Added headers

README.md

@@ -1,16 +1,24 @@
 # RRC Cybersecurity on Linux
 
 ## Table of Contents
-1. [Choosing a Linux distribution](distributions.md) (version)
+1. Recommendations
+   - [General Recommendations](Recommendations/GeneralRecommendations.md)
+   - [Choosing a Linux distribution](Recommendations/distributions.md) (version)
 2. Software
-   1. [Cisco Packet Tracer](Software/CiscoPacketTracer.md)
-   2. [Microsoft M365 Suite](Software/M365.md) (Teams, Word, Excel, ect)
-   3. [PostgreSQL](Software/Postgresql.md)
-   4. [VirtualBox](Software/VirtualBox.md)
-   5. [Virtual Machine Manager](Software/VirtualMachineManager.md) (virt-manager)
-   6. [VMWare Workstation](Software/VMWareWorkstation.md)
-   7. [Wireshark](Software/Wireshark.md)
+   - [Cisco Packet Tracer](Software/CiscoPacketTracer.md)
+   - [Microsoft M365 Suite](Software/M365.md) (Teams, Word, Excel, ect)
+   - [Nessus](Software/Nessus.md)
+   - [PostgreSQL](Software/Postgresql.md)
+   - [VirtualBox](Software/VirtualBox.md)
+   - [Virtual Machine Manager](Software/VirtualMachineManager.md) (virt-manager)
+   - [Visual Syslog](Software/VisualSyslog.md)
+   - [VMWare Workstation](Software/VMWareWorkstation.md)
+   - [Wireshark](Software/Wireshark.md)
 3. Tools
+   - [Distrobox](Tools/Distrobox.md)
+   - [Flatpak](Tools/Flatpak.md)
+   - [Podman](Tools/Podman.md)
+   - [Wine](Tools/Wine.md)
 
 ## Preamble
 

Recommendations/GeneralRecommendations.md

@@ -0,0 +1,29 @@
+# Recommendations
+Here is a collection of recommendations I have from experience, for those wanting to follow this path.
+
+## USB Ethernet Adapter
+You will need this regardless if your laptop doesn't have one built in.
+
+But even if yours does, having a separate USB one makes it really easy to just pass that ethernet adapter through to Virtual Machines, which is really nice when you need to do stuff on a Windows VM (see below) for example. 
+
+And just in general, being able to give a VM a direct network connection to the network can make some things a lot simpler.
+
+## Windows Virtual Machine
+I recommend setting up a windows virtual machine and having it on-hand for course-work a few reasons
+1. The vast majority of software in the program works fine on Linux, but there is one or two one-off cases where that is not the case.
+2. If there is software needed that is not covered in this documentation and is not trivial to install in your situation, this just lets you use the windows instructions provided by your instructors in a pinch.
+3. In the same way Linux VMs are used in this program to practice tasks across Operating Systems, there are times when Windows specific tasks are done in class for practice/learning.
+
+I have 2 main recommendations for doing this:
+1. Use Windows LTSC IoT
+   - It's a much smaller install size, which is nice for VMs
+   - None of the normal extra unneeded programs (bloat)
+   - TPM is not required, which requires some extra setup, see the [TPM Section](../Software/VirtualMachineManager.md#tpm) for virt-manager.
+2. Use Virtual Machine Manager
+   - Unlike VirtualBox or VMWare, it's fully open-source and uses KVM, which is native to Linux. So doesn't need extra kernel modules or any weird/extra install steps, and less likely to have issues.
+
+Windows LTSC can be downloaded from here https://www.microsoft.com/en-us/evalcenter/evaluate-windows-11-iot-enterprise-ltsc
+
+**Note**: This is the "Evaluation" version, and you will need to "reactivate/reset" the activation after 90 days. The non-Evaluation version is not officially publicly available, so I will not link it here.
+
+Check out the [Virtual Machine Manager](../Software/VirtualMachineManager.md) document for Install, setup and usage info.

