Skip to main content
Ethical Hacking
CHAPTER 03

Linux Fundamentals for Security

Updated: May 15, 2026
20 min read

# CHAPTER 3

Linux Fundamentals for Security

1. Introduction

The vast majority of the internet runs on Linux. From the web servers hosting massive corporate databases to the routers in your home, and the Kali Virtual Machine you just installed—Linux is everywhere. If you do not understand Linux, you cannot understand cybersecurity. A professional ethical hacker does not rely on a graphical user interface (GUI); they live in the terminal. In this chapter, we will strip away the mouse and learn how to navigate, manipulate, and administer a Linux system purely through the command line.

2. Learning Objectives

By the end of this chapter, you will be able to:
  • Understand the Linux Directory Structure (/, /home, /etc).
  • Navigate the file system using the Command Line Interface (CLI).
  • Create, read, and manipulate files using basic bash commands.
  • Understand the Linux permission model (Read, Write, Execute).
  • Execute commands with elevated privileges using sudo.

3. Beginner-Friendly Explanation

Imagine a massive library.
  • Windows (The GUI): You walk in, look at signs, ride an elevator, find a bookshelf, and pull out a book. It's visual and easy, but slow.
  • Linux Terminal (The CLI): You stand at the front desk, type a highly specific code into a computer (find / -name "mybook"), and the book instantly teleports into your hands. It requires memorizing codes, but it is infinitely faster and more powerful.

4. The Linux File System

Unlike Windows (which has C:\ and D:\ drives), Linux has a single unified tree structure that starts at the Root (/).
  • /bin: Essential command binaries (the actual programs you run in the terminal).
  • /etc: System configuration files. (Hackers look here for misconfigurations).
  • /home: User directories (like C:\Users\John).
  • /var: Variable data, such as web server files (/var/www/html) and system logs (/var/log).
  • /tmp: Temporary files. (Often used by attackers to store malicious scripts because it usually allows everyone to write to it).

5. Essential Terminal Commands

Open the terminal in your Kali Linux VM. Practice these commands:
  • pwd (Print Working Directory): Tells you exactly where you are.
  • ls (List): Shows you the files in your current directory. Use ls -la to see hidden files and permissions.
  • cd /var/log (Change Directory): Moves you to the /var/log folder.
  • cd ..: Moves you *up* one folder.
  • cat filename.txt: Prints the entire contents of a file to the screen.
  • grep "password" filename.txt: Searches inside the file for the specific word "password".

6. The Permission Model

Linux security revolves around file permissions. Every file has an Owner, a Group, and "Others" (everyone else). When you run ls -la, you see strings like this: -rwxr-xr-- This is a 9-character string broken into three chunks of 3 (rwx, r-x, r--):
  • r = Read (View the file)
  • w = Write (Edit the file)
  • x = Execute (Run the file as a program)

In the example above: The Owner can read/write/execute. The Group can read/execute. Everyone else can only read.

7. The Power of sudo

Some files, like system passwords (/etc/shadow), are locked. A normal user cannot read them. The "Superuser" in Linux is named root. Root is a god; root can do anything. Instead of logging in as root (which is dangerous), you use the sudo (SuperUser DO) command to temporarily borrow root privileges for a single command.

*Example:* cat /etc/shadow -> "Permission denied" sudo cat /etc/shadow -> (Asks for your password) -> Displays the file!

8. Mini Project: Practice Linux Administration Tasks

Let's build some muscle memory in the terminal.

Step-by-Step Walkthrough: *(Run these in your Kali Terminal)*

  1. 1. Update your system: The most important defensive security task.

bash
12 
sudo apt update
sudo apt upgrade -y
  1. 2. Navigate home: cd ~
  1. 3. Create a folder: mkdir my_lab
  1. 4. Enter it: cd my_lab
  1. 5. Create a file: echo "This is a secret note" > secret.txt
  1. 6. Read it: cat secret.txt
  1. 7. Change Permissions: Make it so ONLY the owner can read it, and no one else can even see it. (The number 600 means Read/Write for owner, nothing for anyone else).
bash
1 
chmod 600 secret.txt
  1. 8. Verify: Run ls -la secret.txt to confirm the permissions changed to -rw-------.

9. Real-World Scenarios

A penetration tester gains a low-level foothold on a corporate web server. They are a normal user www-data. They want to steal the database passwords, but those are stored in a file owned by root. The pentester searches the system and finds a misconfigured backup script. The system administrator accidentally gave the www-data user sudo privileges to run that *one* specific script without a password. The pentester exploits this misconfiguration (Privilege Escalation) to trick the script into reading the password file for them.

10. Best Practices

  • Never browse as Root: Older versions of Kali Linux logged you in as root by default. This is a massive security risk. If you are browsing the web as root and click a malicious link, the malware instantly has god-level access to your computer. Always log in as a standard user (like kali) and use sudo only when necessary.

11. Exercises

  1. 1. What is the difference between an absolute path (e.g., /var/log/auth.log) and a relative path (e.g., ../log/auth.log)?
  1. 2. If a file has the permissions -rwxrwxrwx (also known as 777), what is the security implication?

12. FAQs

Q: Do I have to memorize every Linux command? A: No! You only need to memorize the basics (cd, ls, cat, grep). For everything else, Linux has built-in manuals. Just type man [command] (e.g., man ls) to open the instruction manual for that tool.

13. Interview Questions

  • Q: Explain the Linux file permission architecture. What does the chmod 755 command do to a file, and who benefits from those permissions?
  • Q: You are logged into a Linux server and suspect a malicious user has added a new account. Which directory and specific file would you check to review the list of registered users?

14. Summary

In Chapter 3, we embraced the command line interface. We mapped out the Linux directory structure, understanding where critical configuration and variable files live. We learned the fundamental commands required to navigate the system without a mouse. Crucially, we dissected the Linux permission model (rwx) and the immense responsibility of the sudo command, establishing the foundational knowledge required for both system hardening and privilege escalation.

15. Next Chapter Recommendation

You can navigate a single computer. But cybersecurity is about computers talking to each other. To defend a network, you must understand how data travels. Proceed to Chapter 4: Networking Fundamentals for Ethical Hackers.

Finish this Chapter

Save your progress on your learning path and prepare for coding interview challenges.

Previous Chapter Setting Up a Safe Hacking Lab
Next Chapter Networking Fundamentals for Ethical Hackers

Discussion

Join the discussion

Log in or create a free account to participate.

Sort: ·

Explore More

📖 Related Tutorials 4

Related Quizzes 5