Added headers

README.md

@@ -1,7 +1,9 @@
 # RRC Cybersecurity on Linux
 
 ## Table of Contents
-1. [Choosing a Linux distribution](distributions.md) (version)
+1. Recommendations
+   - [General Recommendations](Recommendations/GeneralRecommendations.md)
+   - [Choosing a Linux distribution](Recommendations/distributions.md) (version)
 2. Software
    - [Cisco Packet Tracer](Software/CiscoPacketTracer.md)
    - [Microsoft M365 Suite](Software/M365.md) (Teams, Word, Excel, ect)
@@ -9,6 +11,7 @@
    - [PostgreSQL](Software/Postgresql.md)
    - [VirtualBox](Software/VirtualBox.md)
    - [Virtual Machine Manager](Software/VirtualMachineManager.md) (virt-manager)
+   - [Visual Syslog](Software/VisualSyslog.md)
    - [VMWare Workstation](Software/VMWareWorkstation.md)
    - [Wireshark](Software/Wireshark.md)
 3. Tools

Recommendations/GeneralRecommendations.md

@@ -0,0 +1,29 @@
+# Recommendations
+Here is a collection of recommendations I have from experience, for those wanting to follow this path.
+
+## USB Ethernet Adapter
+You will need this regardless if your laptop doesn't have one built in.
+
+But even if yours does, having a separate USB one makes it really easy to just pass that ethernet adapter through to Virtual Machines, which is really nice when you need to do stuff on a Windows VM (see below) for example. 
+
+And just in general, being able to give a VM a direct network connection to the network can make some things a lot simpler.
+
+## Windows Virtual Machine
+I recommend setting up a windows virtual machine and having it on-hand for course-work a few reasons
+1. The vast majority of software in the program works fine on Linux, but there is one or two one-off cases where that is not the case.
+2. If there is software needed that is not covered in this documentation and is not trivial to install in your situation, this just lets you use the windows instructions provided by your instructors in a pinch.
+3. In the same way Linux VMs are used in this program to practice tasks across Operating Systems, there are times when Windows specific tasks are done in class for practice/learning.
+
+I have 2 main recommendations for doing this:
+1. Use Windows LTSC IoT
+   - It's a much smaller install size, which is nice for VMs
+   - None of the normal extra unneeded programs (bloat)
+   - TPM is not required, which requires some extra setup, see the [TPM Section](../Software/VirtualMachineManager.md#tpm) for virt-manager.
+2. Use Virtual Machine Manager
+   - Unlike VirtualBox or VMWare, it's fully open-source and uses KVM, which is native to Linux. So doesn't need extra kernel modules or any weird/extra install steps, and less likely to have issues.
+
+Windows LTSC can be downloaded from here https://www.microsoft.com/en-us/evalcenter/evaluate-windows-11-iot-enterprise-ltsc
+
+**Note**: This is the "Evaluation" version, and you will need to "reactivate/reset" the activation after 90 days. The non-Evaluation version is not officially publicly available, so I will not link it here.
+
+Check out the [Virtual Machine Manager](../Software/VirtualMachineManager.md) document for Install, setup and usage info.

Recommendations/distributions.md

@@ -3,7 +3,7 @@
 
 There are countless versions of Linux out there, termed distributions, the main differences between them is what software packages are provided to users, how recent or stable the versions of that software is, and what is installed and setup by default.
 
-In my opinion any Linux distribution can be made to work, especially with modern tools like [Flatpak](Tools/Flatpak.md) and [Distrobox](Tools/Distrobox.md). For example, I use Void Linux primarily, which is not one of the big 3 that I primarily outline in these docs.
+In my opinion any Linux distribution can be made to work, especially with modern tools like [Flatpak](../Tools/Flatpak.md) and [Distrobox](../Tools/Distrobox.md). For example, I use Void Linux primarily, which is not one of the big 3 that I primarily outline in these docs.
 
 My recommendations here are my personal opinions, though are primarily based general user-friendliness, and how easy the software used in this Program that I've documented here is to install and setup.
 
@@ -24,7 +24,7 @@ That all said, these would probably be my top 3 recommendations:
 
 Debian is the bedrock of Linux distributions, a favorite for server applications due to it's stability-first philosophy, but also functions well as a Desktop OS. Debian is extremely resistant to breaking changes from it's long and thorough testing process.
 
-The primary drawback is that it tends to favour long-term support and stable versions of software, which does mean you generally may not get access to the latest features. But this can be mostly mitigated by installing applications where you need the latest version from [Flatpak](Tools/Flatpak.md). 
+The primary drawback is that it tends to favour long-term support and stable versions of software, which does mean you generally may not get access to the latest features. But this can be mostly mitigated by installing applications where you need the latest version from [Flatpak](../Tools/Flatpak.md). 
 
 I personally recommend installing the KDE Plasma desktop environment (instead of GNOME) when asked during the installation. In general KDE Plasma will be more familiar to those coming from Windows, and is very powerful and customisable.
 