Recommendations/distributions.md

@@ -3,7 +3,7 @@
 
 There are countless versions of Linux out there, termed distributions, the main differences between them is what software packages are provided to users, how recent or stable the versions of that software is, and what is installed and setup by default.
 
-In my opinion any Linux distribution can be made to work, especially with modern tools like [Flatpak](Tools/Flatpak.md) and [Distrobox](Tools/Distrobox.md). For example, I use Void Linux primarily, which is not one of the big 3 that I primarily outline in these docs.
+In my opinion any Linux distribution can be made to work, especially with modern tools like [Flatpak](../Tools/Flatpak.md) and [Distrobox](../Tools/Distrobox.md). For example, I use Void Linux primarily, which is not one of the big 3 that I primarily outline in these docs.
 
 My recommendations here are my personal opinions, though are primarily based general user-friendliness, and how easy the software used in this Program that I've documented here is to install and setup.
 
@@ -11,7 +11,7 @@ If you want to explore some options yourself, this site can help give recommenda
 
 ## Recommendation
 
-In these documents I make a point to outline and test this software on the 3 most common Linux distribution families, Debian-based (Including Ubuntu and Linux Mint), Arch-based (Including EndeavourOS and CatchyOS) and Fedora. So unless you have a good reason for using something else, I recommend that these are the ones you consider.
+In these documents I make a point to outline and test this software on the 3 most common Linux distribution families, **Debian-based** (Including Ubuntu and Linux Mint), **Arch-based** (Including EndeavourOS and CatchyOS) and **Fedora**. So unless you have a good reason for using something else, I recommend that these are the ones you consider.
 
 Out of those options, I have found that generally the **apt** software package manager is the most widely supported, at least for the software used by this Program, which is used by the Debian family of distribution, so for the easiest time I would probably recommend one of those.
 
@@ -24,7 +24,7 @@ That all said, these would probably be my top 3 recommendations:
 
 Debian is the bedrock of Linux distributions, a favorite for server applications due to it's stability-first philosophy, but also functions well as a Desktop OS. Debian is extremely resistant to breaking changes from it's long and thorough testing process.
 
-The primary drawback is that it tends to favour long-term support and stable versions of software, which does mean you generally may not get access to the latest features. But this can be mostly mitigated by installing applications where you need the latest version from [Flatpak](Tools/Flatpak.md). 
+The primary drawback is that it tends to favour long-term support and stable versions of software, which does mean you generally may not get access to the latest features. But this can be mostly mitigated by installing applications where you need the latest version from [Flatpak](../Tools/Flatpak.md). 
 
 I personally recommend installing the KDE Plasma desktop environment (instead of GNOME) when asked during the installation. In general KDE Plasma will be more familiar to those coming from Windows, and is very powerful and customisable.
 

Software/CiscoPacketTracer.md

@@ -13,44 +13,42 @@ Note: a netacad account is required to download
 
 You can download the "Ubuntu" version .deb from https://www.netacad.com/resources/lab-downloads?courseLang=en-US 
 
-### Arch-based (AUR Package)
-
-```sh
-# Download the AUR Package
-git clone https://aur.archlinux.org/packettracer.git
-cd packettracer
-
-# Add the downloaded .deb file to the package
-mv ~/Downloads/CiscoPacketTracer_900_Ubuntu_64bit.deb .
-
-# Build and install the package
-makepkg -scri
-```
-
 ### Debian/Mint/Ubuntu
 
 ```sh
 sudo apt install ~/Downloads/CiscoPacketTracer_900_Ubuntu_64bit.deb
 ```
 
-### Fedora
+### Other Distro (Including Arch and Fedora) Manual Install
+Since they only provide a .deb version, we have to manually install it on other distros. This will require the `binutils`, `tar` and `xf` packages to be installed.
+```sh
+# Create a working folder and move the downloaded file into it
+mkdir ~/Downloads/PacketTracer && mv ~/Downloads/CiscoPacketTracer_900_Ubuntu_64bit.deb ~/Downloads/PacketTracer
 
