Company Profile Newsletter IT Training Business Training Coaching Consulting Schedule Accreditations Contact Us
Popular Topics:
SharePoint Training Crystal Reports Training Photoshop Training Oracle Training Microsoft Excel Training
Project Management Training Finance Training Effective Management Training
Oracle Database 11g: SQL Fundamentals I 
Print PageLINUX LEVEL 3 – LINUX SECURITY
Description:
This course provides participants with the knowledge to perform system administration tasks relating to kernel management and system security. These topics include the proc filesystem configuration, kernel rebuilds and backups as well as log file maintenance. The course moves into security issues including physical security of the host and console, user and system accounts, network and firewall security and software security. The course ends with intrusion detection techniques.
- Cost: Price on application
- Duration: 5 days
- This course is not available as part of our public schedule but can be provided on a customised client specific basis.
Prerequisites:
Linux Level 2 or equivalent experience.
The proc File System :
What is the proc File System?
Viewing System Information
Viewing Process Information
Viewing and Changing Kernel Features
The sysctl Command
The /etc/sysctl.conf File
Viewing System Information
Viewing Process Information
Viewing and Changing Kernel Features
The sysctl Command
The /etc/sysctl.conf File
Loadable Kernel Modules :
What are Loadable Kernel Modules?
Loading LKMs
Displaying LKMs
Unloading LKMs
Loading Modules that have Dependencies
Loading LKMs
Displaying LKMs
Unloading LKMs
Loading Modules that have Dependencies
Rebuilding the Kernel :
Kernel Source Files
Extract the Source Files
Apply the Patch Files
Initial Configuration Steps
Configure the 2.4 Kernel
Configure the 2.6 Kernel
Building the Kernel
Using the New Kernel
Building a Red Hat Enterprise Linux Kernel
Kernel Parameters
Extract the Source Files
Apply the Patch Files
Initial Configuration Steps
Configure the 2.4 Kernel
Configure the 2.6 Kernel
Building the Kernel
Using the New Kernel
Building a Red Hat Enterprise Linux Kernel
Kernel Parameters
Log File Administration :
System Log Daemons
The /etc/syslog.conf File
The /etc/sysconfig/syslog File
Default System Log Files
Using logrotate to Maintain Log Files
Using logwatch to Monitor Log Files
Using redhat-logviewer to Monitor Log Files
Generating Messages with logger
The /etc/syslog.conf File
The /etc/sysconfig/syslog File
Default System Log Files
Using logrotate to Maintain Log Files
Using logwatch to Monitor Log Files
Using redhat-logviewer to Monitor Log Files
Generating Messages with logger
Backups :
Backing Up Data
Backup Media
Backup Methods
Device Files
Using the dump and restore Commands
Using the tar Commands
Using the gzip Command
Using the zip Command
Using the bzip2 Command
Using the cpio Command
Additional Utilities
Backup Media
Backup Methods
Device Files
Using the dump and restore Commands
Using the tar Commands
Using the gzip Command
Using the zip Command
Using the bzip2 Command
Using the cpio Command
Additional Utilities
Security Overview :
What is Security?
Balance
Staying Up to Date
Documentation
Thinking like the Enemy
What is a Security Policy?
Step 1 - Initially Secure the System
Step 2 - Maintain System Security
Step 3 - Recovery
Balance
Staying Up to Date
Documentation
Thinking like the Enemy
What is a Security Policy?
Step 1 - Initially Secure the System
Step 2 - Maintain System Security
Step 3 - Recovery
Physical Security :
What is Physical Security?
Access Protection
Protecting BIOS
Protecting the Boot Loader
Disabling Reboots
Using vlock
Devices
Natural Disasters
Hardware Error
Theft
Access Protection
Protecting BIOS
Protecting the Boot Loader
Disabling Reboots
Using vlock
Devices
Natural Disasters
Hardware Error
Theft
Securing User Accounts :
Account Names
Mail Aliases
The /etc/passwd, /etc/shadow, /etc/group and /etc/gshadow Files
Displaying User Information
Users and their Passwords
Users with no Passwords
Forcing Users to Change their Password
Preventing Users from Changing their Password
Application Accounts
Same UID, Multiple User Accounts
Setting Accounts Defaults
Process Accounting
Tools
Mail Aliases
The /etc/passwd, /etc/shadow, /etc/group and /etc/gshadow Files
Displaying User Information
Users and their Passwords
Users with no Passwords
Forcing Users to Change their Password
Preventing Users from Changing their Password
Application Accounts
Same UID, Multiple User Accounts
Setting Accounts Defaults
Process Accounting
Tools
Securing System Accounts :
Securing the Root Account
Root Password and Name
The root`s PATH Variable
Physically Protecting the root Account
Disallowing root Access
Limiting Access to root via su
Enabling Automatic Logouts
Granting root Access via the sudo Command
Securing System Accounts
Root Password and Name
The root`s PATH Variable
Physically Protecting the root Account
Disallowing root Access
Limiting Access to root via su
Enabling Automatic Logouts
Granting root Access via the sudo Command
Securing System Accounts
Securing The Filesystem :
File Permissions and Ownership
Disk Space Usage
Securing crontab and at
File Attributes
File System mount Options
Tools
Disk Space Usage
Securing crontab and at
File Attributes
File System mount Options
Tools
PAM :
What is PAM?
Syntax of PAM configuration files
PAM categories
PAM controls
PAM Modules
Using PAM to alter the password policy
Using PAM to provide resource limits
Using PAM to limit services
Using PAM to limit access time to services
Disabling console privileges
Other PAM features
Syntax of PAM configuration files
PAM categories
PAM controls
PAM Modules
Using PAM to alter the password policy
Using PAM to provide resource limits
Using PAM to limit services
Using PAM to limit access time to services
Disabling console privileges
Other PAM features
TCP Wrappers :
The configuration files
Syntax of /etc/hosts.allow and /etc/hosts.deny
Using tcp_wrappers banners
Logging tcp_wrappers connections
Avoiding using two configuration files
Using spawn and twist
Additional tcp_wrappers options
Syntax of /etc/hosts.allow and /etc/hosts.deny
Using tcp_wrappers banners
Logging tcp_wrappers connections
Avoiding using two configuration files
Using spawn and twist
Additional tcp_wrappers options
Firewalls :
Kernel level firewalls in Linux
Overview of iptables
Overview of filtering packets
Filtering incoming packets on the local system
Filtering outgoing packets on the local system
Using NAT
Saving tables
Overview of iptables
Overview of filtering packets
Filtering incoming packets on the local system
Filtering outgoing packets on the local system
Using NAT
Saving tables
The xinetd Service :
The /etc/xinetd.conf File
The /etc/xinetd.d Directory
Important Attributes for xinetd-based Services
Additional xinetd Considerations
The /etc/xinetd.d Directory
Important Attributes for xinetd-based Services
Additional xinetd Considerations
Intrusion Detection :
Performing the intrusion detection
Monitoring network activity
Probing for modified files
Third party tools
Monitoring network activity
Probing for modified files
Third party tools