Complete Linux Security & Hardening with Practical Examples
4.3 (167 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
5,990 students enrolled

Complete Linux Security & Hardening with Practical Examples

The Best Linux Security Course that prepare you to protects your Systems from attacks by hackers. Helps in RHCSA & RHCE
4.3 (167 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
5,991 students enrolled
Created by Imran Afzal
Last updated 5/2020
English [Auto-generated]
Current price: $139.99 Original price: $199.99 Discount: 30% off
5 hours left at this price!
30-Day Money-Back Guarantee
This course includes
  • 16 hours on-demand video
  • 17 articles
  • 47 downloadable resources
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
Training 5 or more people?

Get your team access to 4,000+ top Udemy courses anytime, anywhere.

Try Udemy for Business
What you'll learn
  • By the end of this course you will be able to apply most of the security measures in your Linux environment
  • You will be able to pass the Redhat Certified Engineer exam (EX300)
  • You will reduce the risk of your Linux system being hacked or attacked
  • You will have expert knowledge of Linux account and system securities
  • Basic understanding of Linux. My suggestion is to take my "Complete Linux Training Course to Get Your Dream IT Job"
  • You will need a Linux machine but if you have a Windows computer then you can install VirtualBox and install Linux (The instruction are covered in this course)

If you have basic understanding of Linux and want to enhance your skill in Linux security and system hardening then this course is perfect fit for you.  Many security policies and standards require system administrators to address specific user authentication concerns, application of updates, system auditing and logging, file system integrity, and more. This course provides strategies for addressing specific policy and configuration concerns.

This course is intended to develop the skills needed to ensure data integrity on computer systems for organizations with high security standards. 

I have 35,000+ students on Udemy platform and many of them are able to secure their dream job in IT field just by taking my courses.  I always start with basic and then dive into advance level

This course is best for someone who:

  • wants to learn almost everything about Linux security

  • wants to step-up in his/her career

  • is looking for a job in Linux

  • needs technical guidance on how to enhance the security of Linux systems

  • is responsible for implementing security policy requirements on Linux systems consistently and in a reproducible way

  • must be able to demonstrate that Linux systems meet security policy requirements

  • maintains continued adherence to security requirements, including management of security-critical operating system/software updates


Overview of the course:

There are total of 10 sections in this course

Section 1 – Introduction and Course Overview

  • Course Overview

  • Download Syllabus

Section 2 – Security Concepts

  • What is Security and OS Hardening?

  • Comparing House Security with Computer Security

  • Securing All Operating Systems

  • Importance of Linux Security

  • Security Implementation Tools

  • Type of Security Breach

  • Quiz, Handouts and Homework

Section 3 - Lab Setup (optional)

  • What is VirtualBox?

  • Installing Oracle VirtualBox

  • Creating First Virtual Machine

  • Linux Installation

Section 4 - Securing User Environment

  • Understanding /etc/passwd, /etc/group and /etc/shadow

  • The /etc/login.def File

  • Create User Account and Change Password

  • Change Password Parameters

  • Set Password Policy

  • Lock or Disable User Accounts Automatically

  • Lock or Disable User Accounts Manually

  • Lock User Account After 3 Failed Attempts

  • Restrict root Login

  • Disable SSH Access for a Specific User

  • Implement UID/GID Policy

  • Centralized Authentication Service

  • sudo Access

  • Monitor User Activity

Section 5 - PAM (Pluggable Authentication Module)

  • What is PAM?