-Unfortunately an rpm package does not exist so Packet Tracer can not be easily installed on Fedora.
+cd ~/Downloads/PacketTracer
 
-Your best bet will likely to be to use [Distrobox](../Tools/Distrobox.md), or if available use a Windows or Debian/Ubuntu/Mint Virtual Machine.
+# Extract the program
+ar x CiscoPacketTracer_900_Ubuntu_64bit.deb
+tar xf data.tar.xz
+
+# Install the program
+sudo mkdir -p /opt
+sudo mv opt/pt /opt/pt
+sudo ln -s /opt/pt/packettracer.AppImage /usr/local/bin/packettracer
+```
 
 ## Usage
 
 ### Starting App
 
-As far as I can tell Packet Tracer need to either be launched from the Command-line or when you open a file for Packet Tracer.
+The first time you launch this app needs to be from the command-line to accept the EULA. 
 
-Regardless the first launch needs to be from the command-line to accept the EULA, the exact command depends on your distribution. Debian/Ubuntu/Mint should just be able to run the `packettracer` command, on Arch-based you need to run `/usr/lib/packettracer/packettracer.AppImage`
+You should just be able to run the `packettracer` command.
 
 ### Login
 
-It seems that the "Open in Browser" function for the initial login seems to be broken, fortunately an in-app browser option is available and works.
+If the "Open in Browser" function for the initial login is not working, an in-app browser option is available and works.
 
-On the initial screen select "Advanced Settings" and check "User internal web browser for Cisco Networking Academy login"
+In the initial screen select "Advanced Settings" and check "User internal web browser for Cisco Networking Academy login"
 
 ![Login Screen](Screenshots/packettracer-login.png)

Software/Nessus.md

@@ -0,0 +1,89 @@
+---
+Classes:
+  - Networking for Cybersecurity
+---
+
+# Nessus
+Nessus is a proprietary vulnerability scanner.
+
+## Download
+Nessus can be downloaded from https://www.tenable.com/downloads/nessus
+
+### Arch-Based
+No need to download from the website, skip to [Install](#install)
+
+### Debian
+Select "**Linux - Debian - amd64**" to download.
+
+### Fedora
+Select "***Linux - Fedora - x86_64**" to download.
+
+### Mint/Ubuntu 
+Select "**Linux - Ubuntu - amd64**" to download.
+
+### Podman (Universal)
+No need to download from the website, skip to [Install](#install)
+
+## Install
+
+### Arch-Based (AUR Package)
+```sh
+yay -S nessus
+```
+
+### Debian
+Replace `<version-number>` with the version number in the file name
+```sh
+sudo dpkg -i ~/Downloads/Nessus-<version number>-debian6_amd64.deb
+```
+
+Note: By default it will be set to start every boot, to disable that run:
+```sh
+sudo systemctl disable nessusd
+```
+You will still be able to run it as normal.
+
+### Fedora
+Replace `<version-number>` with the version number in the file name
+```sh
+sudo dnf install ~/Downloads/Nessus-<version number>-fc38.x86_64.rpm
+```
+
+### Mint/Ubuntu
+Replace `<version-number>` with the version number in the file name
+```sh
+sudo dpkg -i ~/Downloads/Nessus-<version number>-ubuntu_amd64.deb
+```
+
+Note: By default it will be set to start every boot, to disable that run:
+```sh
+sudo systemctl disable nessusd
+```
+You will still be able to run it as normal.
+
+### Podman (Universal)
+Podman is a container system very similar to docker that lets you run programs in an isolated and self-contained environment. Tenable provides a Nessus container that will let you run Nessus on any linux system.
+
+First install [Podman](../Tools/Podman.md) on your computer.
+
+The container image will automatically be downloaded when you run nessus with:
+```sh
+podman run -p 8834:8834 docker.io/tenable/nessus:latest-ubuntu
+```
+
+## Usage
+### Start (Normal)
+```sh
+sudo systemctl start nessusd
+```
+
+### Start (Podman)
+The command in the install section is the same command to run it, simply leave the console window open. If you wish to run it in the background add the `-d` (detach) flag like so:
+```sh
+podman run -d -p 8834:8834 docker.io/tenable/nessus:latest-ubuntu
+```
+
+See the document on [Podman](../Tools/Podman.md) to learn how to control a container running in the background.
+
+### Access
+You should now be able to access it on https://localhost:8834/

