Securing a Linux Server

Level

Securing a Linux Server

Aikona
Logo Aikona

Need more information? Get more details on the site of the provider.

Starting dates and places

There are no known starting dates for this product.
  • View related products with starting dates: Linux.

Description

Overview

Linux server has proven itself as a powerful, stable, fast and scalable IT platform for both small-to-medium enterprise and large organisations, where data, network, high availability storage and other server-type provisioning installations are routinely served by Linux.
This course will build on the experience, knowledge and capabilities of the delegates, who - most likely - will have installed and managed a Linux machine(s) for a period of time. During this event, we will step through most of the system and server administration and maintenance tasks, this time concentrating on security aspects of the configuration, lock down techniques, and best practices for fine-tuning a system…

Read the complete description

Frequently asked questions

There are no frequently asked questions yet. If you have any more questions or need help, contact our customer service.

Didn't find what you were looking for? See also: Linux, CompTIA A+ / Network+ / Security+, IT Security, Software / System Engineering, and Security.

Overview

Linux server has proven itself as a powerful, stable, fast and scalable IT platform for both small-to-medium enterprise and large organisations, where data, network, high availability storage and other server-type provisioning installations are routinely served by Linux.
This course will build on the experience, knowledge and capabilities of the delegates, who - most likely - will have installed and managed a Linux machine(s) for a period of time. During this event, we will step through most of the system and server administration and maintenance tasks, this time concentrating on security aspects of the configuration, lock down techniques, and best practices for fine-tuning a system in order to make it as secure as relevant and possible.


The course is a follow up to the “Essential Linux Administration”, “Advanced Linux Administration” and “Building a Linux Server” training path.

Target audience
Experienced Linux system and network administrators, analysts, or system architects responsible maintaining and securing servers based on a Linux operating systemDelegates will also be expected to be familiar with the basics of IT security and data encryption concepts, as provided by the “Information Security Fundamentals” course

Prerequisites

  • Delegates should have previously attended the Building a Linux Server and Information Security Fundamentals courses (or have equivalent knowledge) and have several months practical experience of administering a Linux system
  • Alternatively, they must be able to demonstrate a solid experience (typically several years) of any UNIX system administration and server maintenance

Delegates will learn how to

  • Analyse the physical computer issues
  • Protect Linux server at the GRUB level
  • Appreciate a perimeter network concepts and protection
  • Configure and use iptables firewall
  • Implement jail environment with chroot
  • Use SSH for seamless and secure connectivity
  • Manage services as part of security proofing and tie down
  • Implement and control basic SELinux policy
  • Authentication Methods and Techniques

Course Outline.

Getting Started
Linux server market; Introduction to distributions considered in this course; Red Hat, SUSE and Debian derivatives; Understand your kernel; Web resources and forums

Physical and OS Security of Linux
Computer hardware; Location and environment; Network topology; Hardware and software inventory; BIOS security; BIOS updates and configuration; Bootstrapping protection; Securing access to GRUB and the kernels; Password-protecting LILO; UEFI secure boot specification

SSH Hints and Tricks
SSH purpose; Recap of basic SSH use; SSH client and server configuration ; Using SSH keys; Creating public/private key pair; Configuring and using SSH agent; Tunnelling X application in SSH; Port forwarding; Principles of local and remote port forwarding; Forwarding through a firewall and multiple gateways; SSH and VNC

Introduction to SELinux
DAC vs. MAC security policies; Problems with traditional methods; Main SELinux features: policies, enforcement, control; Scope, coverage and availability of SELinux; SELinux states; Labelling and access policies; Policy database and run-time flow; Creating policies

User Account Security
User types and their accounts: Superuser(s), daemon users, ordinary users; Terminal and shell control files; Unknown and dormant accounts; Testing account usage and activity: lastlog, last, lastb; Authenticating with PAM; PAM structure, control flow and configuration; User login and security files; login.defs, securetty, messages

Working with chroot
Why use a chroot environment; Best chroot practices; Basics of constructing a chroot jail; Understanding the structure; Tools to identify / create required files; Popular chroot implementations; chroot-aware named packages

System Service Control
Linux SysVinit startup sequence; Single and multi-user run levels; The init process and its configuration in /etc/inittab; SysVinit startup; Upstart method; Runlevel and service; Using run level 4 to isolate service management; Configuring runlevel 4 as means of proofing Apache configuration

Perimeter Network Protection
Firewall concepts; Infrastructure and DMZ ; Types and implementations; Linux firewall: iptables; Operating system and software preparation; Rules, chains and targets; Saving and restoring rules; Firewall products; Netfilter, iptables; Front end products and alternatives; Using knockd to open holes in the firewall

Authentication Methods and Techniques
SSL/TSL certificates: creating, validating, installing; Creating Kerberos Key Distribution Centre; Managing Kerberos realm; Using Kerberos alongside other technologies.

There are no reviews yet.
  • View related products with reviews: Linux.

Share your review

Do you have experience with this course? Submit your review and help other people make the right choice. As a thank you for your effort we will donate £1.- to Stichting Edukans.

There are no frequently asked questions yet. If you have any more questions or need help, contact our customer service.