  • The Importance of PAM

  • The PAM Configuration Files Format

  • PAM Config File – Module Interfaces

  • Account Access Through PAM

  • PAM Config File – Control Flags

  • PAM Config File – Modules (SO)

  • PAM Aware Services and Stacks

Section 6 - Securing Linux Filesystem

  • Linux File Types

  • Linux File Attributes

  • Linux File Ownership and Permissions

  • Changing File Permission

  • Changing File Ownership

  • Access Control List (ACL)

Section 7 - Securing Linux System

  • Message of the Day and customizing message of the day

  • Physical Server Security

  • Remove Unnecessary or Orphan Packages

  • Keep Kernel and System Up to Date

  • Stop and Disable Unwanted Services

  • Separate Disk Partitions

  • Disable Ctrl+Alt+Delete

  • Running One Service per System

  • Change Default Console Passwords

  • Disable USB Stick Detection

  • Enable Network Time Protocol (NTP or Chronyd)

  • Lockdown Cronjobs

  • Change SSH Ports

  • SELinux (longest lecture and lab)

  • Backups

Section 8 - Securing Linux System Network

  • Introduction to Firewall

  • iptables (tables, chains and targets)

  • iptables (practical examples)

  • Firewall (firewalld)

  • firewalld (Practical Examples)

  • firewalld (GUI)

  • Encrypt Incoming and Outgoing Traffic

  • SSH vs. Telnet

  • Turn Off IPV6 (If not in use)

Section 9 - Securing Environment Around Linux

  • Hardware/Network Firewall

  • Network Address Translation (NAT)

  • VPN Tunnel

  • Application and Database Encryption

Section 10 - Additional Resources

  • Many more lectures on Linux...


Here is the testimonial from my students:

  • To all of you that are looking for a REALLY GOOD LINUX course, THIS IS IT, SERIOUSLY I promise you won't find a course on LINUX here that is THIS GOOD. -- T.J. Marstiller (Udemy Student)

  • Imran is a very knowledgeable and engaging instructor. As others have said, you can tell that he is not just trying to sell a course, but that he is invested in giving his students a strong career foundation with a positive and approachable attitude. He is also entertaining with his use of pop culture and practical work examples. It really feels like you're in a classroom with him. I'm taking this course mainly as a hobbyist, but got a lot from it already. The homework assignments, quizzes, and handouts help reinforce the material.   -- Raymond B.  (Udemy Student)

  • Main thing about course is its simplicity and the hierarchy. Design is very good and easy which helps to understand things better.  -- Akash Garg (Udemy Student)

  • I just love the teaching ad the learning experience I am getting  -- Jacob Samba (Udemy Student)

  • Imran Afzal might be my favorite teacher I've EVER had. He is funny, and engaging. The course was easy to follow, and with no experience starting I am now extremely comfortable with Linux, and actually really like it. He does make you do your googles, but this is not a bad thing especially considering the nature of IT and documentation to solve your own problems. I highly recommend.  -- Vanessa Diaz-Goumond (Udemy Student)

  • The course is run very well and I really like the handouts and the homework that is assigned. The homework helps me learn and continue with the learning process even when adult life is still progressing forward.  -- Thomas Rogers (Udemy Student)

  • Such an amazing instructor. Imran must have put in a lot of effort in structuring the course and taking the student step by step, he takes his time in explaining everything, from what Linux is, how to down load it, coding, etc. I have taken other courses from Imran. I am a student for life. Keep it up and please keep preparing more courses for please like us who can benefit from your way of teaching, knowledge and experience. Thank you.  -- Ali Shiekh (Udemy Student)

  • In the first place I say a big thank you to the instructor for making such a great course. I was afraid to learn Linux. I now feel very comfortable with Linux. I have understood both the concept behind and the practical as well. I would recommend every one who is NEW to Linux and wants to grab it once and for all without wasting time to go ahead and ENROLL. You will not regret it. I would like the instructor to do same for WINDOWS SERVER ADMIN., I don't seem to find any better and beginner oriented course out there that could be matched with this course. To me, it is the BEST Linux Course on Online. I just started some real world projects with Linux after this great course, I was new to Linux and in just a month I am on the command line always playing.  -- Opoku Bright (Udemy Student)

  • I genuinely look forward to additional courses in the future. This has been so informative. You hear the name oracle all the time, but this was well put in layman’s terms  -- Atoofa Hasan (Classroom Student)

  • Imran Afzal eats, breathes and sleeps Linux! He really knows his stuff. I feel like he has brought me from a novice level education to masters level in a short time period. Anyone who is looking to get a job in Linux should definitely take this course.  -- TJ Walker (Udemy Student)

Who this course is for:
  • Anyone who wants to have complete understanding Linux security and OS hardening
  • Anyone who wants to advance his/her career
  • Anyone who wants to pass the RHCE EX300 exam
Course content
Expand all 128 lectures 15:53:09
+ Security Concepts
9 lectures 27:18
Welcome to Security Concepts

In this lecture we will cover the concept of Linux security and OS hardening.  What is the difference between security and OS hardening.  Also we will talk about security in general, computer security and Linux security

What is Security and OS Hardening?

