Secure Linux Server Techniques for the New Linux Administrator Training

Course #:WA1245

Secure Linux Server Techniques for the New Linux Administrator Training

In this intensive 5 day class, students will learn about basic, intermediate, and advanced Linux security techniques. Attention is focused on hands on lab exercises where students implement the techniques with real-life scenarios.

Audience
  Server administrators that find themselves taking on responsibility for Linux servers in addition to or as a replacement for existing servers.
Prerequisites
  Previous server administration experience and basic Linux system administration skills are necessary. It is strongly recommended that students complete a Linux administration course prior to taking this class.
Duration
  Five days.

Outline of Secure Linux Server Techniques for the New Linux Administrator Training

1. Overview

 

  • Purpose
  • Focus
  • New Linux Administrator Common Pitfalls
  • Security Philosophy
  • Threats
  • Current Security "Hot Spots"
  • Server Security
  • Linux vs. Windows: which is more secure?
  • Linux viruses
  • Windows viruses on Linux

 

 

2. Linux Security Basics

 

  • Users and Groups
    • User Private Group Scheme
    • Tools
    • Adding users
    • Deleting users
    • Files
  • Root Security
    • Caution
    • Login sources
    • Trojans
    • root UID
    • sudo
  • Passwords
    • aging
    • Crack
    • Help! I've forgotten the root password!
    • Physical access
  • Permissions
    • Levels
    • Types
    • chmod
    • chown
    • chgrp
    • world writable files
    • default permissions: umask
    • ACLs
    • SUID, SGID, sticky bit

 

 

3. Installation Considerations

 

  • Partitioning
  • Patches
  • Packages
  • Services
  • clear text protocols

 

 

4. Network Security

 

  • Remote access/administration considerations
  • NFS
  • xinetd
  • tcp wrappers
  • iptables

 

 

5. PAM

 

 

 

6. Cron and at access control

 

 

 

7. Filesystem security

 

 

 

8. Disk quotas

 

 

 

9. Logging

 

  • ntp
  • syslogd
  • chattr

10. Banners

 

11. Server Hardening Help with Bastille

 

12. Monitoring and Audit Tools

 

  • log monitoring
  • port scanning
  • vulnerability testing
  • CIS
  • root kits
  • file integrity checks
  • building a test machine automatically
  • miscellaneous session monitoring utilities
  • process accounting
  • mass monitoring

13. Advanced Topics

  • Kernel 2.6
  • Beyond Bastille

14. Top 10 Linux Security Tips

15. Resources

 

We regularly offer classes in these and other cities. Atlanta, Austin, Baltimore, Calgary, Chicago, Cleveland, Dallas, Denver, Detroit, Houston, Jacksonville, Miami, Montreal, New York City, Orlando, Ottawa, Philadelphia, Phoenix, Pittsburgh, Seattle, Toronto, Vancouver, Washington DC.