Skip Navigation Links

Course Length:
5 Days
Course Description:
This course will help Linux and UNIX Systems Administrators in making their systems and networks as secure as possible from intruders and improper action of the users. It covers both quick and simple solutions, and some more involved solutions to eliminate possible vulnerability.
Who Should Attend:
Everyone
Benefits of Attendance:
Upon completion of this course, students will be able to:
  • Understand hacking techniques and countermeasures
  • Solve common security problems
  • Understand and prevent wireless hacking
  • Setup Security Policy
  • Understand and implement access control
  • Determine who to trust and when to trust
  • Understand Firewall vulnerabilities and implement countermeasures
  • Utilize VPN (Virtual Private Networks) for secure connections
  • understand Host Hardening techniques
  • Secure subsystems
  • Scan systems
  • Find and repair damage
Prerequisites:
Students should have Linux Systems Administration experience. Basic Network knowledge is a plus.
Course Outline:
  • Chapter 1: Introduction
    1. Introduction
    2. What Are You Trying To Protect?
    3. In the Beginning
    4. Somebody@Somewhere
    5. The Underlying Problem in Today's TCP/IP
    6. The TCP/IP Model Layers
    7. Future is More Secure With IPv6
    8. IPSec
    9. Who Are the Enemies and What Do They Want?
    10. Type of Attacks
    11. Technical Attacks
    12. Social Attacks
    13. Physical Attacks
    14. Wireless Attacks
    15. Most Common Mistakes
    16. Weak Passwords
    17. Open Network Ports
    18. Outdated Software
    19. Badly Configured and Insecure Programs
    20. Obsolete or Benign Accounts
    21. I'll Do It Tomorrow
    22. Viruses and Linux
    23. Detecting an Intrusion and Preventing Further Attacks
    24. Tripwire
  • Chapter 2: Understanding the Hacking Techniques
    1. Understanding Hacking Techniques
    2. Footprinting
    3. Search Engines
    4. Domain Registrars
    5. Regional Internet Registries
    6. DNS Reverse-Lookups
    7. Mail Exchange
    8. Zone Transfers
    9. Traceroute
    10. Scanning and Identification
    11. Ping and Ping Sweeping
    12. TCP Pinging
    13. Port Scanning
    14. Fingerprinting
    15. Remote Hacking
    16. Ports at Risk
  • Chapter 3: Technical Attacks Explained
    1. Technical Attacks Explained
    2. Attack Paths
    3. Rootkit Attacks
    4. Packet Spoofing
    5. SYN Flood Attack
    6. TCP Sequence Spoofing
    7. Packet Storms, Smurf Attacks, and Fraggles
    8. Buffer Overflows or Stamping on Memory With gets()
    9. Man-in-the-Middle Attack
    10. Wireless Attacks Explained
    11. Wireless Standards
    12. WEP, WPA, and WPA 2
    13. Probing & Network Discovery
    14. Surveillance
    15. DOS Attacks
    16. Impersonation
    17. Man in the Middle and Rouge AP
  • Chapter 4: Access Control
    1. Introduction
    2. The Highest Security
    3. Access Control
    4. Identification and Authentication
    5. Access Control Types
    6. Access Control Models
    7. SSL Certificates
    8. Authenticating with PAM
    9. Password Management
    10. Hardware Password Protection
    11. Password Protecting the GRUB Boot Loader
    12. Advanced Password Methods
    13. Different Functions of Different Algorithms
    14. MD5 Passwords
    15. Password Aging
    16. Use sudo to Protect Root Access
    17. File Protection
    18. The chattr Program and the Immutable Bit
    19. Cryptography
    20. Protect Files With GPG
    21. Using Encrypted Keys
    22. Default Setting For Single User Mode
    23. Login Simulators
    24. Warning Banners
    25. Add Security to /bin/login
    26. User Startup Files
    27. Useful Tools
    28. Account Controls
    29. Restrict at and cron Access
    30. More Default Settings
    31. Protocol Switches in The Kernel
    32. Logging Environment
  • Chapter 5: Security Policy
    1. Setup Security Policy
    2. Standards and Regulations
    3. Why Your Organization Needs Security Policies
    4. Security Policy Basics
    5. Administrative Policies vs. Technical Policies
    6. Administrative Security Policy Samples
    7. Technical Security Policy Samples
  • Chapter 6: Network Access Security
    1. Network Access Security
    2. Ring Security
    3. Modem Access
    4. X Security
    5. TCP-wrappers
    6. Virtual Private Networks (VPN)
    7. Protecting Network Connections - SSH2
    8. Install and Configure SSH
    9. Restricting Host Access - SSH Server
    10. SSH Authentication
    11. OpenSSH Client and OpenSSH Server
    12. Authenticate Between an SSH2 Client and an OpenSSH Server
    13. Tunneling with SSH
    14. Ports at Risk
    15. ifconfig
    16. xinetd and inetd
    17. Adding New Services xinetd inetd
    18. Restricting Remote User Access
    19. Restricting Remote Host Access xinetd
    20. Restricting Remote Host Access - xinetd with libwrap
    21. Defending Against Denial of Service (DoS) Attacks
    22. Harden inetd and xinetd Configurations
    23. Firewalls
    24. Firewalls with iptables, ipchains and DMZ
    25. Tunneling Through Firewalls
    26. Egress Filtering
  • Chapter 7: Host Hardening
    1. Host Hardening
    2. SELinux - NSA Security-Enhanced Linux (SELinux)
    3. AppArmor
    4. LDAP
    5. Postfix
    6. Qpopper
    7. sendmail
    8. BIND (DNS)
    9. Apache
    10. Samba
    11. NFS
  • Chapter 8: Scanning Your Own System
    1. Scanning Your Own System
    2. Top 20 Security Tools
    3. The Nessus Security Scanner
    4. Wireshark (Ethereal)
    5. Snort Attack Detector
    6. netcat
    7. John the Ripper
    8. Crack
    9. Store the RPM Database Checksums
    10. Finding and Repairing the Damage
    11. Information Systems' Security Response to Intrusions
    12. The IT Response to Intrusions
    13. The Law Enforcement Response to Intrusions
    14. Information to Determine Damages or Loss