Linux Service Configuration Writeups#

Quick reference guides for configuring services in Linux competitions. Assumes basic Linux knowledge (filesystem navigation, systemctl, ssh, etc.).

Writeups#

Mini-Hack Quick Start - Complete mini-hack walkthrough checklist
Services Overview - General approach to any service
Apache Web Service - HTTP/HTTPS server configuration
SSH Service - Remote access, keys, security
Network Configuration - Static IPs across different distros
DNS, Rsync, Cron - Name resolution and automated backups
UFW Firewall - Ubuntu firewall configuration
Active Connection Defense - Monitor and kill malicious connections
MikroTik Router - Router configuration (2025 competition)

Service-Specific Quick Reference#

Apache Service Names#

apache2      # Ubuntu/Debian/Kali
httpd        # CentOS/RHEL

Network Configuration Files#

Distribution	Config Location
Kali/Debian	`/etc/network/interfaces`
Ubuntu	`/etc/netplan/*.yaml`
CentOS/RHEL	`/etc/sysconfig/network-scripts/ifcfg-*`

SSH Key Permissions#

chmod 700 ~/.ssh/
chmod 600 ~/.ssh/id_rsa          # Private key
chmod 644 ~/.ssh/id_rsa.pub      # Public key
chmod 644 ~/.ssh/authorized_keys

Regenerate host keys on cloned VMs:

sudo ssh-keygen -A
sudo systemctl restart sshd

UFW Firewall#

sudo ufw enable
sudo ufw allow ssh
sudo ufw allow http
sudo ufw allow from 192.168.1.100      # Specific IP
sudo ufw deny from 192.168.1.0/24      # Entire subnet
sudo ufw status numbered                # See rule numbers
sudo ufw delete 4                       # Delete rule by number

Active Connection Monitoring#

sudo netstat -tunap                     # All connections with PIDs
sudo netstat -tunap | grep ESTABLISHED  # Only active
w                                       # Who is logged in
sudo kill <PID>                         # Kill by process ID
sudo pkill -kill -u username            # Kill all user processes

MikroTik Router#

CLI:

/ip address print
/ip address add address=192.168.1.1/24 interface=ether3
/ping 192.168.1.2
interface print

Web GUI: http://<router-ip>:8080
Default login: admin / (blank password)

Rsync + Cron#

Rsync common patterns:

rsync -av source/ dest/                             # Basic sync
rsync -av --delete source/ dest/                    # Mirror (delete extra files in dest)
rsync -avz local/ user@host:remote/                 # Remote backup (z=compress)
rsync -av --exclude='*.log' source/ dest/           # Exclude files
rsync -av source/ dest/ --dry-run                   # Test without changes

Cron syntax: minute hour day month weekday command

0 2 * * * /path/to/backup.sh      # Daily at 2 AM
*/15 * * * * /path/to/script.sh   # Every 15 minutes
0 */6 * * * rsync -av /data/ /backup/  # Every 6 hours

Distribution Differences#

Feature	Ubuntu	Kali	CentOS/RHEL
Apache service	`apache2`	`apache2`	`httpd`
Network config	netplan YAML	interfaces	ifcfg-* scripts
Firewall	UFW	iptables	firewall-cmd
Cron service	`cron`	`cron`	`crond`

Router (2025): All distributions use MikroTik (replaces CentOS router)

Competition Tips#

Network config varies by distro - check which one first
SSH keys: Regenerate on cloned VMs, fix permissions (700/.ssh, 600/private)
Enable firewall early - UFW even with defaults improves security
Monitor active connections - assign someone to watch netstat -tunap
Router (2025): MikroTik web GUI on port 8080, must enable NAT checkbox
Port forwarding: Create both TCP and UDP rules for most services
Kill by PID not username if you share accounts with red team
Backup configs before changes - especially network configs (can lock yourself out)

Critical Configuration Locations#

Service	Config File(s)
SSH	`/etc/ssh/sshd_config`
Apache (Ubuntu)	`/etc/apache2/apache2.conf`, `/etc/apache2/sites-available/`
Apache (CentOS)	`/etc/httpd/conf/httpd.conf`, `/etc/httpd/conf.d/`
Network (Kali)	`/etc/network/interfaces`
Network (Ubuntu)	`/etc/netplan/*.yaml`
Network (CentOS)	`/etc/sysconfig/network-scripts/ifcfg-*`
DNS resolution	`/etc/resolv.conf`
Cron jobs	`crontab -e` (per-user), `/etc/crontab` (system-wide)