As I continue my cybersecurity journey I wanted to publish my notes in order to provide helpful write-ups for other learners on the same journey, with the added benefit of explaining the concepts in a beginner friendly way. I intend to break things down bit by bit and provide further clarification for learners.

The first TryHackMe module is Linux Fundamentals. THM has broken this module down into three sections. Calling on my technical writing degree, I will attempt to break the sections down into simpler language and elaborate when needed.

This section helps us learn how deploy and use the Linux virtual machine and the terminal to navigate the filesystem, using commands like 'find' and 'grep' for efficient data finding. It also helps us learn to power up our commands by learning about some of the important shell operators.

History of Linux

Linux is a command line operating system first released in 1991. The name "Linux" is actually an umbrella term for multiple OS's that are based on UNIX, another operating system. As UNIX is open-source, variants of Linux comes in all shapes and sizes.

Linux has evolved into the most reliable operating system on the planet. It’s used for embedded systems to virtually all supercomputers for a good reason.

Linux Kernel

Linux provides a free and open kernel that can be used as the foundation for building operating systems. Using a Linux operating system means that you are using Linux + GNU (operating system).

The Linux kernel works together with an OS and acts as an interface between the hardware and software components. Linux essentially works in lower level of the system and converts instructions into mission code, while the Operating System offers extra tools like GUI (graphical user interface), the shell, and it works in a higher level of the overall system.

To explain further, an Operating System (OS) is a system software while Kernel is a system software which is part of operating system. The Operating System provides an interface between the user and the hardware while the Kernel provides an interface between the applications and the hardware.

Similar to how you have different versions Windows (7, 8 and 10), there are many different versions/distributions of Linux. For example, Ubuntu is a type of Linux distribution. You can run Ubuntu as a server (such as websites & web applications) or as a fully-fledged desktop.

Things powered by Linux:

• Websites that you visit

• Car entertainment/control panels

• Point of Sale (PoS) systems such as checkout tills and registers in shops

• Critical infrastructures such as traffic light controllers or industrial sensors

Advantages of Linux

A large selling point of using OSs such as Ubuntu is how lightweight they can be. This, of course, doesn't come without its disadvantages, where for example, often there is no GUI (Graphical User Interface- more user-friendly than a command line, especially for new or novice users.) or what is also known as a desktop environment that we can use to interact with the machine (unless it has been installed). A large part of interacting with these systems is using the "Terminal".

The Terminal Explained

The "Terminal" is a text-based interface used to control a Linux computer. It's just one of the many tools provided to Linux users for accomplishing any given task, but it's widely considered the most efficient method available. Outside of writing code, it's certainly the most direct method possible.

A command line (CLI) is an interface of the terminal where the user types a command for the computer to process (which is expressed as a sequence of characters — typically a command name followed by some parameters) and presses the Return key to execute that command.

In plain English once again, it's the space in which you enter the commands the computer will process. (Terminal and CLI are terms which can be used interchangeably)

Basic Terminal / Command Line Functions:

A command is a special keyword you can use in a terminal to tell your computer to perform an action. Most commands are tiny little applications that get installed with the rest of your operating system. You may not realize they're on your computer because they're generally kept in relatively obscure directories.

Ie. $ ls documents (ls =command)

An argument is any part of a command that isn't the command. For instance, to list the contents of a specific directory, you can provide the name of that directory as an argument.

Ie. $ ls documents (document= argument)

Command options, also called flags or switches, are part of command arguments. A command argument is anything that follows a command, and an option is usually (but not always) demarcated by a dash or double dashes.

Here is a list of the Basic Functions used to navigate to files, output their contents and make files:

Echo- (output any text that we provide) prints a line of text/string that is passed as an argument to the terminal as standard output.

Whoami- find out what user we are currently logged in as

Ls- listing files in current directory

Cd- change directory

Cat- concatenate or display the contents of a file

Pwd- print working directory or finding out the full path to the current directory you are in

Also useful to know:

Path- A description of where a file or directory is on the filesystem.

Absolute Path- One beginning from the root of the file system (eg. /etc/sysconfig ).

Relative Path- One relative to where you currently are in the system (eg. Documents/music ).

**~ (tilde)-** -Used in paths as a reference to your home directory (eg. ~/Documents ).

. (dot)- Used in paths as a reference to your current directory (eg. ./bin ).