In this lecture we will cover Linux or Computer security with your home security so it will be easier to understand how security works in IT world

Comparing House Security with Computer Security

If Linux is connected to Windows or Solaris

Securing All Operating Systems

We will talk about the importance of security such as:

  • Data protection

  • Protect system resources (memory, CPU, disk etc.)

  • Protect application workflows

  • Audit compliance (service organization controls – SOC reports)

  • SOC became effective on June 15th, 2011

  • Less human errors

  • Control management (who gets what, who can access what)

  • Peace of mind

Preview 06:20

There are many way computer security can be implemented and most of them are listed as follow which will be covered in this lecture:

Manual security configuration

  • User Accounts

  • File Systems

  • System access

  • System security (system configuration files)

  • OS network layer security

Automate through scripts

  • Create a script

  • Copy over or access over network

  • Execute one by one on each server

Deployment tools (Ansible, puppet. Etc.)

3rd part security software (e.g. McAfee) – Not for all security measures

Security Implementation Tools

In this lecture we are covering type of computer or linux security breach:


  • Steel

  • Corrupt

  • Remove


  • Apache webserver

  • Database

  • Financial applications

Operating System

  • Filesystem corruption

  • System failure

  • Process management


  • Attack on CPU, Memory, etc.

Preview 04:19
7 questions
+ Lab Setup
8 lectures 01:06:28
Welcome to Lab Setup

This lecture is all about understanding of Oracle VirtualBox and how it allows us to run multiple virtual machines

What is Oracle VirtualBox?

VirtualBox is a free virtualization tool which allows you to run multiple virtual machines on one host.  In this lecture you will learn how to download, install and configure VirtualBox. 

  • Simply to go any search engine and type download Oracle virtualbox

  • The very first result should give you the link as "Go to Download" under

  • Click on "Go to Download" link and on the next page click on the download that is appropriate for your host platform. e.g. if you are running Windows on your PC then pick "Windows Host"

  • Once clicked on the link it will give you the option to download

  • Start the download process and upon completion run the executable which will guide you through the entire installation process

Downloading and Installing Oracle VirtualBox

In this lecture we will cover how to create a virtual machine on Oracle virtualbox and use it for Linux CentOS installation

Creating First Virtual Machine

This lecture is all about CentOS download, installation and configuration

Linux CentOS7 Installation (Recommended)
Linux CentOS8 Installation (Optional)
5 questions
+ Securing User Environment
19 lectures 02:30:01
Welcome to Securing User Environment
Understanding /etc/passwd
Understanding /etc/group
Understanding /etc/shadow
The /etc/login.def File
Create User Account and Change Password
Change Password Parameters
Set Password Policy
Lock or Disable User Accounts
Lock or Disable User Accounts Manually

Lock User Account After 3 Failed Attempts

Restrict root Login
Disable SSH Access for a Specific User
Implement UID/GID Policy
Centralized Authentication Service
sudo Access

Following are the different ways a user activity can be monitored

  • /var/log/messages = All system related messages

  • /var/log/secure = user login activity including failures

  • last = View history of all logged users

  • last <username> = View login history of a certain user

  • lastb = View all bad login attempts

  • who or w = Who is currently logged in (tty and pts)

    • tty = console

    • pts = xterm, putty, other terminals

  • /home/user/.bash_history = User command history

  • tcpdump = Server incoming and outgoing traffic

  • /etc/rsyslog.conf = Logging configuration

  • ps –ef | grep username = Monitor user running processes.