Software/Postgresql.md

@@ -47,6 +47,20 @@ host  all  all ::1/128  ident
 
 Make sure the last item on each line (in this case `ident`) is changed to `md5`. Then restarted the database `sudo systemctl restart postgresql.service`
 
+### Podman (Universal)
+Podman is a container system very similar to docker that lets you run programs in an isolated and self-contained environment. 
+
+First install [Podman](../Tools/Podman.md) on your computer.
+
+The container image will automatically be downloaded when you run postgres database with:
+```sh
+podman run -d --name postgres -p 5432:5432 -e POSTGRES_PASSWORD=mysecretpassword docker.io/library/postgres:latest
+```
+
+Checkout the [Podman document](../Tools/Podman.md) to learn how to manage containers.
+
+**Note:** You can skip the Setup stage below, it is already setup inside the container
+
 ## Setup
 First make sure postgres is running:
 ```sh
@@ -86,7 +100,7 @@ pgAdmin is a graphical interface to configure and query postgresql.
 Most linux distributions don't include pgAdmin from their default repositories, but we can either use pgAdmin's official repositories, or it is available as a flatpak:
 
 ### Flatpak (universal)
-If you wish to install through flatpak ensure flatpak is setup, see [Flatpak](Flatpak.md) for details if not.
+If you wish to install through flatpak ensure flatpak is setup, see [Flatpak](../Tools/Flatpak.md) for details if not.
 
 If you have a graphical software manager/store it should be available there, to install via command-line:
 ```sh

Software/VMWareWorkstation.md

@@ -19,15 +19,17 @@ Most Linux distributions use systemd, but if yours doesn't you will not be able
 
 VMWare Workstation requires the kernel headers and `pkexec` to be installed, the exact packages required may depend on your distribution, but here are some common ones:
 
-Debian/Ubuntu/Mint:
+#### Debian/Ubuntu/Mint:
 ```sh
 sudo apt install linux-headers-generic pkexec
 ```
-Fedora: (pkexec is apart of the `polkit` package, which should be installed)
+#### Fedora: 
+pkexec is apart of the `polkit` package, which should be installed
 ```sh
 sudo dnf install kernel-headers
 ```
-Arch-based: (pkexec is apart of the `polkit` package, which should be installed)
+#### Arch-based: 
+pkexec is apart of the `polkit` package, which should be installed
 ```sh
 sudo pacman -S linux-headers
 ```

Software/VirtualMachineManager.md

@@ -9,7 +9,7 @@ If your distribution has a Graphical software manager/store, you can likely sear
 If not, or you wish to install it via command-line, see below:
 
 ### Flatpak (universal)
-If you wish to install through flatpak ensure flatpak is setup, see [Flatpak](Flatpak.md) for details if not.
+If you wish to install through flatpak ensure flatpak is setup, see [Flatpak](../Tools/Flatpak.md) for details if not.
 ```sh
 flatpak install flathub org.virt_manager.virt-manager
 ```

Software/VisualSyslog.md

@@ -0,0 +1,13 @@
+---
+Classes:
+  - Networking for Cybersecurity
+---
+
+# Visual Syslog
+Visual Syslog Server for Windows is a free open source program to receive and view syslog messages.
+
+Unfortunately this software is windows-only. 
+
+It does run in Wine/Bottles on linux but due to permissions you can't use low numbered ports (port 1024 and lower), and the default is 514. You can change the used port in the software, but the routers we used in this class would not let you change the port they were sending to. If that isn't an issue for you, see the [Wine Document](../Tools/Wine.md).
+
+Otherwise you will just have to run this inside a [Windows VM](../Recommendations/GeneralRecommendations.md#windows-virtual-machine) and either pass-through your USB Ethernet Adapter, run the VM's network device in bridged mode, or forward port 514. The first option being the simplest by far. 

