CyberSchool Module 2 · Linux & Kali
Home › Module 2 › Linux & Kali Basics
Lesson 4

Linux & Kali Basics

Almost every security tool in the world runs on Linux, and Kali Linux is the operating system built specifically for security work. In this lesson you'll set up a safe lab, learn to move around the Linux file system, run the essential commands, and understand permissions — the skills you'll use in every lesson that follows.

What is Linux? What is Kali?

Linux is a free, open-source operating system (the base software that runs a computer, like Windows or macOS). Kali Linux is a special version of Linux that comes with hundreds of security tools already installed — Nmap, Wireshark, Metasploit and more — so you don't have to hunt for them.

Analogy — A mechanic's toolbox A normal computer is like a car with a basic spare-tyre kit in the boot. Kali is like a professional mechanic's rolling toolbox — every wrench, gauge, and diagnostic tool already laid out and ready. You could assemble the same tools yourself, but Kali saves you the trouble.

Build your safe lab (do this first)

The golden rule of practice You must never point security tools at systems you don't own or have written permission to test. The safe, legal, professional way to learn is a lab: virtual machines on your own computer that can only talk to each other. That's what we'll build.

The standard beginner lab is two virtual machines: Kali (your attacker/analyst machine) and a deliberately weak practice target like Metasploitable 2 (a computer built to be broken into safely for learning).

  1. Install free virtualisation software: VirtualBox (works on Windows, macOS, Linux).
  2. Download the official Kali Linux VirtualBox image from kali.org/get-kali and import it.
  3. Download Metasploitable 2 (a safe, intentionally-vulnerable target) and import it.
  4. Set both VMs' network to “Host-Only” or an “Internal Network.” This is the crucial safety step — it keeps your lab sealed off from the real internet and your real network, so nothing can leak out or in.
  5. Default Kali login is usually kali / kali — change the password immediately.
Low on RAM? If your computer is modest, you can still practise the Linux commands and Nmap scanning against your own Kali machine and the practice terminals on these pages. You only need Metasploitable when you reach the penetration-testing module.

The Linux file system (everything is a file)

Windows uses drive letters like C:\. Linux instead has one single tree that starts at / (called root). Everything — documents, devices, even settings — hangs off this one tree.

Analogy — A filing cabinet with one top drawer Picture a filing cabinet where / is the whole cabinet. Inside are labelled folders: /home for people's personal files, /etc for settings, /var for logs that grow over time. Every file lives somewhere in this one cabinet.
FolderWhat lives there
/The root — the top of everything
/homePersonal folders, e.g. /home/kali
/etcSystem configuration files (settings)
/varLogs and data that change over time
/tmpTemporary files, cleared on reboot
/bin, /usr/binThe actual programs/commands
/rootThe home folder of the all-powerful admin user

Essential commands (your daily vocabulary)

Every command below is safe. Learn these and you can operate any Linux machine.

Moving around and looking

$ pwd # "print working directory" — where am I right now? $ ls -la # list files; -l long details, -a includes hidden files $ cd /etc # change directory (move) into /etc $ cd .. # go up one level $ cd ~ # go to my home folder

Reading files

$ cat file.txt # print a whole file to the screen $ less file.txt # scroll through a long file (q to quit) $ head -n 5 file # first 5 lines $ tail -f log # watch a log file update live (great for defence)

Creating and managing

$ mkdir lab # make a new folder called "lab" $ touch notes.txt # create an empty file $ cp a.txt b.txt # copy a to b $ mv b.txt lab/ # move (or rename) b into the lab folder $ rm notes.txt # delete a file (careful — no recycle bin!)

Finding and filtering (the power tools)

$ grep "error" log.txt # show only lines containing "error" $ find / -name "*.conf" # find every file ending in .conf $ cat access.log | grep 404 | wc -l # count 404 errors ("|" pipes output on)
The pipe | is your superpower The | symbol sends the output of one command into the next, so you can chain small tools into powerful one-liners. Security analysts live in the pipe: read a log → filter it → count it, all in one line.

Being the admin: sudo

$ sudo apt update # run a command as the powerful "root" user $ sudo apt install nmap # install a tool (apt = the software manager)

sudo (“superuser do”) runs one command with full admin power. It's like borrowing the master key — useful, but handle with care.

Try It Yourself (practice terminal)

Try: pwd, ls -la, whoami, or cat /etc/hostname.

kali@lab: ~
Linux practice shell. Try a command below.
kali@lab:~$

File permissions (who can read, write, run)

Linux controls exactly who can do what to each file. When you run ls -l you see something like:

-rwxr-xr-- 1 kali kali scan.sh

Read those first ten characters left to right:

r = read (view), w = write (change), x = execute (run as a program). A dash means “not allowed.”

Analogy — Keys to a room Think of three sets of keys: one for the owner, one for their team (group), one for the public. Each key can allow looking (r), rearranging (w), or using the machines inside (x). Security is largely about not handing the public a key they shouldn't have.

Changing permissions with chmod

$ chmod +x scan.sh # make a script executable (runnable) $ chmod 644 file.txt # owner read/write; group + others read only $ chmod 600 secret # owner read/write; nobody else can even read it

Those numbers are a shorthand: r=4, w=2, x=1, added up per group. So 644 = owner 6 (4+2 = rw), group 4 (r), others 4 (r). 600 keeps a secret truly private — exactly how you'd protect a private key.

Why permissions are a security topic Wrong permissions are one of the most common real-world weaknesses. A private key set to “readable by everyone” or a password file left world-writable can hand an attacker the whole system. Checking permissions is a core defensive skill.
Practical Exercise 4.1 — Your first Bash script + permissions
  1. Make a lab folder and enter it:
    $ mkdir ~/lab && cd ~/lab
  2. Create a small script that prints your network info:
    $ cat > myinfo.sh << 'EOF' #!/bin/bash echo "Hostname: $(hostname)" echo "My IP:"; ip -brief a | grep -v lo echo "Default gateway:"; ip route | grep default EOF
  3. Look at its permissions — note there's no x yet, so it can't run:
    $ ls -l myinfo.sh
    You'll see -rw-r--r-- — readable, but not executable.
  4. Grant execute permission, then run it:
    $ chmod +x myinfo.sh $ ./myinfo.sh
    Result: it prints your hostname, IP, and gateway — you built and ran your first tool, and you controlled its permissions.
  5. Lock it down so only you can read it: chmod 700 myinfo.sh, then re-check with ls -l.
Quick check: What does chmod 600 secret.key do?
Lets everyone read and edit the file
Only the owner can read and write; nobody else has any access
Makes the file executable by everyone
Deletes the file
6 = read+write for the owner; 0 = nothing for group; 0 = nothing for others. Perfect for a private key.
Why does this matter for your career? Linux fluency is non-negotiable in security. SOC analysts read logs with grep and tail; penetration testers live on the Kali command line; defenders lock down systems with chmod and permission audits. The CompTIA Linux+ and the practical portions of Security+/CEH assume exactly these skills. Every remaining module in this course happens at this command line.

Key takeaways

  • Kali Linux is Linux pre-loaded with security tools; always practise in a sealed Host-Only lab.
  • The Linux file system is one tree starting at /; key folders are /home, /etc, /var.
  • Core commands: pwd ls cd cat grep find; the pipe | chains them together.
  • Permissions rwx apply to owner / group / others; change them with chmod (r=4, w=2, x=1).
CyberSchool · Module 2, Lesson 4. Practise only in your own sealed lab.