Monitor User Activity
18 questions
+ PAM (Pluggable Authentication Module)
11 lectures 46:30
Welcome to PAM
What is PAM?
The Importance of PAM
The PAM Configuration Files Format
PAM Config File – Module Interfaces
Account Access Through PAM
PAM Config File – Control Flags
PAM Config File – Modules (SO)
PAM Aware Services and Stacks
15 questions

Please download all handouts

+ Securing Linux Filesystem
9 lectures 50:14
Welcome to Securing Linux Filesystem

In this lecture we will cover different types of Linux files

Preview 05:14

This lecture is all about the output of ls -l command in Linux

Linux File Attributes
Linux File Ownership and Permissions

We will learn how to change a file or directory permissions using chmod command

Changing File Permission - LAB

We will learn how to change a file or directory ownership using chown and chgrp commands

Changing FIle Ownership - LAB

In this lecture we are going to cover Access Control List (ACL).  It is used to assign file or directory permission to a specific users and groups

Some of the commands we will cover are as follow:

1) To add permission for user

setfacl -m u:user:rwx /path/to/file

2) To add permissions for a group

setfacl -m g:group:rw /path/to/file

3) To allow all files or directories to inherit ACL entries from the directory it is within

setfacl -dm "entry" /path/to/dir

4) To remove a specific entry

setfacl -x u:user /path/to/file (For a specific user)

5) To remove all entries

setfacl -b path/to/file (For all users)

Access Control List (ACL)
10 questions

Please download all handouts

+ Securing Linux System
19 lectures 02:45:12
Welcome to Securing Linux System
Message of the Day
Customize Message of the Day

Physical Server Security

The first rule is to keep your server lean and mean. Install only those packages that you really needed. If there are unwanted packages, delete them. The fewer the packages the less chance of unpatched code


•Do not install packages that you do not need during the initial installation

•Pay close attention to the add-on packages

To get a list of all packages

# rpm –qa (CentOS)

# apt list –installed (Ubuntu)

Remove packages

# rpm –e package_name

# apt-get remove package_name

Orphaned Packages:

The objective is to remove all orphaned packages from CentOS Linux. By orphaned packages we mean all packages which no longer serve a purpose of package dependencies.

For example, package A is depended on package B, thus, in order to install package A the package B must also be installed. Once the package A is removed the package B might still be installed, hence the package B is now orphaned package

•A built-in utility which allows you to check for orphaned packages


•Check if that exist in your system

# rpm –qa | grep yum-utils

•If not then install

# yum install yum-utils

•Get a list of all orphaned packages

# package-cleanup –leaves


# yum remove `package-cleanup –leaves`

# apt-get autoremove

Remove Un-necessary or Orphan Packages
  • Register to OS providers websites such as Redhat, CentOS, Ubuntu, Debian etc.

  • Stay connected with the technical news feeds and OS community

  • Run package management software such as Redhat Satellite or Ubuntu Landscape

# yum update or upgrade

# apt-get update

upgrade = will delete obsolete packages

update = will preserve obsolete packages

Keep Kernel and System Up to Date

Before you can decide which services are unnecessary, you need to know which services are running. To find out, run

# netstat –l

# netstat –tulpn

# systemctl

# chkconfig –list (older version of CentOS)

# service --status-all | grep running (CentOS or Ubuntu)

# ps –ef

Disabling through PAM files

•Looking at the files in /etc/pam.d/, you'll probably see configuration files for a number of programs you don't use and maybe even a few you've never heard of. The best way to disable PAM authentication for these programs is to rename these files. Not finding the file named after the service requesting authentication, PAM will fallback to the (hopefully) very secure /etc/pam.d/other

•If you later find that you need one of these programs, you can simply rename the file to its original name and everything will work as it was intended

To stop a service

# chkconfig httpd off

# chkconfig httpd disable

# systemctl stop httpd

# systemctl disable httpd

Example of httpd package and service

# rpm –qa | grep httpd

# yum install httpd

# systemctl start httpd

# ps –ef | grep http


# netstat –tulpn

# systemctl stop httpd

# systemctl disable httpd

Stop and Disable Unwanted Services
  • A disk in Linux should be partition into the following mounts








    How disk partitioning can help?

