AUDIENCE:   This course is intended for Linux/Unix system and network administrators who want to learn about securing Red Hat Linux. PREREQUISITES:   Delegates should who already have some real-world experience with Red Hat Linux system and network administration. Attendance of our Linux System Administration and Linux Network Administration courses would be beneficial. DURATION:   2 days. Hands on. OBJECTIVES:   This course provides delegates with the knowledge and skills necesary to secure RHEL at the system and network levels. This highly-practical course covers Red Hat Enterprise Linux (RHEL4), but much of the material is also relevant to earlier versions. After completing this course, students will be able to: Explain Security concerns and policy Configure authentication Services Secure the system Secure Networks Secure Services Secure Data COURSE CONTENT:   Security Concerns and Policies Security Terms Basic Network Security Which services are running? Remote Service Detection Definitions of Security Security Policy Backup Policies Authentication Services Authentication Basics Service Profile: PAM PAM Operation Core PAM Modules Authentication Modules Password Security Resource Limits User Access Control Single User Mode Authentication Troubleshooting System Monitoring System Monitoring Overview File System Analysis Set User and Group ID Permissions Typical Problamatic Permissions ext2 filesystem attributes Monitoring Data Integrity with Tripwire Configuring Tripwire System Log Files syslogd and klogd configuration Advanced syslogd configuration Log File Analysis Monitoring and Limiting Processes Monitoring processes with top Monitoring processes Graphically System Activity Reporting Process Accounting Tools Securing Networks Packet Filtering Capabilities NetFilter Architecture Chain operations Rule Targets Rule Matching Network Address Translation (NAT) Connection Tracking Rule Persistence The "Bastion Host" Managing Services System V Startup Control Starting the Service tcp_wrappers configuration Daemon specification Client specification Advanced syntax xinetd-based security xinetd Access Control Host Patterns Advanced Security Options Securing Data The need for encryption Cryptography building blocks Random Numbers One-Way Hashes Symmetric Encryption Asymmetric Encryption Public Key Infrastructures Digital Certificates Generating Digital Certificates OpenSSH Overview The OpenSSH OpenSSH Authentication Protecting your keys Application: rpm