Software/CiscoPacketTracer.md

@@ -13,44 +13,42 @@ Note: a netacad account is required to download
 
 You can download the "Ubuntu" version .deb from https://www.netacad.com/resources/lab-downloads?courseLang=en-US 
 
-### Arch-based (AUR Package)
-
-```sh
-# Download the AUR Package
-git clone https://aur.archlinux.org/packettracer.git
-cd packettracer
-
-# Add the downloaded .deb file to the package
-mv ~/Downloads/CiscoPacketTracer_900_Ubuntu_64bit.deb .
-
-# Build and install the package
-makepkg -scri
-```
-
 ### Debian/Mint/Ubuntu
 
 ```sh
 sudo apt install ~/Downloads/CiscoPacketTracer_900_Ubuntu_64bit.deb
 ```
 
-### Fedora
+### Other Distro (Including Arch and Fedora) Manual Install
+Since they only provide a .deb version, we have to manually install it on other distros. This will require the `binutils`, `tar` and `xf` packages to be installed.
+```sh
+# Create a working folder and move the downloaded file into it
+mkdir ~/Downloads/PacketTracer && mv ~/Downloads/CiscoPacketTracer_900_Ubuntu_64bit.deb ~/Downloads/PacketTracer
 
-Unfortunately an rpm package does not exist so Packet Tracer can not be easily installed on Fedora.
+cd ~/Downloads/PacketTracer
 
-It is possible to install it on fedora, but from my testing your best bet will be to use a Windows or Debian/Ubuntu/Mint Virtual Machine as it is the most straightforward.
+# Extract the program
+ar x CiscoPacketTracer_900_Ubuntu_64bit.deb
+tar xf data.tar.xz
+
+# Install the program
+sudo mkdir -p /opt
+sudo mv opt/pt /opt/pt
+sudo ln -s /opt/pt/packettracer.AppImage /usr/local/bin/packettracer
+```
 
 ## Usage
 
 ### Starting App
 
-As far as I can tell Packet Tracer need to either be launched from the Command-line or when you open a file for Packet Tracer.
+The first time you launch this app needs to be from the command-line to accept the EULA. 
 
-Regardless the first launch needs to be from the command-line to accept the EULA, the exact command depends on your distribution. Debian/Ubuntu/Mint should just be able to run the `packettracer` command, on Arch-based you need to run `/usr/lib/packettracer/packettracer.AppImage`
+You should just be able to run the `packettracer` command.
 
 ### Login
 
-It seems that the "Open in Browser" function for the initial login seems to be broken, fortunately an in-app browser option is available and works.
+If the "Open in Browser" function for the initial login is not working, an in-app browser option is available and works.
 
-On the initial screen select "Advanced Settings" and check "User internal web browser for Cisco Networking Academy login"
+In the initial screen select "Advanced Settings" and check "User internal web browser for Cisco Networking Academy login"
 
 ![Login Screen](Screenshots/packettracer-login.png)

Software/Nessus.md

@@ -21,6 +21,9 @@ Select "***Linux - Fedora - x86_64**" to download.
 ### Mint/Ubuntu 
 Select "**Linux - Ubuntu - amd64**" to download.
 
+### Podman (Universal)
+No need to download from the website, skip to [Install](#install)
+
 ## Install
 
 ### Arch-Based (AUR Package)

Software/Postgresql.md

@@ -47,6 +47,20 @@ host  all  all ::1/128  ident
 
 Make sure the last item on each line (in this case `ident`) is changed to `md5`. Then restarted the database `sudo systemctl restart postgresql.service`
 
