Audience
  Server administrators that find themselves taking on responsibility for Linux servers in addition to or as a replacement for existing servers.
Prerequisites
  Previous server administration experience and basic Linux system administration skills are necessary. It is strongly recommended that students complete a Linux administration course prior to taking this class.
Duration
  Five days.

Outline for Secure Linux Server Techniques for the New Linux Administrator

1. Overview

 

  • Purpose
  • Focus
  • New Linux Administrator Common Pitfalls
  • Security Philosophy
  • Threats
  • Current Security "Hot Spots"
  • Server Security
  • Linux vs. Windows: which is more secure?
  • Linux viruses
  • Windows viruses on Linux

 

 

2. Linux Security Basics

 

  • Users and Groups
    • User Private Group Scheme
    • Tools
    • Adding users
    • Deleting users
    • Files
  • Root Security
    • Caution
    • Login sources
    • Trojans
    • root UID
    • sudo
  • Passwords
    • aging
    • Crack
    • Help! I've forgotten the root password!
    • Physical access
  • Permissions
    • Levels
    • Types
    • chmod
    • chown
    • chgrp
    • world writable files
    • default permissions: umask
    • ACLs
    • SUID, SGID, sticky bit

 

 

3. Installation Considerations

 

  • Partitioning
  • Patches
  • Packages
  • Services
  • clear text protocols

 

 

4. Network Security

 

  • Remote access/administration considerations
  • NFS
  • xinetd
  • tcp wrappers
  • iptables

 

 

5. PAM

 

 

 

6. Cron and at access control

 

 

 

7. Filesystem security

 

 

 

8. Disk quotas

 

 

 

9. Logging

 

  • ntp
  • syslogd
  • chattr

10. Banners

 

11. Server Hardening Help with Bastille

 

12. Monitoring and Audit Tools

 

  • log monitoring
  • port scanning
  • vulnerability testing
  • CIS
  • root kits
  • file integrity checks
  • building a test machine automatically
  • miscellaneous session monitoring utilities
  • process accounting
  • mass monitoring

13. Advanced Topics

  • Kernel 2.6
  • Beyond Bastille

14. Top 10 Linux Security Tips

15. Resources