|
Security for Linux and UNIX Systems
Administrators
Living with security threats is a fact of
life for today's system administrators. The Internet provides a huge
range of free security information and tools, but finding the truly
useful sites, wading through the jargon and getting to grips with new
tools is frequently hard and time-consuming. This 2-day course for
system administrators covers security fundamentals, Linux/UNIX security
facilities and powerful, free open-source tools and resources.
Practical
sessions allow students to get hands-on experience of tools, techniques
and vulnerabilities.
Our Linux courses are suitable training for Linux LPI or RedHat Certification
Select here for related courses |
Select here for a list of all courses |
OBJECTIVES OF THE COURSE
To become proficient with the security
aspects of building and maintaining Linux systems.
| COURSE CODE |
LS1 |
TUTORS |
Chris Thomas email |
| DURATION |
2 days |
VENUE |
Harwell Training Centre ** |
| PRICE |
£675
plus VAT * |
BOOKING
CONTACT |
Mick Hosegood email |
| EXPERIENCE LEVEL |
Advanced |
TECHNICAL CONTACT |
Chris
Thomas email |
*see note at bottom for special savings!
for pricing for a course run especially for your organisation, please
use our worksheet **Also available on your site for groups of four to
ten.
COURSE DATES:
Jul 2005
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
Jan 2006
|
Feb |
Mar |
Apr |
May
|
On-site
only
|
- |
- |
-
|
- |
- |
-
|
- |
- |
- |
- |
INTENSITY: About 40% of the course is practicals, and 60% lectures
RESOURCE: Each student will have
exclusive use of a Linux workstation for the duration of the course.
Each student will be provided with a full set of training notes. A full
reference for Linux resources will also be provided.A full range of
networking and other equipment is provided.
PREREQUISITES: You should be up to a
level taught in our Linux
Introduction, Linux/Solaris
Utilities/Shell Programming, Linux
Systems Administration Parts 1 & 2 courses. In addition, you should ideally have
3-4 months practical full-time experience in a Linux administration
environment.
FOLLOW UPS: We can offer Linux
security consulting services, and will next year be introducing a
Building Linux Firewalls course. Our Apache Workshop and Samba Workshop will also be of interest, or
alternatively our Linux Advanced
Systems Administration, if you wish to gain Linux Certification.
You
may find our Perl programming courses very useful if you need to carry
out lots of data manipulation, reporting and shell scripting. Perl Programming Overview
PRACTICALS / TAKEAWAYS: Each student
leaves the course with their own set of training notes for the material
covered; around 120 pages per day of training.
| Every student who attends this course
will be issued with a signed certificate of course completion, which we
will be happy to "authenticate" upon future request. |
| On this course, we hand out a number
of quick reference sheets to each student on subjects such as vi and
Linux commands. |
SOFTWARE VERSIONS: RedHat and SuSe
Linux are used for hands-on sessions. Content covers popular UNIX and
Linux distributions.
All the software used on this course is
readily available at very low cost (or sometimes free) from various
sources, which we will give full details of during the course.
TOPICS COVERED ON THE COURSE
Jargon
Security jargon often obscures straightforward concepts. The course
explains jargon and takes a 'no nonsense' approach to its use.
Attackers & Attacks
Understanding attack strategies helps in evaluating risks and
implementing solutions. Where attacks come from, who performs them and
why.
Living with security
Dealing with security issues throughout the system lifecycle. Ground
rules for administering secure systems. Keeping up-to-date. Risk
assessment. Incident Handling. Patching, testing and staging. Useful
information sources.
Boot Security and Physical Security
Understanding boot and system initialisation. Securing the bios, boot
loader and initialisation scripts. Effective physical security.
Application Security
Understanding and avoiding application attacks such as buffer
overflows, format string problems and race conditions. Identifying and
securing common weaknesses in Web applications.
Open-Source Security Tools
Hands-on sessions cover securing systems using free tools such as nmap
port scanner, Nessus network vulnerability detector, the chroot
facility
and the Linux Security Auditing Tool (LSAT).
Authentication
Authentication in UNIX and Linux. Addressing the weaknesses of accounts
and passwords. Passwords cracking with Crack and John the Ripper.
Privilege escalation attacks.
Authorisation
All you need to know about permissions, users and groups. Understanding
and protecting against authorisation attacks such as SUDO bypass, link
abuse, setUID manipulation and race conditions.
Encryption
Fundamentals of public key and private key cryptography. Strengths and
weaknesses. PKI, certificates, SSL etc.
X Windows security
Understanding and addressing the limitations of X Windows, which is
used by all Linux and UNIX desktops.
|
Home 