+### Podman (Universal)
+Podman is a container system very similar to docker that lets you run programs in an isolated and self-contained environment. 
+
+First install [Podman](../Tools/Podman.md) on your computer.
+
+The container image will automatically be downloaded when you run postgres database with:
+```sh
+podman run -d --name postgres -p 5432:5432 -e POSTGRES_PASSWORD=mysecretpassword docker.io/library/postgres:latest
+```
+
+Checkout the [Podman document](../Tools/Podman.md) to learn how to manage containers.
+
+**Note:** You can skip the Setup stage below, it is already setup inside the container
+
 ## Setup
 First make sure postgres is running:
 ```sh

Software/VMWareWorkstation.md

@@ -19,15 +19,17 @@ Most Linux distributions use systemd, but if yours doesn't you will not be able
 
 VMWare Workstation requires the kernel headers and `pkexec` to be installed, the exact packages required may depend on your distribution, but here are some common ones:
 
-Debian/Ubuntu/Mint:
+#### Debian/Ubuntu/Mint:
 ```sh
 sudo apt install linux-headers-generic pkexec
 ```
-Fedora: (pkexec is apart of the `polkit` package, which should be installed)
+#### Fedora: 
+pkexec is apart of the `polkit` package, which should be installed
 ```sh
 sudo dnf install kernel-headers
 ```
-Arch-based: (pkexec is apart of the `polkit` package, which should be installed)
+#### Arch-based: 
+pkexec is apart of the `polkit` package, which should be installed
 ```sh
 sudo pacman -S linux-headers
 ```

Software/VisualSyslog.md

@@ -0,0 +1,13 @@
+---
+Classes:
+  - Networking for Cybersecurity
+---
+
+# Visual Syslog
+Visual Syslog Server for Windows is a free open source program to receive and view syslog messages.
+
+Unfortunately this software is windows-only. 
+
+It does run in Wine/Bottles on linux but due to permissions you can't use low numbered ports (port 1024 and lower), and the default is 514. You can change the used port in the software, but the routers we used in this class would not let you change the port they were sending to. If that isn't an issue for you, see the [Wine Document](../Tools/Wine.md).
+
+Otherwise you will just have to run this inside a [Windows VM](../Recommendations/GeneralRecommendations.md#windows-virtual-machine) and either pass-through your USB Ethernet Adapter, run the VM's network device in bridged mode, or forward port 514. The first option being the simplest by far. 

Tools/Distrobox.md

@@ -1,4 +1,58 @@
 # Distrobox
-Allows the installation of software available on other distributions
+Allows the installation of software available on other distributions.
 
-**Content to be added**
+Under the hood distrobox is creating containers (similar to but much lighter and more integrated than a Virtual Machine) of a different linux distribution, letting your install software from that distro in that container.
+
+The major difference between distrobox and a normal containers is that:
+1. Your home folder is shared with the containers to better integrate with your system and desktop environment.
+2. distrobox has functions to export programs that are installed in the container to make it available to your normal system. 
+
+**Note:** While containers are often used to provide some security by separating programs from your main system, this is not the case or goal of distrobox. The goal of distrobox is to integrate the container with your system to make it like a normal program as much as possible, thus you don't gain the normal security benefits, but it is not any more dangerous than a normal program.
+
+## Install
+Simply install distrobox from  your system's package manager:
+
+### Arch-Based
+```sh
+sudo pacman -S distrobox
+```
+
+### Debian/Ubuntu/Mint
+```sh 
+sudo apt install distrobox
+```
+
+### Fedora
+```sh
+sudo dnf install distrobox
+```
+
+## Container Backend
+Note that distrobox also requires a backend to create and run containers, I highly recommend podman.
+
+See the [Podman Document](Podman.md) for install instructions.
+
+## Usage
+
+See the official docs for usage info https://distrobox.it/#quick-start 
+
+Or see [Distroshelf](#distroshelf) below for a nice Graphical Interface.
+
+# Distroshelf
+Distroshelf is a nice Graphical Interface to manage and create distrobox containers
+
+**Note**: distrbox and podman still need to be install on your system, this is simply a graphical interface.
+
+## Install 
+
+### Flatpak (Universal)
+Requires [Flatpak](Flatpak.md) to be installed and setup. You should be able to install it through your Graphical Package Manager, otherwise use the command below:
+
+```sh
+flatpak install com.ranfdev.DistroShelf
+```
+
+### Arch-Based (AUR Package)
+```sh
+yay -S distroshelf
+```

Tools/Flatpak.md

@@ -1,4 +1,41 @@
 # Flatpak
-Software packaging system that is available on all linux distributions and runs the software in a restricted environment.
+Software packaging system that is available on all linux distributions and runs the software in a isolated (given access where needed) environment.
 
-**Content to be added**
+## Setup
+You can follow the instructions to set it up for your distro from here, which includes installing flatpak, and adding the flathub repository https://flatpak.org/setup/
+
+### KDE Plasma
+**Note:** Flatpak comes already setup on Fedora
+
+In plasma you can setup flatpak through the Discover app:
+
+First in settings, scroll to the bottom and click the install button next to the "Integrates Flatpak applications into Discover"
+
+**Make sure to not select the one for Snap**
+
+![Flatpak Install Button](Screenshots/flatpak-install.png)
+
+Now **close and re-open Discover**, navigate back to settings and you should have the option to add Flathub, click that.
+
+![Add Flathub](Screenshots/flatpak-flathub.png)
+
+Then **log out** and back in (or restart), you should now see this in setting and you will also find flatpak software when searching discover.
+
+![Flatpak setup](Screenshots/flatpak-setup.png)
+
+## Usage
+
+There are a number of Graphical Applications that let you browse, install and remove flatpak software:
+
+1. Discover
+   - The software manager for KDE Plasma
+2. GNOME Software
+   - The software manager for GNOME, can be installed on other Desktop Environments
+3. [Bazaar](https://flathub.org/en/apps/io.github.kolunmi.Bazaar)
+   - Flatpak manager
+   - Can be installed with `flatpak install io.github.kolunmi.Bazaar` once flatpak is setup
+
+## Permissions
+By default flatpak programs are only given access to the systems and files they need to function. Sometimes you may need to adjust what it has access to though.
+
+The easiest way to do so is to use the [Flatseal](https://flathub.org/en/apps/com.github.tchx84.Flatseal) program, which is easy to install with flatpak.