Merge pull request #32 from SCAR-iT-COLO/22-sanitize-chapter-9

Removed some hyperlinks and cleaned up a few codeblocks
2024-11-13 11:59:58 -07:00 · 2024-11-13 11:59:58 -07:00 · eb9228c564
commit eb9228c564
parent 57d07f1f13 ecced9e5bb
4 changed files with 53 additions and 120 deletions
--- a/Concepts/Filesystem
+++ b/Concepts/Filesystem
@ -17,18 +17,14 @@ Key features:

 On most Linux distributions, eCryptfs can be installed using the package manager:

-```bash
-# For Ubuntu/Debian:
-sudo apt-get install ecryptfs-utils
-```
-```bash
-# For Fedora:
-sudo dnf install ecryptfs-utils
-```
-```bash
-# For Arch Linux:
-sudo pacman -S ecryptfs-utils
-```
+For Ubuntu/Debian:
+`sudo apt-get install ecryptfs-utils`
+
+For Fedora:
+`sudo dnf install ecryptfs-utils`
+
+For Arch Linux:
+`sudo pacman -S ecryptfs-utils`

 ## 3. Setting up eCryptfs

@ -66,15 +62,11 @@ mount -t ecryptfs ~/encrypted ~/encrypted

 ### - Unmounting:

-```bash
-umount ~/encrypted
-```
+`umount ~/encrypted`

 ### - Checking mount status:

-```bash
-mount | grep ecryptfs
-```
+`mount | grep ecryptfs`

 ## 5. Key Management

@ -82,15 +74,11 @@ eCryptfs uses a passphrase to derive the encryption key. This passphrase is stor

 ### - Adding a key to the keyring:

-```bash
-ecryptfs-add-passphrase
-```
+`ecryptfs-add-passphrase`

 ### - Removing a key from the keyring:

-```bash
-keyctl purge user ecryptfs
-```
+`keyctl purge user ecryptfs`

 ## 6. Advanced Features

@ -98,15 +86,11 @@ keyctl purge user ecryptfs

 Create a file containing your mount options:

-```bash
-echo "passphrase_passwd=your_passphrase" > ~/.ecryptfsrc
-```
+`echo "passphrase_passwd=your_passphrase" > ~/.ecryptfsrc`

 Then mount using:

-```bash
-mount -t ecryptfs -o conf=~/.ecryptfsrc ~/encrypted ~/encrypted
-```
+`mount -t ecryptfs -o conf=~/.ecryptfsrc ~/encrypted ~/encrypted`

 ### - Using different encryption for different directories:

@ -125,15 +109,11 @@ You can mount multiple eCryptfs directories with different encryption settings b

 If you can't mount the filesystem, check if the required kernel modules are loaded:

-```bash
-lsmod | grep ecryptfs
-```
+`lsmod | grep ecryptfs`

 If not present, load them:

-```bash
-sudo modprobe ecryptfs
-```
+`sudo modprobe ecryptfs`

 ## !!!If you forget your passphrase, there's no way to recover the data. Always keep secure backups!!!

--- a/Concepts/Network
+++ b/Concepts/Network
@ -16,36 +16,28 @@ OpenSSL is a robust, full-featured open-source toolkit that implements the Secur
 OpenSSL is available for various operating systems. Here are basic installation instructions:

 - Linux: Most distributions come with OpenSSL pre-installed. If not, use package managers:
-  ```bash
-  sudo apt-get install openssl libssl-dev  # For Debian/Ubuntu
-  ```
-  ```bash
-  sudo yum install openssl openssl-devel   # For CentOS/RHEL
-  ```
+  `sudo apt-get install openssl libssl-dev  # For Debian/Ubuntu`
+
+  `sudo yum install openssl openssl-devel   # For CentOS/RHEL`

 - macOS: Use Homebrew:
-  ```
-  brew install openssl
-  ```
+  `brew install openssl`

 - Windows: Download the installer from the official OpenSSL website.