Tools/Distrobox.md

@@ -0,0 +1,58 @@
+# Distrobox
+Allows the installation of software available on other distributions.
+
+Under the hood distrobox is creating containers (similar to but much lighter and more integrated than a Virtual Machine) of a different linux distribution, letting your install software from that distro in that container.
+
+The major difference between distrobox and a normal containers is that:
+1. Your home folder is shared with the containers to better integrate with your system and desktop environment.
+2. distrobox has functions to export programs that are installed in the container to make it available to your normal system. 
+
+**Note:** While containers are often used to provide some security by separating programs from your main system, this is not the case or goal of distrobox. The goal of distrobox is to integrate the container with your system to make it like a normal program as much as possible, thus you don't gain the normal security benefits, but it is not any more dangerous than a normal program.
+
+## Install
+Simply install distrobox from  your system's package manager:
+
+### Arch-Based
+```sh
+sudo pacman -S distrobox
+```
+
+### Debian/Ubuntu/Mint
+```sh 
+sudo apt install distrobox
+```
+
+### Fedora
+```sh
+sudo dnf install distrobox
+```
+
+## Container Backend
+Note that distrobox also requires a backend to create and run containers, I highly recommend podman.
+
+See the [Podman Document](Podman.md) for install instructions.
+
+## Usage
+
+See the official docs for usage info https://distrobox.it/#quick-start 
+
+Or see [Distroshelf](#distroshelf) below for a nice Graphical Interface.
+
+# Distroshelf
+Distroshelf is a nice Graphical Interface to manage and create distrobox containers
+
+**Note**: distrbox and podman still need to be install on your system, this is simply a graphical interface.
+
+## Install 
+
+### Flatpak (Universal)
+Requires [Flatpak](Flatpak.md) to be installed and setup. You should be able to install it through your Graphical Package Manager, otherwise use the command below:
+
+```sh
+flatpak install com.ranfdev.DistroShelf
+```
+
+### Arch-Based (AUR Package)
+```sh
+yay -S distroshelf
+```

Tools/Flatpak.md

@@ -0,0 +1,41 @@
+# Flatpak
+Software packaging system that is available on all linux distributions and runs the software in a isolated (given access where needed) environment.
+
+## Setup
+You can follow the instructions to set it up for your distro from here, which includes installing flatpak, and adding the flathub repository https://flatpak.org/setup/
+
+### KDE Plasma
+**Note:** Flatpak comes already setup on Fedora
+
+In plasma you can setup flatpak through the Discover app:
+
+First in settings, scroll to the bottom and click the install button next to the "Integrates Flatpak applications into Discover"
+
+**Make sure to not select the one for Snap**
+
+![Flatpak Install Button](Screenshots/flatpak-install.png)
+
+Now **close and re-open Discover**, navigate back to settings and you should have the option to add Flathub, click that.
+
+![Add Flathub](Screenshots/flatpak-flathub.png)
+
+Then **log out** and back in (or restart), you should now see this in setting and you will also find flatpak software when searching discover.
+
+![Flatpak setup](Screenshots/flatpak-setup.png)
+
+## Usage
+
+There are a number of Graphical Applications that let you browse, install and remove flatpak software:
+
+1. Discover
+   - The software manager for KDE Plasma
+2. GNOME Software
+   - The software manager for GNOME, can be installed on other Desktop Environments
+3. [Bazaar](https://flathub.org/en/apps/io.github.kolunmi.Bazaar)
+   - Flatpak manager
+   - Can be installed with `flatpak install io.github.kolunmi.Bazaar` once flatpak is setup
+
+## Permissions
+By default flatpak programs are only given access to the systems and files they need to function. Sometimes you may need to adjust what it has access to though.
+
+The easiest way to do so is to use the [Flatseal](https://flathub.org/en/apps/com.github.tchx84.Flatseal) program, which is easy to install with flatpak.

