Linux Firewall & Security Administration

  • Print

 

Course Overview

The course will teach students how to use local and network security. This is a course for those responsible for the configuration, managing and setup of Linux system security e.g. kernel security, data security, file system security, password security, ACLs, SELinux, network services security, TCPWrappers, Linux-based firewall with iptables and Virtual Private Networking.

 

Download Brochure pdf-logo
 
 

Goal

Upon completion of this course, students should be able to:

 

  • Discuss network and local system security and place the firewall therein
  • Install and harden Linux system
  • System monitoring
  • Understand PAM authentication
  • Securing the kernel, file systems and data
  • Manage TCPWrappers for securing services
  • SELinux administration
  • Configure iptables packet filtering and Network Address Translation
  • Configure Virtual Private Networking
  • Configure and use hacker’s tools
  • Detect and counter firewall intrusions

Pre-Requisites

Have an experience using Linux Operating System and have basic programming skills.

 

Who Should Attend?

This course is designed for experienced Linux and networking professionals who are responsible for configuring and maintaining security for Linux systems. System / Network administrators & support people, programmers and prospective Linux power users, looking to harness the power of task automation through shell scripting.

 

Linux Security Administration – Schedule

Day 1

09.00am – 10.00am

Introduction to Security and Firewall

  • Definition of security
  • Security policy
  • Type of attack
  • Principles of security
  • Security practices
  • Hackers, crackers and script kiddies
  • Motivation of hackers and crackers
  • What you have to lose
  • What is a firewall?
  • Position of a firewall
  • Virtual Private Networking
  • Network security techniques and usage
10.00am – 10.30am

Breakfast

10.30am – 12.45pm

PAM Authentication

  • Authentication
  • PAM
  • Password security
  • Password policy
  • Utilities and authentication
  • PAM troubleshooting

12.45pm – 02.15pm

Lunch

02.15pm – 05.00pm

System Monitoring  

  • Introduction to system monitoring
  • File system analysis
  • System log file
  • Log file analysis
  • Monitoring process
  • Process monitoring utilities
  • System activity reporting
  • Limiting process
  • Process accounting tools

Installing and Securing Linux

  • Installing Linux
  • Applying patches
  • Kernel recompilation
  • Hardening Linux
  • User account considerations
  • Disabling services
  • Filesystem Hardening
  • Access Control Lists (ACLs)
  • Kernel tuning and configuration options

Day 2

09.00am – 10.00am

Securing Services

  • System V startup control
  • Securing the services
  • TCPWrappers configuration
  • Securing xinetd
  • Securing DNS
  • Securing Mail

10.00am – 10.30am

Breakfast

10.30am – 12.45pm

Securing Data

  • Fundamentals of encryption
  • The need for encryption
  • Symmetric encryption
  • Asymmetric encryption
  • Public Key Infrastructure (PKI)
  • Digital certificates

12.45pm – 02.15pm

Lunch

02.15pm – 05.00pm

SELinux Administration

  • Security Enhanced Linux (SELinux)
  • SELinux targeted policy
  • SELinux installation options and control
  • Controlling SELinux
  • SELinux contexts
  • Troubleshooting SELinux

                                                                        Day 3

09.00am – 10.00am

Securing Network

  • Packet filtering overview
  • Network Address Translation
  • Kernel-level firewall implementation with iptables
  • Protection against spoofed addresses
  • IP masquerading
  • FWBuilder

10.00am – 10.30am

Breakfast

10.30am – 12.45pm

Virtual Private Networking

  • Virtual Private Network concepts
  • Virtual Private Network solutions
  • IPSec

12.45pm – 02.15pm

Lunch

02.15pm – 05.00pm

Hacker’s Tools

  • Sniffers
  • Ethereal
  • Nmap
  • Nessus