 ## 4. Basic OpenSSL Commands

 - Generate a private key:
-  ```bash
-  openssl genrsa -out private.key 2048
-  ```
+
+  `openssl genrsa -out private.key 2048`

 - Create a Certificate Signing Request (CSR):
-  ```bash
-  openssl req -new -key private.key -out certificate.csr
-  ```
+
+  `openssl req -new -key private.key -out certificate.csr`

 - Generate a self-signed certificate:
-  ```bash
-  openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365
-  ```
+
+  `openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365`

 ## 5. Implementing SSL/TLS in Network Applications

--- a/Concepts/Security
+++ b/Concepts/Security
@ -11,10 +11,7 @@ Fail2Ban is an intrusion prevention software framework that protects Linux syste
 - Updates firewall rules to block banned IPs

 ### Installation:
-```bash
-sudo apt-get update
-sudo apt-get install fail2ban
-```
+`sudo apt-get update && sudo apt-get install fail2ban`

 ### Configuration:
 - Main configuration file: `/etc/fail2ban/jail.conf`
@ -56,10 +53,7 @@ AIDE is a file and directory integrity checker that detects unauthorized changes
 - Reports any discrepancies, indicating potential security breaches

 ### Installation:
-```bash
-sudo apt-get update
-sudo apt-get install aide
-```
+`sudo apt-get update && sudo apt-get install aide`

 ### Configuration:
 - Main configuration file: /etc/aide/aide.conf
--- a/Concepts/Understanding
+++ b/Concepts/Understanding
@ -18,17 +18,13 @@ SELinux operates in three modes:
 - Disabled: SELinux is turned off

 To check the current mode:
-```
-getenforce
-```
+`getenforce`

 To change modes temporarily:
-```bash
-setenforce 0 # Set to permissive
-```
-```bash
-setenforce 1 # Set to enforcing
-```
+
+`setenforce 0` # Set to permissive
+
+`setenforce 1` # Set to enforcing

 To change modes permanently, edit /etc/selinux/config and reboot.

@ -43,10 +39,11 @@ system_u:object_r:httpd_sys_content_t:s0
 ```

 To view contexts:
-```
-ls -Z # For files
-ps auxZ # For processes
-```
+
+`ls -Z` # For files
+
+`ps auxZ` # For processes
+

 ## 4. SELinux Policies

@ -59,84 +56,56 @@ SELinux uses policies to define allowed actions. Two main policy types:
 Booleans are on/off switches that allow runtime customization of SELinux policies.

 To list all booleans:
-```
-getsebool -a
-```
+`getsebool -a`

 To change a boolean:
-```bash
-setsebool httpd_can_network_connect on
-```
+`setsebool httpd_can_network_connect on`

 To make the change persistent:
-```bash
-setsebool -P httpd_can_network_connect on
-```
+`setsebool -P httpd_can_network_connect on`

 ## 6. Troubleshooting SELinux

 - Check for denials:
-```
-ausearch -m AVC,USER_AVC,SELINUX_ERR -ts recent
-```
+`ausearch -m AVC,USER_AVC,SELINUX_ERR -ts recent`

 - Use SELinux troubleshooter:
-```
-sealert -a /var/log/audit/audit.log
-```
+`sealert -a /var/log/audit/audit.log`

 - Analyze SELinux logs:
-```
-grep "SELinux" /var/log/messages
-```
+`grep "SELinux" /var/log/messages`

 ## 7. File and Directory Labeling

 To change the SELinux context of a file or directory:
-```
-chcon -t httpd_sys_content_t /path/to/file
-```
+`chcon -t httpd_sys_content_t /path/to/file`

 To restore the default context:
-```
-restorecon -v /path/to/file
-```
+`restorecon -v /path/to/file`

 ## 8. Managing SELinux Modules

 List available modules:
-```
-semodule -l
-```
+`semodule -l`

 Enable a module:
-```
-semodule -e modulename
-```
+`semodule -e modulename`

 Disable a module:
-```
-semodule -d modulename
-```
+`semodule -d modulename`

 ## 9. Creating Custom SELinux Policies

 For complex environments, you may need to create custom policies:

 - Install policy development tools:
-```
-yum install selinux-policy-devel
-```
+`yum install selinux-policy-devel`

 - Write a policy module (.te file)
 - Compile and package the module:
-```
-make -f /usr/share/selinux/devel/Makefile
-```
+`make -f /usr/share/selinux/devel/Makefile`
 - Install the module:
-```
-semodule -i mymodule.pp
-```
+`semodule -i mymodule.pp`

 ## 10. SELinux and Containers

@ -145,9 +114,7 @@ SELinux provides strong isolation for containers:
 - Prevents container processes from accessing host resources

 To run a container with a specific SELinux context:
-```
-docker run --security-opt label=type:svirt_lxc_net_t my_image
-```
+`docker run --security-opt label=type:svirt_lxc_net_t my_image`

 ## 11. Best Practices