Securing a Linux Server

2 Day Course
Hands On
Code QALXSEC

Book Now - 1 Delivery Method Available:

Scheduled Online Onsite

Overview

Linux server has proven itself as a powerful, stable, fast and scalable IT platform for both small-to-medium enterprise and large organisations, where data, network, high availability storage and other server-type  provisioning installations are routinely served by Linux.

This course will build on the experience, knowledge and capabilities of the delegates, who - most likely - will have installed and managed a Linux machine(s) for a period of time. During this event, we will step through most of the system and server administration and maintenance tasks, this time concentrating on security aspects of the configuration, lock down techniques, and best practices for fine-tuning a system in order to make it as secure as relevant and possible.

The course is a follow up to the "Essential Linux Administration", "Advanced Linux Administration" and "Building a Linux Server" training path.

Target audience:

Experienced Linux system and network administrators, analysts, or system architects responsible maintaining and securing servers based on a Linux operating system.

Delegates will learn how to:

  • Analyse the physical computer issues
  • Protect Linux server at the GRUB level
  • Appreciate a perimeter network concepts and protection
  • Be aware of snooper and sniffer tools in Linux
  • Configure and use iptables firewall
  • Implement and control basic SELinux policy
  • Understand configuration aspects of main Internet server applications
  • Apply techniques to protect and secure files and file server protocols
  • Authentication Methods and Techniques

Training Partners

We work with the following best of breed training partners using our bulk buying power to bring you a wider range of dates, locations and prices.

Modules

Hide all

Introductions (4 topics)

  • Course introduction and pre-requisites
  • Linux server market
  • Revision of security related terminology and approach
  • Physical, installation, user and application security basics

Physical and OS Security of Linux (4 topics)

  • Computer hardware - location and environment BIOS and boot access
  • Grub configuration
  • Kernel options and device protection
  • Logging and audit trails

A Perimeter Network Concepts and Protection (4 topics)

  • Infrastructure vs. DMZ
  • Firewall concepts, types and implementations Firewalls: Netfilter, iptables, ufw
  • Configuring iptables
  • Sniffers and snoopers: terminology and programs Using nmap

Introduction to SELinux (8 topics)

  • DAC vs. MAC security policies
  • Problems with traditional methods
  • Main SELinux features: policies, enforcement, control
  • Scope, coverage and availability of SELinux
  • SELinux states
  • Labelling and access policies
  • Policy database and run-time flow
  • Creating policies

Internet Security (4 topics)

  • Apache: installation considerations, file hierarchy security, user and group ownership, authentication, access control and authorisations
  • Mail: SMTP server and client, sendmail, postfix, dovecot
  • DNS and chroot
  • Protecting MySQL: securing ports and communication tools, fixes and patches, creating and securing database user, user accounts and passwords

Protecting Files and File Servers (5 topics)

  • Setting up GPG
  • Signing and encrypting files
  • Securing FTP server
  • Anonymous FTP server in chroot environment SAMBA server: security, authentication, integration with Windows authentication
  • NFS security features

Authentication Methods and Techniques (2 topics)

  • SSL/TSL certificates: creating, validating, installing
  • Creating Kerberos Key Distribution Centre, managing Kerberos realm, using Kerberos alongside other technologies.

Prerequisites

Delegates should have previously attended the Building a Linux Server and Information Security Fundamentals courses (or have equivalent knowledge) and have several months practical experience of administering a Linux system. Alternatively, they must be able to demonstrate a solid experience (typically several years) of any UNIX system administration and server maintenance.

Additional Learning

The courses below may help you meet the knowledge level required to take this course. If you are unsure please ask a training advisor .

  • Building a Linux Server

    This 4-day course guides delegates through trhe complete process of building a Linux server.

    4 Day Course Hands On Training Course Code QALXSRV
    Scheduled Online Onsite

or call:408-759-5074

Course PDF

Print

Share this Course

+1
Share

Recommend this Course

Sections