DESCRIPTION Linux Security is a course that gives extensive practical hands-on experience in the use of security scanning software to identify loopholes in a typical Linux system. Organizations throughout the world are adopting Linux as their production platform. By connecting to the Internet to provide critical services, they also become targets of opportunity. To help protect these Linux systems, this course covers the basics of securing a Linux box

ASSUMED KNOWLEDGE Working experience with preferably UNIX/Linux.

WHAT YOU WILL LEARN Implement an overall security policy Identify security holes Implement hardware, BIOS, LILO, and session security Implement password security Monitor system logs to detect possible problems Install security patches To armor the operating system. Armoring consists mainly of turning off services, adding logging, tweaking several files, and configuring TCP Wrappers Enable logging Encrypt all communication between you and the firewall using SSL

OUTLINES

Introduction to system security
Is your system secure ?
Action to take when you detect a break in.
TCP Wrappers and Inetd / Xinetd
Controlling resources using Pluggable Authentication Modules
Collecting system information

Vulnerabilities of Linux services:

• Mail Transport Agents: Sendmail, POP, Qmail
• DNS, Bind
• RPC and NFS
• lpd / CUPS
  

Hardening your Linux system:

• File system security review
• Kernel hardening
• Introduction to system hardening using Bastille
  

Firewall

• IP Tables
• Circuit Level Proxy/Gateway
• Application Level Proxy/Gateway
• Transparent Proxy
• Private IP addresses (RFC 1918)
• Network Address Translation (NAT) / Masquerading
• SSL
• IPSEC
• Virtual Private Networks (VPN)
  

Attacks

• IP spoofing / Sequence Number Attack
• DNS spoofing
• SYN flooding
• Ping of Death
• Internet worm
  

---

---

FDDI Institute
De Regenboog 11 - 2800 Mechelen - Belgium - Europe
Tel 32 15 24 50 58 - Fax 32 15 25 10 50