Defense and Network Security
Est. read time: 1 minute | Last updated: July 06, 2025 by John Gentile
Contents
Networking
Routing
- Manually map an alias/hostname to an IP address by adding to
/etc/hostsfile, like:192.168.56.4 mylinuxbox
SSH
- Use Key-based auth for SSH to aid in passwordless SSH login/commands- usually as simple as
$ ssh-copy-id <user>@<hostname/IP>. - How to Protect SSH with
fail2banon Ubuntu 22.04
SSH Tunneling
SSH Tunneling can be used to forward certain ports or services over a secure SSH connection. It’s also useful if a local system wants to expose non-SSH services but only has an SSH port open externally through a router. For example, to tunnel Remote Desktop (RDP) to a remote server <remote>:
$ ssh -L 8888:localhost:3389 <username>@<remote>
You can then connect to the RDP session with localhost:8888.
Also you can forward multiple ports in one connection, for example:
$ ssh -L 8888:localhost:8888 -L 8889:localhost:8889 <username>@<remote>
Tools
- Wireshark: prolific network protocol analyzer, packet capture and traffic visualization tool.
System Hardware Security
Disk Encryption
- Create a LUKS encryption layer on a selected disk (erasing everything on disk!) with
$ sudo cryptsetup luksFormat /dev/sdb. - Open encrypted drive with
$ sudo cryptsetup luksOpen /dev/sdb encrypted_drive.- If the disk hasn’t been formatted yet, do
$ sudo mkfs.ext4 /dev/mapper/encrypted_drive.
- If the disk hasn’t been formatted yet, do
- Mount the resultant unlocked drive with
$ sudo mount /dev/mapper/encrypted_drive /media/encrypted_drive.- You might need to change permissions on the mount folder to your user with
$ sudo chown -R username:group directory.
- You might need to change permissions on the mount folder to your user with
References
Maintained by John Gentile • Found a problem on this site? File an Issue
This work is licensed under a Creative Commons Attribution 4.0 International License.