Linux Threat Detection 3
Premium roomCover the last stages of attacks on Linux and learn how they look in system logs.
medium
60 min
9,267
To access material, start machines and answer questions login.
Not all attacks are simple brute force or cryptomining - some are carefully planned, targeted campaigns comparable to most advanced Windows breaches. In this room, you'll delve into more complex, manual attack techniques commonly seen in targeted intrusions and learn how to detect them using system logs.
Learning Objectives
- Learn how reverse shells are used in intrusions
- Understand how the attackers escalate their privileges
- Explore the five most common techniques to persist on
- Uncover the learned techniques through the system logs
Prerequisites
- Complete the Threat Detection 2 room
- Recall the second half of the tactics
- Be familiar with Bash and administration
Lab Access
Before moving forward, start the lab by clicking the Start Machine button below. The machine will start in split view and will take about two minutes to load. In case the machine is not visible, you can click the Show Split View button at the top of the task. You may need to work as the root user for some tasks. To switch to root on the , please run sudo su.
Set up your virtual environment
Credentials
Alternatively, you can access the from your own -connected machine with the credentials below:
Let's go!
Ready to learn Cyber Security?
The Linux Threat Detection 3 room is only available for premium users. Signup now to access more than 500 free rooms and learn cyber security through a fun, interactive learning environment.
Already have an account? Log in