Why Learn Linux Security Basics

Linux powers a large share of servers and cloud infrastructure. Understanding a handful of built-in commands helps you monitor system health and spot suspicious activity.

Useful Defensive Commands

check active network connections
# Lists active listening ports and connections
ss -tulpn
review recent login attempts
# Shows recent successful logins
last -a
check running processes
# Lists processes sorted by CPU usage
ps aux --sort=-%cpu | head
review system update status
# Debian/Ubuntu example — lists available security updates
apt list --upgradable
check file permissions
# Displays permissions, owner, and group for a file
ls -l /path/to/file

Best Practices

  1. Apply the principle of least privilege — avoid running services as root unnecessarily.
  2. Keep packages updated regularly with your distribution's package manager.
  3. Disable unused services and close unnecessary open ports.
  4. Use SSH key-based authentication instead of passwords where possible.
  5. Review logs periodically for unfamiliar login attempts or errors.

These commands are for system monitoring and hardening only — always use them on systems you are authorized to administer.