Description

During this practical course, you will learn how to define a security strategy, secure Linux servers and maintain an optimal level of security. The training includes components such as securing the isolated system, securing the network in the enterprise and conducting a security audit. This is an opportunity to acquire practical skills essential to ensuring enhanced security of IT systems.

Who is this training for ?

For whom ?

System and network technicians and administrators.

Prerequisites

Good knowledge of systems and network administration.

Training objectives

Measure the security level of your Linux/Unix system

Know system security solutions

Know how to set up security for a Linux/Unix application

Establish security at the network level

Training program

• Introduction
  • Secure domain access with IPsec.
  • The advanced Windows 2008 Server firewall.
  • Configuration and administration of the RAS service.
  • VPNs: principle of tunneling.
  • Practical work Implementation of IPSec under Windows.
  • Advanced configuration of the firewall.
  • Setting up instead of a RAS server and a RADIUS server under Windows 2008 Server.
• Security and Open Source
  • Corrections are quick, bugs made public.
  • A hacker's approach technique: knowing the flaws, knowing how to attack.
  • Example of a vulnerability and security solution.
  • What solution?
• Installation too complete: Linux example
  • Debian, RedHat and other distributions.
  • Avoid the easy installation trap.
  • Kernel lightweighting.
  • Drivers peripherals.
  • Practical work Optimization of installations with a view to security management.
• Local system security
  • Examples of maliciousness and inadvertence.
  • Low permissiveness by default.
  • Effective file rights checking, scripts and commands to diagnose.
  • Tripwire tools.
  • Retention of logs, how long?rnThe tool log analysis: logwatch.
  • React in real time: example script.
  • Use RPM as HIDS.
  • Configuring PAM in different contexts.
  • Containment of process execution.
  • DAC, MAC, RBAC terminology, context, model.
  • Practical work rnWork on rights, logs and processes.
• Network-level security
  • Use a firewall? Use wrappers? Set up service access filters.
  • Configure a firewall securely.
  • The diagnostic commands.
  • Setting up a NetFilter firewall under Linux.
  • Philosophy and syntax of iptables.
  • The xinetd super-server.
  • Access restrictions by the wrapper, trace files.
  • Perform an audit of active services.
  • Ssh.
  • Practical work Configure a Firewall.
  • Audit functional services.
• Security audit utilities
  • Proprietary products and free alternatives.
  • Crack, John the Ripper, Qcrack.
  • HIDS and NIDS intrusion detection systems.
  • Test the vulnerability with Nessus.
  • Implementing a security tool.
  • Practical work Implementing some tools.