order to properly secure files and directories. He also discusses extended permissions (a topic that often confuses beginners on Linux) such as SUID and SGID, which provide extended permissions to allow other users or groups the same permission on a restricted basis that a file or binary owner has on the system. For instance, this is commonly seen on a Linux system, as it allows access to the /etc/shadow file during a password change process by a non-root user, where access to that file is normally restricted.
In Chapters 6 and 7, OccupyTheWeb covers “Process Management” and methods for ”Managing User Environment Variables”. The reader follows along in Chapter 6 in reviewing running processes on the system and how to raise or lower the execution priority of a process. This is done to give preferred access to the processor and other resources of a chosen process over other running processes to complete intensive tasks in a more timely fashion. The author explains running processes in both the foreground and background and even begins to look at how to schedule tasks to run at certain times using the at daemon. Chapter 7 reviews environment variables and shows the reader how to use temporary variables (for the current session only) or persistent variables (that carry over from session to session). He covers changing the shell prompt (on Windows one might recognize this as “C:\Windows” or on Linux as “root@kali:~”), as this is often useful in hacking when an attacker / tester is traversing multiple systems and needs to keep track of which system he or she is on. The reader is also shown how to modify the PATH variable on the system to allow easy access to binaries and other executables that do not reside within their current directory.
Chapter 8 is devoted to “Bash Scripting”. The reader is given a brief ‘crash course’ into command line scripting, in order to automate tasks and more programmatically control tools and commands. OTW begins with the traditional “Hello World”-like example as used in various programming language tutorials and the like and shows the reader how to set permissions on a script to allow its execution. He explores the ability to make a script accept user input (such as ip address ranges or other useful variable data needed to obtain required results) and proceeds to walk the user through the creation of some basic scripts for finding open ports or locating systems that are running specific services such as MySQL. The chapter concludes with a quick look at some of the built-in bash commands like bg (to background a process) and exec (executing a command without creating a new process).
Next are “Chapter 9: Compressing and Archiving” and “Chapter 10: Filesystem and Storage Device Management”. The author discusses compression and the different benefits like size / compression ratios of various compression tools such as bzip2 and gzip. He also shows how to make bit-by-bit and full physical copies of a storage device in Linux useful in Forensics. He then covers topics such as mounting or unmounting storage devices and monitoring storage device statistics like free space and finding errors. While many new users rely on GUI desktop tools that are provided in Linux (yes, even Kali, a “hacker” / security distribution has a GUI), it’s important to understand the tools and methods OTW covers here, should the reader find themselves in a terminal session on a remote server or on a system where the GUI has crashed, is not installed, or has stopped functioning.
Over the course of the next few chapters, the reader finally gets into some of the topics that feel more geared to actual ‘security’, than just general Linux navigation and administration. OTW begins with a discussion of “The Logging System” in Chapter 11, where he reviews how the system events are logged and into which log files different event data may be stored. He covers log rotation (to save space and help organize logs into more manageable chunks / sizes) and discusses stealthy log manipulation, such as how an attacker or tester might hide their tracks or conceal evidence of what actions they’ve taken (or files they’ve accessed) on a target system. In “Chapter 12: Using and Abusing Services”, the user is walked through running and managing important services that they might use during their security testing such as the Apache Web Server, MySQL database or even a nifty / novelty side foray into setting up and using a Raspberry Pi as a remote spy camera. OTW concludes the chapter with a discussion of Metasploit’s (one of the more popular hacking toolkits) use of the PostgreSQL database and how to setup and configure it for use. Then in “Chapter 13: Becoming Secure and Anonymous”, the author dives into the use of proxy and VPN technologies in order to help a tester / attacker hide their tracks and ‘hopefully’ (but never 100% guaranteed or foolproof) maintain anonymity during their security testing activities.
In Chapter 14: Understanding and Inspecting Wireless Networks”, the reader is given a very brief introduction into wireless and Bluetooth configuration and application with regards to security. Understandably, entire books and courses have been authored on these topics, so to expect more than a basic touch here would be doing a disservice to the reader. Sufficed to say the author gives a taste of wireless security with brief examples of the aircrack-ng toolset and then discusses scanning and reconnaissance of Bluetooth.
Chapters 15 and 16 take a look at the Linux kernel, LKMs (loadable kernel modules), and a deeper look at task and job scheduling, respectively. In Chapter 15, OTW explains the importance of extending the kernel with LKM’s in order to provide services, drivers and other functionality that is provided in the core Linux kernel itself. He explains how to tune the kernel with sysctl and how to find and manage modules with modinfo and modprobe. In Chapter 16, the reader is shown how cron works and is given an explanation of crontab syntax (crontab is where one manages the ‘schedule’ for automated tasks to be run).
The book concludes with Chapter 17, ‘Python Scripting Basics for Hackers’. One of the most important tools in a hacker’s toolbox is their ability to use a scripting language to automate repetitive tasks such as network scans, data collection, configuration or other file parsing, etc. In this chapter, the reader is given an introductory look at Python. First, the author explains Python package management using pip, a tool for installing and managing third-party add-ons to Python (packages provide libraries and other useful code chunks that a user may find advantageous, in order to minimize having to code entire functions and save valuable time during a project). Concepts such as variables and functions are covered, and an explanation is provided for ‘Object-Oriented Programming (OOP)’ which explains how many of the modern programming languages use ‘objects’. This concept allows a programmer to maintain the values, attributes and actions that may be taken, relative to a certain ‘object’ or item that the code is acting upon (such as a network host, having ip addresses, hostnames and ports assigned to it, so that the programmer might be able to run a specific attack, based on a specific listening port on the host). OTW discusses collection-oriented concepts like dictionaries, looping and control statements, and exception handling, and then proceeds to walk the reader through an example script for building a TCP listener and client.
All in all, I really enjoyed the book. It’s great not from the perspective of someone who took a lot from it myself but from the way OccupyTheWeb authored it as a good introduction to Linux for those looking to venture into cyber security. He covered topics in enough detail to make them useful examples without going so deep as to bore the reader by focusing for too long on any one task. He managed to squeeze a lot of information into a very manageable read. At only 211 pages, he covered the basics of the operating system in enough detail that the reader can immediately put the knowledge into hands-on practice and begin to develop a proficiency with Linux.
Additionally, while he definitely authored the book with a security practitioner (or hacker) in mind, the information provided can help even a general user to get more comfortable with the Linux operating system without feeling overwhelmed by more complex, security-related topics and usage. While we could all benefit from more attention to security, “Linux Basics for Hackers” just might inspire the next crop of budding techies into the security rock stars of tomorrow.
Tim Everson, OSCE, OSCP (aka hayabusa) – Sr. Security Engineer / Manager of Information Security, is a security enthusiast with over 22 years in various sectors of the IT industry. Tim has performed Web Application and Network Penetration Testing, managed efforts to meet compliance audits such as SOC 2 Type 2 and others, and led efforts to align customer and company environments to comply with best practices such as ITIL and other industry frameworks. Tim enjoys reviewing new books and courses to build his knowledge base and challenge himself, as well as to help others find appropriate learning to help them grow and progress in the field. When not tucked behind a computer screen, Tim likes to spend time camping and hiking trails at the state and national parks, he’s a busy husband, dad and grandpa, and he has a passion for cartoon drawing and computer graphics and animation. Blog: https://eversec.blogspot.com/ Twitter: @timeversonTags: book reviewhackinghighlightkalilinuxmetasploitpentestpython