WA1245 Secure Linux Server Techniques for the New Linux Administrator
1. Overview
  • Purpose
  • Focus
  • New Linux Administrator Common Pitfalls
  • Security Philosophy
  • Threats
  • Current Security "Hot Spots"
  • Server Security
  • Linux vs. Windows: which is more secure?
  • Linux viruses
  • Windows viruses on Linux
2. Linux Security Basics
  • Users and Groups
    • User Private Group Scheme
    • Tools
    • Adding users
    • Deleting users
    • Files
  • Root Security
    • Caution
    • Login sources
    • Trojans
    • root UID
    • sudo
  • Passwords
    • aging
    • Crack
    • Help! I've forgotten the root password!
    • Physical access
  • Permissions
    • Levels
    • Types
    • chmod
    • chown
    • chgrp
    • world writable files
    • default permissions: umask
    • ACLs
    • SUID, SGID, sticky bit
3. Installation Considerations
  • Partitioning
  • Patches
  • Packages
  • Services
  • clear text protocols
4. Network Security
  • Remote access/administration considerations
  • NFS
  • xinetd
  • tcp wrappers
  • iptables
5. PAM
6. Cron and at access control
7. Filesystem security
8. Disk quotas
9. Logging
  • ntp
  • syslogd
  • chattr
10. Banners
11. Server Hardening Help with Bastille
12. Monitoring and Audit Tools
  • log monitoring
  • port scanning
  • vulnerability testing
  • CIS
  • root kits
  • file integrity checks
  • building a test machine automatically
  • miscellaneous session monitoring utilities
  • process accounting
  • mass monitoring
13. Advanced Topics
  • Kernel 2.6
  • Beyond Bastille
  • Advanced Auditing
14. Top 10 Linux Security Tips
15. Resources