Verhoef Training Europe.

11B Kingsmead Square, Bath, BA1 2AB, UK
Phone:+44 (0)1753 852 233 Fax: +44 (0)1753 840 190



Red Hat Linux Enterprise Server 5 Security Administration




AUDIENCE:   This course is intended for Linux/Unix system and network administrators who want to learn about securing Red Hat Linux.

PREREQUISITES:   Delegates should already have some real-world experience with Red Hat Linux system and network administration. Attendance of our Red Hat Linux System Administration and Linux System Advanced Administration courses would be beneficial.

DURATION:   2 days. Hands on.

OBJECTIVES:   This course provides delegates with the knowledge and skills necesary to secure RHEL5 at the system and network levels.

This highly-practical course covers Red Hat Enterprise Linux (RHEL5), but much of the material is also relevant to earlier versions.

After completing this course, students will be able to:
- Explain Security concerns and policy
- Configure authentication Services
- Secure the system
- Secure Networks
- Secure Services
- Secure Data

COURSE CONTENT:  

Security Concerns and Policies
Security Terms
Basic Network Security
Which services are running?
Remote Service Detection
Definitions of Security
Security Policy
Backup Policies

Authentication Services
Authentication Basics
Service Profile: PAM
PAM Operation
Core PAM Modules
Authentication Modules
Password Security
Resource Limits
User Access Control
Single User Mode
Authentication Troubleshooting

System Monitoring
System Monitoring Overview
File System Analysis
Set User and Group ID Permissions
Typical Problamatic Permissions
ext2 filesystem attributes
Monitoring Data Integrity with Tripwire
Configuring Tripwire
System Log Files
syslogd and klogd configuration
Advanced syslogd configuration
Log File Analysis
Monitoring and Limiting Processes
Monitoring processes with top
Monitoring processes Graphically
System Activity Reporting
Process Accounting Tools

Securing Networks
Packet Filtering Capabilities
NetFilter Architecture
Chain operations
Rule Targets
Rule Matching
Network Address Translation (NAT)
Connection Tracking
Rule Persistence
The "Bastion Host"

Managing Services
System V Startup Control
Starting the Service
tcp_wrappers configuration
Daemon specification
Client specification
Advanced syntax
xinetd-based security
xinetd Access Control
Host Patterns
Advanced Security Options

Securing Data
The need for encryption
Cryptography building blocks
Random Numbers
One-Way Hashes
Symmetric Encryption
Asymmetric Encryption
Public Key Infrastructures
Digital Certificates
Generating Digital Certificates
OpenSSH Overview
The OpenSSH
OpenSSH Authentication
Protecting your keys
Application: rpm


NT08/01

© 2007 Verhoef Training