Ubuntu Server Security Lab

Academic Ubuntu Server security project focused on virtual servers, network configuration, SSH access, Nmap scanning, UFW firewall setup, unattended upgrades, connectivity testing, and technical documentation.

Status: Completed academic project — repository documentation is currently being organized and uploaded.

Project overview

This project documents the analysis and improvement of a server environment based on Ubuntu Server.

The main goal was to improve system security, reduce vulnerabilities, and document the technical process used to configure, update, test, and secure the environment.

The project was developed using virtual machines and focused on practical server administration tasks, including network configuration, connectivity testing, firewall setup, port scanning, and automatic security updates.

Project purpose

The purpose of this project was to document the process of updating and improving an Ubuntu Server environment while applying basic security practices.

The project also aimed to create clear technical documentation that could be used as a learning resource or reference for similar server configuration tasks.

Main objectives

• Document the update and security improvement process for an Ubuntu Server environment.
• Demonstrate how a system can be configured and improved even when starting from an unfamiliar setup.
• Analyze and use tools such as Nmap, UFW Firewall, and Unattended Upgrades.
• Configure communication between virtual Ubuntu Server machines.
• Test connectivity between virtual machines and the physical host.
• Improve the basic security posture of the server environment.

Technical scope

This project includes:

• Ubuntu Server installation and configuration.
• Virtual machine setup using VirtualBox.
• Network configuration between virtual machines.
• Static IP configuration using Netplan.
• Connectivity testing using ping.
• SSH installation and access configuration.
• Nmap installation and network scanning.
• UFW firewall configuration.
• Unattended Upgrades setup for automatic security updates.
• Technical documentation of the process.

Environment

The lab environment was built using:

• Ubuntu Server
• VirtualBox
• Three Ubuntu Server virtual machines
• One physical host machine
• Internal or host-only virtual network configuration

The virtual machines were configured to communicate with each other and with the physical host.

Tools used

Ubuntu Server

Ubuntu Server was used as the operating system for the virtual servers.

VirtualBox

VirtualBox was used to create and manage the virtual machines used in the lab.

OpenSSH

OpenSSH was used to allow remote access and server administration through SSH.

Netplan

Netplan was used to configure network settings and static IP addresses.

Nmap

Nmap was used for network scanning, host discovery, port scanning, and basic service visibility.

UFW Firewall

UFW was used to configure basic firewall rules in Ubuntu Server.

Unattended Upgrades

Unattended Upgrades was used to automate security updates and help keep the system updated without manual intervention.

Repository structure

docs/
commands/
screenshots/
diagrams/

• docs/: project documentation, objectives, technical process, tools, and conclusions.
• commands/: Linux commands used during configuration, testing, and validation.
• screenshots/: visual evidence of the server setup, tool usage, and test results.
• diagrams/: network or infrastructure diagrams related to the virtual lab.

Main implementation steps

1. Create the Ubuntu Server virtual machines.
2. Install Ubuntu Server on each virtual machine.
3. Configure the virtual network.
4. Configure static IP addresses using Netplan.
5. Test connectivity between virtual machines.
6. Test connectivity with the physical host.
7. Install and configure OpenSSH.
8. Install and use Nmap for network scanning.
9. Configure UFW firewall rules.
10. Install and configure Unattended Upgrades.
11. Document the process with screenshots and technical notes.

Example commands

sudo apt-get install nmap
sudo apt install ufw
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow ssh
sudo ufw enable
sudo apt install unattended-upgrades
sudo dpkg-reconfigure -plow unattended-upgrades
sudo netplan apply
ping <target-ip>
nmap <target-ip>

Security focus

The project focused on basic server hardening and security visibility.

The main security actions included:

• Reducing unnecessary exposure through firewall rules.
• Allowing SSH access in a controlled way.
• Scanning ports and hosts using Nmap.
• Enabling automatic security updates.
• Testing network communication before and after configuration.
• Documenting the process to support future maintenance.

Project limitations

This was an academic lab project, not a production infrastructure deployment.

The project does not represent advanced enterprise cybersecurity, full server hardening, cloud deployment, monitoring, backup strategy, or professional incident response.

Its value is focused on practical learning, technical documentation, Linux server basics, network testing, and introductory security configuration.

Learning outcomes

This project helped practice:

• Linux server administration basics.
• Virtual machine configuration.
• Network configuration and troubleshooting.
• SSH access setup.
• Firewall rule configuration.
• Port scanning and basic network analysis.
• Automatic update configuration.
• Technical documentation.

Current repository status

The academic project is completed.

The repository is currently being organized to include:

• Clean technical documentation.
• Commands used during the lab.
• Screenshots of the configuration and validation process.
• Network diagrams or infrastructure notes.