**.. (dot dot)-** -Used in paths as a reference to your current directories parent directory (eg. ../bin ).

'Searching for Files' commands:

Find- automated finds files

Wildcard (*) - used to search for anything that has .txt at the end

Grep- allows us to search the contents of files for specific values we are looking for

Example terminal command:

find -name passwords.txt

Wildcard command example:

We can simply use what's known as a wildcard (*) to search for anything that has .txt at the end or if we dont know the file name. In our case, we want to find every .txt file that's in our current directory. We will construct a command such as find -name *.txt . Where "Find" has been able to find every .txt file and has then given us the location of each one.

Grep command example:

Take for example, the access log of a web server. In this case, the access.log of a web server has 244 entries. Using a command like cat isn't going to cut it too well here. Let's say for example if we wanted to search this log file to see the things that a certain user/IP address visited? Looking through 244 entries isn't all that efficient considering we want to find a specific value.

We can use grep to search the entire contents of a file for any entries of the value that we are searching for. Going with the example of a web server's access log, if we want to see everything that the IP address "81.143.211.90" has visited (note that this is fictional).

"Grep" can search through this file and has shown us any entries of what we've provided and that is contained within this log file for the IP given.

Fun fact:

Auto-Complete Feature:
Anytime you are entering a filename or file path, just click <TAB> and the shell will complete the path name for you. If there are multiple files with the same letters that you have already entered, pressing <TAB> twice will list all the possibilities.

History Command
When you execute any command, that command is saved within a file in your home directory.

The Shell

A shell is the primary interface that users see when they log in, whose primary purpose is to start other programs.

In unix circles, shell means a command-line shell, centered around entering the name of the application one wants to start, followed by the names of files or other objects that the application should act on, and pressing the Enter key.

An Introduction to Shell Operators

Operators are characters that offer various functionalities, such as command chaining, a technique where multiple commands are executed in a sequence, based on the success or failure of previous commands.

At an overview, the following operators are worth noting:

Operator "&"

The & shell operator is used to run a command in the background, allowing the user to move onto other tasks while the command runs to completion

For example, let's say we want to copy a large file. This will obviously take quite a long time and will leave us unable to do anything else until the file successfully copies.

The "&" shell operator allows us to execute a command and have it run in the background (such as this file copy) allowing us to do other things!

Operator "&&"

The '&&' operator allows for the execution of multiple commands in sequence, but only if the previous command executes successfully. It can be used between two commands, such as mkdir new_directory && cd new_directory . It's like a strict supervisor, ensuring each task is completed before moving on to the next.

This shell operator is a bit misleading in the sense of how familiar is to its partner "&". Unlike the "&" operator, we can use "&&" to make a list of commands to run for example command1 && command2. However, it's worth noting that command2 will only run if command1 was successful.

Output Redirection:

Redirection is a Linux feature where inputs and outputs of a command can be redirected to another command or a file using redirection operators.

Linux programmers use:

1*) Input redirection operator* to redirect the input given (not covered here yet)

1. Output redirection operator to redirect the output

A less-than sign (<) represents input redirection. On the other hand, a greater than sign (\>) is used for the output redirection. “<” and “>” are also called angled brackets.

“>” and “>>” both are output (STDOUT) direction operators, however, they differ in the following ways:

Operator ">"

This operator is an output redirector.

What this essentially means is that we take the output from a command we run and send that output to somewhere else.

Again, the below redirection operators redirect the result or the output.

A great example of this is redirecting the output of the echo command that we learned in Task 4. Of course, running something such as echo howdy will return "howdy" back to our terminal — that isn't super useful. What we can do instead, is redirect "howdy" to something such as a new file!

Let's say we wanted to create a file named "welcome" with the message "hey". We can run echo hey > welcome where we want the file created with the contents "hey."

Note: If the file i.e. "welcome" already exists, the contents will be overwritten!

Operator ">>"

This operator is also an output redirector like in the previous operator (>) we discussed. However, what makes this operator different is that rather than overwriting any contents within an existing file, for example, it instead just puts the output at the end.

Following on with our previous example where we have the file "welcome" that has the contents of "hey". If were to use echo to add "hello" to the file using the > operator, the file will now only have "hello" and not "hey".

The >> operator allows to append the output to the bottom of the file — rather than replacing the contents like so:

tryhackme@linux1:~$ echo hello >> welcome

tryhackme@linux1:~$ cat welcome

hey

hello

So overall, “>” is the output redirection operator used for overwriting files that already exist in the directory. While, the “>>” is an output operator as well, but, it appends the data of an existing file. Often, both of these operators are used together to modify files in Linux.

If you see anything I've missed or have suggestions to add, feel free to drop me a line or let me know in the comments. Happy learning!

-Mary

Sources: TryHackMe Pre-security Pathway: Linux Fundamentals 1-3, Cisco Networking Academy, Opensource.com, Ask Ubuntu, Shells.com