Applied Operating Systems Module

Introduction

The Applied Operating Systems module was undoubtedly my favourite module of Year 1 in my Cyber Security Degree. It provided a perfect blend of theory and hands-on practical experience. The module focused on understanding Linux operating systems, server deployment, system hardening, and website hosting, which are crucial skills in the field of cybersecurity and system administration. I particularly enjoyed the way the module was structured, with each task building on the previous one, and how it provided me with the opportunity to work on real-world projects using cutting-edge technologies like AWS.

Key Concepts Covered:

• Linux Operating System: One of the core elements of this module was learning about the Linux operating system. This involved getting familiar with its command-line interface (CLI), system architecture, package management, file systems, and system processes. We also explored essential system administration tasks such as user management, permissions, and services. The hands-on experience with Linux not only gave me the technical skills to manage a Linux server but also sparked my passion for working with open-source operating systems. I started feeling more comfortable with the Linux ecosystem, and it became my go-to platform for experimenting and deploying various services.

• EC2 Instances and VPC in AWS: Another major component of this module was learning about Amazon Web Services (AWS), particularly EC2 instances and VPC (Virtual Private Cloud). Although we only worked with EC2 instances in this module, it was an excellent introduction to cloud computing. Setting up EC2 instances allowed us to create virtual servers in the cloud, manage security groups, configure key pairs for SSH access, and handle basic networking tasks such as configuring static IPs. This exposure laid the foundation for more advanced cloud concepts, which I later explored in greater depth during the Cloud Computing module in my final year. The use of AWS in this module gave me a real-world perspective on cloud-based server management and the importance of securing resources in a cloud environment.

• Server Hardening: One of the most important lessons from this module was learning how to secure a server. We explored various techniques and tools to lock down a server and reduce vulnerabilities. This included setting up SSH keys for secure remote access instead of using password-based authentication. We also implemented SSL certificates to encrypt communication and prevent eavesdropping on sensitive data. Additionally, we set up Fail2Ban, a security tool that helps protect servers from brute force attacks by blocking malicious IPs after a set number of failed login attempts. The principle of least privilege was another key concept, where we configured system permissions and access controls to ensure that only authorized users could access specific resources.

• Website Deployment (WordPress): The practical component of the module included deploying a WordPress website on a Linux server. This task helped me understand the process of hosting a website, configuring a web server (such as Apache or Nginx), setting up a MySQL database, and installing WordPress. It was fascinating to see how quickly a website could be deployed once the necessary infrastructure was set up. This also provided me with hands-on experience in troubleshooting common issues that arise when deploying web services, such as permission errors, database configuration, and networking issues.

Application of Concepts

The key takeaway from the Applied Operating Systems module was learning how to secure a system while deploying services. For example:

1. Linux: Working with Linux in this module helped me become proficient in navigating its file system, editing configuration files, and using the CLI to perform administrative tasks. I also became comfortable with systemd for managing services and configuring startup processes, which is essential for managing production servers.

2. EC2 & VPC: Setting up EC2 instances in AWS was invaluable for gaining an understanding of cloud-based infrastructure. I was able to configure security groups to control access to my EC2 instances, set up key pairs for SSH authentication, and implement Elastic IPs to ensure my server was always reachable.

3. Server Hardening: The server hardening techniques I learned, such as securing SSH access, configuring iptables firewalls, and using tools like SELinux and AppArmor, are essential skills for any system administrator or cybersecurity professional. I also gained a better understanding of the importance of patch management and keeping software up to date to minimize vulnerabilities.

4. Website Deployment: Deploying WordPress on a Linux server not only taught me how to host a website but also introduced me to the concepts of web server optimization, database management, and securing web applications. I used tools like Let's Encrypt to generate SSL certificates for encrypting web traffic, which is a critical aspect of securing web services.

Conclusion

Overall, the Applied Operating Systems module was one of the most enjoyable and rewarding experiences in Year 1 of my Cyber Security Degree. It gave me hands-on experience with Linux systems, introduced me to AWS EC2 instances, and taught me critical skills in server hardening and website deployment. By applying the concepts in practical scenarios, I was able to reinforce my understanding and prepare myself for more advanced topics in system administration and cybersecurity. This module also helped me develop a deeper passion for Linux and server management, which I continue to explore in my personal projects and career path.