Simplifying New Technology

Securing UNIX systems


UNIX security course description
A hands-on course focusing on security of UNIX systems. Hands on sessions will be with Red Hat Linux but the course covers all flavours of UNIX and highlights differences.

Who will benefit?

  • Support personnel.
  • Technical security staff.

UNIX security course prerequisites

  • UNIX Fundamentals.
  • Intro to UNIX system administration.

UNIX security course objectives
By the end of the course delegates will be able to:

  • Read shell scripts.
  • Write shell scripts.
  • Use different types of quotes.
  • Recognise the role of shell scripts within the UNIX system.

Duration: 3 days

 

UNIX security course contents

Security basics
Authentication, privacy, availability, integrity, physical security, personnel security, CERT, vendor mailing lists, obtaining patches, installing patches.

Monitoring the system
Log files, syslogd, system accounting, other useful tools, obtaining open source tools, how programs are run (cron, at, startup files).

Account security
The login process, password policies, enforcing strong passwords, PAMs, checking passwords with password crackers, disabling accounts, timing out idle users, restricted shells, Role based Access Mechanisms, sudo vs su, /etc/sudoers, logs, special accounts, the root user, controlling root access, authentication, one time passwords, OPIE.

File system security
Network security

Major service security
Securing DNS, HTTP, sendmail, NFS, Samba and X.

Summary
Difference between UNIX flavours, using UNIX as an IDS, port scanners, references, a checklist.