Tools/Podman.md

@@ -0,0 +1,76 @@
+# Podman
+Podman is a container system very similar to docker that lets you run programs in an isolated and self-contained environment. A number of programs, usually those with Web Interfaces can be run with podman.
+
+Podman is built to be a drop-in replacement for Docker, so if you see something that can be run with docker, you can usually just replace "docker" with "podman" and it will work. 
+
+Podman has 2 main advantages over Docker:
+1. Due to licensing podman is easier to install on Linux, since it is just packaged as normal software.
+2. Podman is setup to run without root permissions by default, which generally makes it more secure, and means a user does not need root permissions on their system to use it.
+
+## Install
+Podman can be installed by the package manager on your system:
+
+### Arch-Based:
+Select `crun` if asked
+```sh
+sudo pacman -S podman
+```
+
+### Debian/Mint/Ubuntu
+```sh
+sudo apt install podman
+```
+
+### Fedora
+```sh
+sudo dnf install podman
+```
+
+## Run a container
+A container is simply run with the `podman run` command.
+
+For example, to run the simple debian container from the Docker Hub (https://hub.docker.com/_/debian), you would run the following:
+```sh
+podman run docker.io/library/debian:latest
+```
+
+You man want to expose ports from inside the container onto your computer (so the port can be accessed from outside the container), for example if there is a webserver running in that container you could expose port 80 to port 80 on your computer by adding `-p 80:80` like so:
+
+```sh
+podman run -p 80:80 docker.io/library/debian:latest
+```
+
+### DockerFile
+
+More commonly projects will provide a DockerFile, which you can just download, when in the directory with that file just run `podman run` and it will use the information from that file.
+
+### Compose
+You may also see compose files provided for docker projects, for that you will probably need to install the separate `podman-compose` package, and then `podman-compose` can just be used in place of `docker compose` or `docker-compose`. 
+
+For example, being in a directory with a compose file, you can run `podman-compose up` to start the program.
+
+## Manage Containers
+### View running containers
+You can see all running podman containers with 
+```sh
+podman ps
+```
+
+You can additionally view all containers (including stopped) with
+```sh
+podman ps -a
+```
+
+### Stop a container
+After running `podman ps` you can see a container's id, and you can use that id to control it. 
+
+For example you can stop it with
+```sh
+podman stop <id> 
+```
+
+### Delete a container
+You can also delete a stopped container with
+```sh
+podman rm <id>
+```

Tools/Wine.md

@@ -0,0 +1,53 @@
+# Wine
+Wine is a tool that allows windows programs to be run on Linux. 
+
+It is worth noting that Wine does not use virtualization, it directly translates the calls a program is normally making to the Windows kernel into the language understood by the Linux kernel, and vice versa.
+
+## Install 
+Note: The wine package is not required by [Bottles](#bottles) as it has its own versions of Wine, but **if you're not installing the flatpak version**, I **recommend** installing it as it gives access to the latest version of Wine to Bottles.
+
+### Arch-Based
+```sh
+sudo pacman -S wine
+```
+
+### Debian/Mint/Ubuntu 
+As noted above, since bottles will be installed through flatpak there is no use in installing Wine here for bottles.
+```sh
+sudo apt install wine
+```
+
+### Fedora
+```sh
+sudo dnf install wine
+```
+
+# Bottles
+There are a number of programs to manage Wine programs, personally I have found Bottles to be the best experience and what I am recommending here.
+
+## Install
+Bottles is packaged on some distributions and is also available as a [Flatpak](Flatpak.md).
+
+You should be able to install bottles through whatever graphical software manager/store is on your system. 
+
+If that is not available or you just want to install via command-line, see below:
+
+### Flatpak (universal)
+```sh
+flatpak install com.usebottles.bottles
+```
+
+### Arch-Based (AUR Package)
+```sh 
+yay -S bottles
+```
+
+### Debian/Mint/Ubuntu
+Bottles is not packaged, use the Flatpak.
+
+### Fedora
+```sh
+sudo dnf install bottles
+```
+
+## Usage