Why do you need to learn Linux system for network security? According to incomplete statistics, the share of Linux system in data center operating systems is as high as 70%. It typically runs on servers and supercomputers.
Therefore, the website backend and app backend we visit on a daily basis are all deployed on Linux servers. If you do not know how to operate the Linux system, you will not be able to carry out hardening operations and penetration testing on the security of many large factory servers.
So how do we learn the Linux system?
First of all, you need to choose a Linux distribution. Rehat Red Hat can be used as a good introductory Linux operating system distribution for beginners. Genuine Red Hat requires authorization. If you have limited funds as a student, you can choose the centos system. Currently, there is centos7. And 8, I suggest that you can get started with the centos7 system. There are many online tutorials in this version, which is convenient for beginners to complete various system operations and service construction.
When installing the Linux operating system, there will be a graphical interface mode and a terminal command mode. Personally, I recommend that beginners do not install the graphical interface mode. The graphical interface is like your Windows desktop operating system. Click the mouse to execute various instructions, so that It will cause you to rely on a graphical interface operating system, and our production environment does not have a graphical interface. So from the beginning we had to develop a terminal command line mode of operation.
Linux entry must learn
1. Basic commands
ls displays the contents of the folder. In Linux, if you want to view the contents of the current directory, you must use this command. This is quite different from Windows. After clicking a directory, Windows will automatically display the contents of the current directory, but Linux will not.
>-a :全部的档案,连同隐藏档( 开头为 . 的档案) 一起列出来~
>-A :全部的档案,连同隐藏档,但不包括 . 与 .. 这两个目录,一起列出来~
>-d :仅列出目录本身,而不是列出目录内的档案数据
>-f :直接列出结果,而不进行排序 (ls 预设会以档名排序!)
>-F :根据档案、目录等信息,给予附加数据结构,例如:
>*:代表可执行档; /:代表目录; =:代表 socket 档案; |:代表 FIFO 档案;
>-h :将档案容量以人类较易读的方式(例如 GB, KB 等等)列出来;
>-i :列出 inode 位置,而非列出档案属性;
>-l :长数据串行出,包含档案的属性等等数据;
>-n :列出 UID 与 GID 而非使用者与群组的名称 (UID与GID会在账号管理提到!)
>-r :将排序结果反向输出,例如:原本档名由小到大,反向则为由大到小;
>-R :连同子目录内容一起列出来;
>-S :以档案容量大小排序!
>-t :依时间排序
>--color=never :不要依据档案特性给予颜色显示;
>--color=always :显示颜色
>--color=auto :让系统自行依据设定来判断是否给予颜色
>--full-time :以完整时间模式 (包含年、月、日、时、分) 输出
>--time={atime,ctime} :输出 access 时间或 改变权限属性时间 (ctime)
>而非内容变更时间 (modification time) - cd change directory
cd /home Switch to the home directory under the root directory (/), which is equivalent to clicking a folder in windwos.
- pwd View current path
If you use the cd command to enter a lot of layer paths and do not know where the current directory is, you can use the pwd command to check which specific absolute path it is currently in.
- cp copy
>-a :将文件的特性一起复制
>-p :连同文件的属性一起复制,而非使用默认方式,与-a相似,常用于备份
>-i :若目标文件已经存在时,在覆盖时会先询问操作的进行
>-r :递归持续复制,用于目录的复制行为
>-u :目标文件与源文件有差异时才会复制cp /home/zc.txt / The meaning of this command is to copy the zc.txt file in the home directory to the root directory.
IT Q&A library 
http://www.mobiletrain.org/qa/
- mv moves the file, it is equivalent to the cut in our windows, and it also has the function of renaming
>-f :force强制的意思,如果目标文件已经存在,不会询问而直接覆盖
>-i :若目标文件已经存在,就会询问是否覆盖
>-u :若目标文件已经存在,且比目标文件新,才会更新There are many more basic Linux commands like the examples I mentioned above. I will list them here. If you don't know its specific usage, you can use the command --help to view the specific usage of a command. If you want to see more detailed examples You can use the method of man command to display its specific usage instructions.
mkdir,rmdir,rm,tar,gzip,ps,kill,killall,crontab,tree,free,top,chmod, chown,chgrp,useradd,usermod,userdel,groupadd,groupdel,sudo,passwd,groups,vi/vim,cat,more,less, tail,head,diff,ping,ssh,scp.telnet等
2, Lnux network learning
After learning basic Linux commands, you also need to understand Linux network configuration, such as Linux ip address static and dynamic configuration, ip configuration after adding a network card, dns configuration, static routing configuration, traffic forwarding configuration, etc.
3. Learning about Linux services
Many services can be built on the Linux system. We have to learn to build most of the commonly used services, because the security of Linux services is also the focus of our attention, such as nginx, apache, mysql, redis, firewall configuration, FTP service, samba service, zabbix , crontab, dhcp, dns, stmp, etc. You will build these services first to know where there may be security problems in the configuration.
4. Reinforcement of Linux servers
For example, after learning some Linux service configurations, we have to learn how to harden our Linux servers,
For example: the port we generally use for the ssh service is 22
Then we can change the default port to one of 2000--65535, so that when others scan our server, it is not easy to find the ssh port.
SSH remote login should also prohibit root login, log in as a normal user, and then switch to a super user.
The ssh password must use the pam unified authentication rules, the password must be strong, and the password must be entered incorrectly 3 times, and it will take time to enter it again.