🚀 Start Here:
👉 [Linux Account Hardening Guide]
👉 [PAM Like a Pro]
Introduction
This series documents lab-tested Linux hardening practices with annotated screenshots, real configs, and practical scripts you can reproduce in your own environment.
My cybersecurity journey has taken me from the Google Cybersecurity Certificate to BTL1 and GFACT. Each one reinforced how central Linux is to both cybersecurity and IT overall. But, when I started practicing ethical web hacking and breaking into purposely vulnerable web apps on a Linux box, I hit a wall. I could follow the attack paths, sure, but I couldn’t confidently explain why they existed at the OS level beyond the web app or how a defender would prevent them in the first place or shut them down.
I spun up a CentOS 10 box and committed to learning Linux security from the inside out. I wanted to understand accounts, permissions, PAM modules, password policies, log analysis… everything that goes into seriously locking down a Linux environment.
What This Series Covers
As I progress my learning and expand my lab environment, I’ll be writing walkthroughs and breakdowns aligned with these topics. Feel free to click on the links below to take a link to the individual posts:
- Securing the User Jungle – A Practical Guide To Linux Account Hardening
- PAM Like a Pro. Lock yourself out of your Linux machine, then get back in
- Locking Down the Linux Filesystem *** Coming Soon ***
- System Hardening Techniques *** Planned ***
- Securing Linux Networking *** Planned ***
- Protecting the Broader Environment *** Planned ***
- Authentication, Authorization, and Sudo Policies *** Planned ***
If you are looking to learn Linux fundamentals, I’d suggest the Google Cybersecurity Certificate training or TryHackMe’s Linux Fundamentals portion of their Cybersecurity 101 path. Another excellent resource is Professor Messer’s Linux+ playlist on YouTube, though this goes far beyond just fundamentals in preparation for someone wanting to take the Comptia Linux+ exam. Throughout this blog series I will mainly be SSHing into my VM with PuTTY as it is easier for me to learn, read, take notes and screenshots this way without switching my screens around a lot.
Tools & Setup
Here’s what I’m using:
- OS: CentOS 10
- Virtualization: VMWare Workstation Pro
- Docs: My own notes, occasionally mindmaps
- Interface: SSH via PuTTY for comfort, notes, and screenshot efficiency
- Screenshots: Terminal output (sometimes annotated), config edits, and system behavior
Who This Series Is For
Whether you’re a cybersecurity student trying to build hands-on confidence or an aspiring sysadmin who wants a quick guide for hardening security concepts, this series is written for you.
I’m building it for the kind of learner who wants to go beyond the surface:
- People who want to understand not just how attacks happen, but why systems are vulnerable to begin with.
- Learners who don’t want just command lists, but want to know how to test, validate, and monitor a secure system environment with confidence.
- Passionate doers looking to break into Linux roles and actually demonstrate system-hardening skills to employers through real configs and projects.
My Personal Goals
This blog series is part of a larger plan to deepen my Linux security expertise and transition into a professional role centered on system hardening and defense.
Certifications Completed
- ✅ GIAC GFACT (Foundational Cybersecurity Technologies)
- ✅ Blue Team Level 1 (BTL1)
Certifications in Progress / Planned
- 🎯 RHCSA (Red Hat Certified System Administrator) — target 2026
- 🎯 RHCE (Red Hat Certified Engineer) — planned after RHCSA, with focus on automation and advanced configs
- 🎯 BSCP (Burp Suite Certified Practitioner) — planned
Ongoing Development
- Expanding my home lab to simulate practical threats and defenses
- Creating reproducible guides and labs (published here)
- Building a portfolio that positions me for Linux-heavy security roles — SOC analyst, DevSecOps engineer, or system hardening specialist
Interested in commissioning Linux security content like this? Contact me: contact@collininfosec.com