Red Hat Linux Enterprise Server 5 Security Administration

Red Hat Linux Enterprise Server 5 Security Administration

Audience

This course is intended for Linux/Unix system and network administrators who want to learn about securing Red Hat Linux.

Prerequisites

Delegates should already have some real-world experience with Red Hat Linux system and network administration. Attendance of our Linux System Administration (Red Hat/SUSE & Debian) and Linux Enterprise Server for Experienced UNIX Administrators courses would be beneficial.

Duration

2 days. Hands on.

This course is available on site only. Please call for details.

Course Objectives

This course provides delegates with the knowledge and skills necesary to secure RHEL5 at the system and network levels. This highly-practical course covers Red Hat Enterprise Linux (RHEL5), but much of the material is also relevant to earlier versions.

After completing this course, students will be able to:

  • Explain Security concerns and policy.
  • Configure authentication Services.
  • Secure the system.
  • Secure Networks.
  • Secure Services.
  • Secure Data.


Please Note: This course is designed to impart technical information to the delegates. It is not designed to teach audit techniques, standards or remedial plans.

Course Content

Security Concerns and Policies
Security Terms.
Basic Network Security.
Which services are running?
Remote Service Detection.
Definitions of Security.
Security Policy.
Backup Policies.

Authentication Services
Authentication Basics.
Service Profile: PAM.
PAM Operation.
Core PAM Modules.
Authentication Modules.
Password Security.
Resource Limits.
User Access Control.
Single User Mode.
Authentication Troubleshooting.

System Monitoring
System Monitoring Overview.
File System Analysis.
Set User and Group ID Permissions.
Typical Problamatic Permissions.
ext2 filesystem attributes.
Monitoring Data Integrity with Tripwire.
Configuring Tripwire.
System Log Files.
syslogd and klogd configuration.
Advanced syslogd configuration.
Log File Analysis.
Monitoring and Limiting Processes.
Monitoring processes with top.
Monitoring processes Graphically.
System Activity Reporting.
Process Accounting Tools.

Securing Networks
Packet Filtering Capabilities.
NetFilter Architecture.
Chain operations.
Rule Targets.
Rule Matching.
Network Address Translation (NAT).
Connection Tracking.
Rule Persistence.
The Bastion Host.

Managing Services
System V Startup Control.
Starting the Service.
tcp_wrappers configuration.
Daemon specification.
Client specification.
Advanced syntax.
xinetd-based security.
xinetd Access Control.
Host Patterns.
Advanced Security Options.

Securing Data
The need for encryption.
Cryptography building blocks.
Random Numbers.
One-Way Hashes.
Symmetric Encryption.
Asymmetric Encryption.
Public Key Infrastructures.
Digital Certificates.
Generating Digital Certificates.
OpenSSH Overview.
The OpenSSH.
OpenSSH Authentication.
Protecting your keys.
Application: rpm.

On-Site Courses

Can't attend one of our public classes? Booking for multiple people?

All our courses are available on your site! Delivered for your staff, at your premises.

Contact us to find out more...