    • Partitioning your drive can also keep your data safer from malware attacks. If ransomware lands on your Linux partition, it would have a lesser chance of locking your personal or critical files on another partition

    • If a partition gets full it can be easily extended using LVM and it won’t impact other partitions

    • Disk partitioning can enhance your system or application performance

    • Utilize other filesystems for each partition (e.g. ext4, XFS etc.).

Separate Disk Partitions

Here in this lecture we will cover how to disable alt+ctrl+del in Linux

Command to check the status or alt+ctrl+del

# systemctl status (CentOS and Ubuntu)

Command to disable alt+ctrl+del

# systemctl disable

For earlier version like CentOS/RHEL 6 the file that handles Ctrl-Alt-Del


The above steps will not disable “ctrl+Alt+delete” key combination in GUI mode. To disable it in GUI change keyboard settings

Go to your Linux Console as root --> Navigate to Applications --> System Tools --> Settings --> Devices --> Keyboard --> Keyboard Shortcuts --> System --> Logout --> Enter

Set value of "Logout" as Disabled by hit Backspace à Set

Disable Ctrl+Alt+Delete

One Network Service Per System or VM Instance

Run different network services on separate servers or VM instance. This limits the number of other services that can be compromised. For example, if an attacker able to successfully exploit a software such as Apache flow, he or she will get an access to entire server including other services such as MySQL/MariaDB/PGSql, e-mail server and so on

Running One Service per System

In this lecture we will cover how to change console default passwords

Change Default Console Passwords (Only Physical)

To disable USB stick detection

•Create a file /etc/modprobe.d/no-usb and add the following line

install usb-storage /bin/true

Disable USB Stick Detection

In this lecture we will cover how we can setup network time protocol / chronyd

•Configuration File



•Command Syntax

systemctl restart ntpd

systemctl restart chronyd

service ntpd start/restart

•Process or Daemon




systemctl status chronyd / ntpd

chronyc sources

ntpq à peers




Enable an Network Time Protocol (NTP or Chronyd)
Lockdown Cronjobs

Change SSH port number 22:

  • Open the /etc/ssh/sshd_config file

  • replace default Port 22 with different port number say 1110

  • save & exit from the file

  • service sshd restart

  • ssh username@IP -p 1110

Preview 08:54

What is SELinux?

•Security-Enhanced Linux is a Linux kernel security module that provides a mechanism for supporting access control security policies, including mandatory access controls. (Wikipedia)

•It is a project of the United States National Security Agency (NSA) and the SELinux community



•A system backup is the process of backing up the operating system, files and system-specific useful/essential data

•It is used in case of hardware, OS, application failures as well as security breach

5 Different Types of Backups

1.System backup

• Physical system (entire image using tools such as acronis, Veeam, Commvault etc.)

• Virtual system (snapshots)

2.Application backup (3rd party application backup solution)

3.Database backup (Oracle dataguard, SQL backup etc.)

4.Filesystem backup (tar, gzip directoris etc.)

5.Disk backup or disk cloning (dd command)

21 questions
+ Securing Linux System Network
12 lectures 01:37:51
Welcome to Securing Linux Network

What is Firewall

•A wall that prevents the spread of fire

•When data moves in and out of a server its packet information is tested against the firewall rules to see if it should be allowed or not

•In simple words, a firewall is like a watchman, a bouncer, or a shield that has a set of rules given and based on that rule they decide who can enter and leave

•There are 2 type of firewalls in IT

Software = Runs on operating system

Hardware = A dedicated appliance with firewall software

Introduction to Firewall

•There are 2 tools to manage firewall in most of the Linux distributions

iptables = For older Linux versions but still widely used

firewalld = For newer versions like 7 and up

•You can run one or the other

•In this lecture we will work with iptables to manage firewall

•Before working with iptables make sure firewalld is not running and disable it

service OR systemctl stop firewalld = To stop the service

systemctl disable firewalld = To prevent from starting at boot time

systemctl mask firewalld = To prevent it from running by other programs

•Now check if you have iptables-services package installed

rpm –qa | grep iptables-services

yum install iptables-services - If not installed then

•Start the service

systemctl start iptables

systemctl enable iptables

•To check the iptables rules

iptables –nvL

•To flush iptables.

