UNIX^® and Linux^® Security: Hands-On

What is this course about?

This course enables you to understand, assess, and combat threats to the security of your UNIX and Linux platforms, arising from either accidental or intentional misuse. You learn how to take advantage of tools and utilities to defend against these threats and so maintain the integrity and reliability of your systems and networks.

What background should I have?

You should have recent experience with UNIX command-line tools. Course 428: UNIX^®: A Comprehensive Hands-On Introduction, or Course 143: Linux^®: A Comprehensive Hands-On Introduction, for Linux users, provides the necessary preparation. Some UNIX administration and security experience is helpful, as is familiarity with networking concepts. You must be comfortable with the Linux command line, including the vi text editor and standard file manipulation utilities. Please refer to the following web page for additional prerequisite knowledge contained in the document entitled Unix Fundamentals: http://bonus.learningtree.com/Files/433/RefMaterial/433scm04.pdf.

Who will benefit from this course?

In today's environment, security is the concern of designers, implementers, system administrators and users of computer systems. This course is of direct and immediate benefit to systems managers responsible for the installation and operation of UNIX platforms. Typical participants also include:

• Systems administrators and members of system administration teams
• Information Systems security analysts and auditors who are evaluating or certifying a UNIX environment
• Members of computer emergency response teams
• Planners concerned with integrating UNIX securely with other network operating systems
• Staff responsible for "hardening" a UNIX system for use as an Internet firewall platform

Why should I be concerned about UNIX security?

UNIX provides a mature, stable and high-performance operating system platform for a wide range of vital applications. It is used extensively on corporate intranets, as well as the Internet.

As with any complex system, there are design issues and potential vulnerabilities that pose threats to the integrity and availability of critical company data. You can achieve a high level of security with UNIX, provided you take steps to deploy appropriate configuration options and updated software components.

Two factors magnify the risk of inaction:

• Potential attackers know a great deal about the weaknesses in default UNIX configurations
• These attackers know how to exploit such weaknesses

Which UNIX versions does the course cover?

The course addresses all major versions of UNIX. For the hands-on exercises we use Solaris (SVR4), Red Hat Enterprise Linux and BSD UNIX. Some exercises must be done in a specific operating system, but many of the exercises allow each team to pick Solaris, Linux or BSD. Having these three platforms, you are able to:

• Evaluate the many useful security tools that are being developed by the user community
• See how you can apply them to a commercially supported system

Most of the security work also applies to Mac OS X.

One goal of the course design is that the exercise manual and handout CD can be used when back at work the next week. The design of the course using Solaris, Linux and BSD makes it apply to any commercial UNIX, open-source Linux and BSD, and Mac OS X.

What specific tools will I use in the course?

The tools that you install and apply include Nessus and Sussen to perform configuration audits on UNIX systems, netstat and lsof to analyze network security risks, Tripwire to monitor filesystem integrity, SSH for secure remote access and tunneling graphical applications, PAM for secure user authentication, sudo for controlled superuser access, and IPtables for packet filtering and firewall protection.

How much time is spent on each topic?

Does the course address firewall technologies?

The course discusses technology appropriate for use on a system to be used in a firewall architecture, but it is not a course about firewalls. Security experts widely recommend UNIX systems as the platform of choice for firewall software. This course equips you with the background you need to "harden" the UNIX operating system for this role as a bastion host. The skills that you learn allow you to achieve "defense in depth" by additionally securing the operating system on internal UNIX hosts.

What kinds of hands-on exercises are included in this course?

Approximately 40% of the course is devoted to the hands-on exercises. Topics include:

• Running automated tools on a UNIX system
• Replacing the standard UNIX password-changing program
• Replacing the standard UNIX remote access utilities with SSH
• Deploying an add-on tool to safely delegate administrative tasks
• Installing Tripwire
• Analyzing your UNIX servers' network-based security risks
• Protecting your UNIX server from network intrusion
• Patching the Solaris operating system

Will this course help me prepare for the Linux+, CompTIA Security+, and CISSP Certification examinations?

Yes, this course helps you prepare for the Linux+, CompTIA Security+, and multiple domains on the CISSP Certification exam. For more information, please refer to the individual certification Q&As.

Does this course provide me with (ISC)² continuing professional education (CPE) credits?

Yes! Learning Tree, in agreement with (ISC)², is a recognized "Trusted CPE Provider." This course provides you with 32 "A-level" CPE credits toward maintaining your CISSP Certification. Please see the CISSP Q&A for more information on the continuing education requirements of (ISC)².

How does this course relate to other Learning Tree courses?

Learning Tree offers a number of courses that will help you expand upon the knowledge gained in this course and further your skills in several key areas. Those courses include:

• 144: Linux® Administration and Support: Hands-On 
• 468: System and Network Security: A Comprehensive Introduction 
• 340: Project Management for Software Development 

US Dates