Customer Service or Enrol: 0800 282 353 or +44 1372 364610
 

UNIX® and Linux® Security: Hands-On
Protecting Against System and Network Intrusion

Course: 433   Type: Hands-On   Duration: 4 Days
Quick Enrol  

You Will Learn How To

  • Secure UNIX and Linux systems from internal and external threats
  • Control authenticated access to local and remote resources
  • Scan servers for vulnerabilities and correct the problems that are found
  • Reduce security risk by limiting superuser privileges
  • Configure tools and utilities to minimise exposure and detect intrusions
  • Tackle security problems by swapping out insecure software components

Course Benefits
The UNIX family of operating systems, including the Linux versions, is prized by IT professionals for its flexibility and openness. However, vulnerabilities can make UNIX systems susceptible to information assurance threats. In this course, you gain the skills needed to secure your UNIX and Linux platforms. You learn to use tools and utilities to assess vulnerabilities, detect threats and provide effective access controls.

Who Should Attend
UNIX systems administrators and others responsible for deploying secure open systems. Course 428, "UNIX Comprehensive Introduction", or Course 143, "Linux Comprehensive Introduction", or equivalent experience is required.

Hands-on Training
Hands-on experience in securing UNIX and Linux systems is provided throughout this course using Red Hat® Enterprise Linux®, Solaris and BSD. Exercises include:
  • Scanning systems for network vulnerabilities with Nessus
  • Detecting weak configuration settings with Sussen
  • Analysing compromised systems to help prevent attacks
  • Enforcing password quality and user account usage policies with PAM
  • Configuring OpenSSH servers and clients
  • Securing limited administrative privileges with sudo

Course Content
UNIX and Security
Achieving UNIX security
  • Detecting intrusions with audits and logs
  • Avoiding security loopholes
  • Discovering software vulnerabilities and configuration errors
Protecting data and systems with cryptography
  • Pretty Good Privacy (PGP)
  • Gnu Privacy Guard (GnuPG)
  • Authenticity and integrity through digital signatures and cryptographic hashes
Protecting User Accounts and Strengthening Authentication
Controlling secure account usage
  • The UNIX login process
  • Enforcing password quality and account use policy
  • Controlling access with Pluggable Authentication Modules (PAM)
  • Logging all account access and login failures
Monitoring and disabling accounts
  • Tracking account usage
  • Managing user and group IDs
  • How and when to disable accounts
Logging in across the network
  • Risks of application protocols
  • Providing strong user authentication with cryptography and tokens
  • Tunnelling application protocols through SSH
Reducing Exposure to Threats by Limiting Superuser Privileges
Controlling root access
  • Configuring secure terminals
  • Preventing insecure network access
  • Gaining root privileges with su
  • Using groups instead of root identity
Auditing superuser activity
  • Limiting access to privileged accounts
  • Detecting misuse and attacks with log files
Role-based access control (RBAC)
  • Risks of UNIX all-or-nothing access
  • RBAC in Solaris
  • Adding RBAC with sudo
Safeguarding Vital Data by Securing Local and Network File Systems
Directory structure and partitioning for security
  • Files, directories, devices and links
  • Employing read-only file systems
  • Ownership and access permissions
  • Immutable and append-only files
  • Identifying NFS vulnerabilities
Backup and integrity testing
  • Safeguarding backed-up data
  • Detecting intrusions with Tripwire
Hardening UNIX systems
  • Increasing information assurance with yassp, TITAN and Bastille
  • Scanning for network vulnerabilities with Nessus
  • Detecting weak configuration choices with Sussen
Avoiding the Exploitation of Programs
Risks from unwanted program execution
  • Starting programs surreptitiously
  • Running programs as other users
  • Scheduling jobs with cron and at
  • Minimising start-up script vulnerabilities
Reacting to attacks and intrusions
  • Finding signs of intrusion in syslog data
  • Analysing a compromised system
  • Reducing the effects of buffer overflow exploits
Minimising Threats to Network Services
TCP/IP and its security loopholes
  • Sniffing passwords with Ethereal and dsniff
  • Testing network exposure with netstat, lsof and nmap
Securing internal network services
  • Enabling enhanced logging
  • Configuring OpenSSH and OpenSSL
  • Network authentication using Kerberos
  • X Window System vulnerabilities/solutions
Safely connecting to external networks
  • Controlling and logging server access with TCP wrappers and xinetd
  • Reducing information leakage
  • Securing FTP, e-mail and Web access

Related Courses
Linux is a registered trademark of Linus Torvalds. UNIX is a registered trademark of X/Open Company, Limited. Red Hat and Red Hat Enterprise Linux are registered trademarks of Red Hat, Inc. in the United States and other countries.
  

request more info Salutation*:

First Name*:

Last Name*:

Job Title:

Company*:

Post Code*:

Country*:
   Codes
Office Telephone*:

Extension:

E-mail*:

* Required

A Learning Tree representative will contact you to follow up your request for information.

Save 55%
UNIX and Linux Security
Course Schedule
12 - 15 Aug, 2008
London
9 - 12 Dec, 2008
London
31 Mar - 3 Apr, 2009
London

Participants hardening the configuration of their Solaris, Linux and BSD systems.

£ 1,695 - Standard Tuition
Savings Plans
£ 1,080 - 10-Day Training Pass
£ 995 - Flex-Training Passport
£ 1,215 - 10-Training Vouchers
£ 1,300 - 5-Training Vouchers
£ 1,525 - Alumni Gold Tuition

 
Important Course Information
  • This course covers topics tested on the CompTIA Linux+ Certification Exam.
 
Certification Core Course
 
CompTIA Linux plus
 
ISC2 32 A
 
Open Source Software: An Overview and Outlook
 
Customer Service or Enrol: 0800 282 353 or +44 1372 364610