iptables -F

Preview 10:49
Firewall (iptables – practical examples)
Firewall (firewalld)

•The firewalld has multiple zone, to get a list of all zones

firewall-cmd --get-zones

•To get a list of active zones

firewall-cmd --get-active-zones

•To get firewall rules for public zone

firewall-cmd --zone=public --list-all


firewall-cmd --list-all

•All services are pre-defined by firewalld. What if you want to add a 3rd party service


Simply cp any .xml file and change the service and port number

•To add a service (http)

firewall-cmd --add-service=http

•To remove a service

firewall-cmd --remove-service=http

•To reload the firewalld configuration

firewall-cmd --reload

•To add or remove a service permanently

firewall-cmd --add-service=http --permanent

firewall-cmd --remove-service=http --permanent

•To add a service that is not pre-defined by firewalld


Simply cp any .xml file FILENAME.xml and change the service and port number

systemctl restart firewalld

firewall-cmd --get-services (to verify new service)

firewall-cmd --add-service=sap

•To add a port

firewall-cmd --add-port=1110/tcp

•To remove a port

firewall-cmd --remove-port=1110/tcp

•To reject incoming traffic from an IP address

firewall-cmd --add-rich-rule='rule family="ipv4" source address=“" reject’

•To block and unblock ICMP incoming traffic

firewall-cmd --add-icmp-block-inversion

firewall-cmd --remove-icmp-block-inversion

•To block outgoing traffic to a specific website/IP address

firewall-cmd--direct --add-rule ipv4 filter OUTPUT 0 -d -j DROP

Firewall (firewalld – Practical Examples)
Firewall (firewalld GUI)

All data transmitted over a network is open to monitoring. Encrypt transmitted data whenever possible with password or using keys / certificates.

  • Use scp, ssh, rsync, or sftp for file transfer.

Under most network configurations, user names, passwords, FTP / telnet / rsh commands and transferred files can be captured by anyone on the same network using a packet sniffer. The common solution to this problem is to use either OpenSSH , SFTP, or FTPS (FTP over SSL), which adds SSL or TLS encryption to FTP. Type the following yum command to delete NIS, rsh and other outdated service:

# yum erase xinetd ypserv tftp-server telnet-server rsh-server

If you are using a Debian/Ubuntu Linux based server, try apt-get command/apt command to remove insecure services:

$ sudo apt-get --purge remove xinetd nis yp-tools tftpd atftpd tftpd-hpa telnetd rsh-server rsh-redone-server

Encrypt Incoming and Outgoing Traffic
SSH vs. Telnet
  • Internet Protocol version 6 (IPv6) provides a new Internet layer of the TCP/IP protocol suite that replaces Internet Protocol version 4 (IPv4) and provides many benefits

  • If you are NOT using IPv6 disable it

Turn Off IPV6 (If not in use)
19 questions
+ Securing Environment Around Linux
9 lectures 39:21
Welcome to Securing Environment Around Linux
Hardware/Network Firewall
Network Address Translation (NAT)
VPN Tunnel
Application and Database Encryption
Types of Security Threats
6 questions
+ Additional Resources
26 lectures 04:56:06
Welcome to Additional Resources
Getting Linux Commands Help
Compress and Uncompress Files
Absolute and Relative Path
Changing Password
sed Command Examples
Talking to Users
Hard and Soft Link
User Directory Authentication
Difference AD, openLDAP, WinBind etc.
System Log Monitor
Recover Root Password
File Transfer Commands
NIC Bonding
Advance Package Management
File System Check
Compress and uncompress
File Maintenace Commands
File Ownership Commands
Environment Variable
Linux File Editor - vi
Process Management
User Account Management
Create Local Yum Repo
Securing Linux Machine - Quick Recap