Linux Security

Revision: TE1406_20071004

(8.76 KB) View, Download, or Print Catalog as a PDF.

Course Length:

5 Days

Course Description:

This course provides an introduction to installing, configuring, and maintaining Linux systems from a security perspective. It serves as an administrative guide to implementing security and security tools on Linux. This course will not teach you how to break into systems, although some obvious tricks are described to heighten your awareness. And provide a framework - a foundation if you will - that will allow you to learn more and be as dynamic as the field of computer security itself.

Who Should Attend:

Linux/Unix System administrators who want to ensure the integrity and security of their networks and Linux systems will benefit from this course.

Benefits of Attendance:

Upon completion of this course, students will be able to:

• Identify how intrusions happen
• Secure the physical hardware
• Secure the operating system and networks form intrusions
• Maintain and monitor secured systems and networks

Prerequisites:

Attendees must have basic knowledge of Unix/Linux commands. System Administrative experience is a plus.

Course Outline:

• OVERVIEW
  1. Why we need security
  2. Is it really secure?
  3. Technical, Social and Physical Attacks
  4. Identifying a Security Policy
  5. What are you protecting?
  6. Integrity
  7. Hardware Integrity
  8. Restricting the Boot Process
  9. BIOS
  10. Password Protecting LILO
  11. Boot Loader
  12. Password Protecting the GRUB Boot Loader
  13. Single user mode
  14. Security of local devices
  15. Software and data integrity
  16. Search Engines
  17. Domain Registrars
  18. Regional Internet Registries
  19. DNS Reverse-Lookups
  20. Mail Exchange
  21. Zone Transfers
  22. ping and ping Sweeping
  23. Port Scanning
  24. Fingerprinting
  25. traceroute
  26. Establish Sound Password Policies
  27. Control the Root Password
  28. Monitor Non-console Root Logins
  29. Eliminate Generic Accounts
  30. Manage Access Information Availability
  31. Secure Network Services
  32. Detecting Physical Security Compromises
• UNDERSTANDING DISCRETIONARY ACCESS CONTROL
  1. What is SELinux?
  2. NSA SELinux future direction
  3. File System Concepts
  4. File System Structure
  5. Filesystem Types
  6. File Types
  7. Login process
  8. Access startup files
  9. Trusted hosts and user access control
  10. rlogin
  11. rexec
  12. finger
  13. Remote Host Printing
  14. Linux Permissions
  15. User Account Controls
  16. File Permission Applications
  17. Change file permissions
  18. Special Privilege Access
  19. umask
  20. cron
  21. at and batch tools
  22. Audit, syslog
  23. Getting to Know the Shell
  24. The standard input/output (I/O) file
  25. Redirection of standard input and output files
  26. Appending the standard output file
  27. Pipes Appending the standard output file
  28. The standard error file
  29. Quoting mechanisms
  30. The shell prompt variables
  31. File name generation characters
  32. Aliases
  33. Functions
  34. History
  35. Editing the command line
  36. Discretionary Access Control Lab
• INSTALLATION AND CONFIGURATION
  1. Partitions & Filesystems
  2. kickstart
  3. Installing Linux
  4. Hardware Requirement
  5. Software Requirement
  6. Patch Control
  7. RedHat Package Manager (RPM)
  8. Using RPM
  9. Installing, upgrading Package
  10. Querying Packages
  11. The X Window System
  12. Installing XFree86
  13. Configuring Xfree86
  14. X Fonts
  15. The X Font Server
  16. The .Xresources file
  17. The X Display Manager
  18. Customizing xdm
  19. Customizing GDM
  20. Customizing Window Manager Environment
  21. xvidtune
• DEFINING NETWORK SERVICES
  1. Introduction
  2. Future is more secure with IPv6
  3. IP Addresses
  4. TCP/IP Protocol Family
  5. The TCP/IP Model Layers
  6. Remote Procedure Call (RPC)
  7. Ports
  8. Trusted hosts & related commands
  9. ftp
  10. telnet
  11. Domain Name System (DNS)
  12. NIS
  13. DHCP
  14. DHCP Client
  15. Electronic Mail
  16. sendmail
  17. SNMPD
  18. X Windows & remote X Clients
  19. UUCP
  20. System Logging Daemon (syslogd)
  21. The /etc/syslog.conf File
  22. SSL, S-HTTP and S/MIME
  23. PCNFS
  24. Samba
  25. Defining network services Labs
  26. X Windows & remote X Clients
• PASSWORD SECURITY AND ENCRYPTION
  1. Stronger Passwords
  2. Cryptography
  3. PGP
  4. Installation of PGP
  5. Basic Configuration
  6. Creating the Pair of Keys
  7. Adding keys to a Ring
  8. Removing Keys from a Ring
  9. Extracting a Key
  10. Content of a Ring
  11. Encoding a Message
  12. Encoding a Message for Several Recipients
  13. How to Sign a Message
  14. Decoding
  15. Dealing with Text Files
  16. Using PGP in Shells
  17. ssh (Secure Shell) and stelnet
  18. PAM - Pluggable Authentication Modules
  19. Linux IPSEC Implementations
  20. Using ipsec_tunnel with FreeS/WAN
  21. Using ipsec_tunnel with WatchGuard Firebox System 5.0
  22. Cryptographic IP Encapsulation (CIPE)
  23. Kerberos
• UNIX AND NETWORK SECURITY TOOLS
  1. Sniffers and scanners
  2. Dig
  3. nmap – scanner
  4. crack – remote hacking
  5. SATAN – scanning tool
  6. showmount, war-dialing
  7. ARP redirect
  8. traceroute, tcpdump
  9. ping - scanner
  10. System Services and tcp_wrappers
  11. Sendmail Wrapper Program
  12. Firewalls
  13. Virtual Private Network (VPN)
  14. Network Filesytem (NFS)
  15. Denial of Service Attacks
  16. Tripwire
  17. Intruder Alert (ITA)
  18. ifstatus and cmp
• SYSTEM ADMINISTRATION
  1. System Runlevels and /etc/rc*
  2. The /etc/inittab File, ifconfig, route, netstat, whois, host
  3. sudo, /etc/sudoers
  4. Securing Portmap
  5. Utilizing system logs
  6. System Administration labs