LinuxCBT Security Edition encompasses 9 pivotal security modules:
1. Security Basics (fundamentals)
2. Proxy Security featuring Squid
3. Firewall Security featuring IPTables
4. SELinux Security - MAC-based Security Controls
5. Network Intrusion Detection System (NIDS) Security featuring Snort® NIDS
6. Packet | Capture | Analysis Security featuring Ethereal®
7. Pluggable Authentication Modules (PAM) Security
8. Open Secure Shell version 2 (OpenSSHv2) Security
9. OpenPGP with Gnu Privacy Guard (GPG) Security
LinuxCBT Security Edition is unparalleled in content, depth and expertise. It entails 89-hours, or ~ 2-weeks of classroom training. LinuxCBT Security Edition prepares you or your organization for successfully securing GNU/Linux & Open Source-based solutions. As a by-product, many of the covered concepts, utilities and tricks are applicable to heterogeneous computing environments, ensuring your coverage of the fundamentals of securing corporate infrastructures.
Recommended Prerequisites for:
* Any LinuxCBT Operating System Course (Classic/EL-4/SUSE/Debian Editions)
o Open mind & determination to master Linux and related open-source applications
o Basic understanding of networking concepts
o Access to a PC to follow the exercises
Basic Security - Module 1
* Boot Security
o Explore Dell PowerEdge BIOS Security-related features
o Discuss concepts & improve Dell PowerEdge BIOS security
o Explain run-time boot loader vulnerabilities
o Explore single-user mode (rootshell) and its inherent problems
o Modify default GRUB startup options & examine results
o Secure boot loader using MD5 hash
o Identify key startup-related configuration files & define boot security measures
o Identify key boot-related utilities
o Confirm expected hardware configuration
o Discuss INIT process, runlevel configuration & concepts
o Explore & tighten the security of the INIT configuration
Proxy Security - Module 2
* Squid Proxy Initialization
o Discuss Squid concepts & applications
o Discuss DNS application
o Configure DNS on primary SuSE Linux server for the Squid Proxy environment
o Confirm DNS environment
o Start Squid and evaluate default configuration
o Install Squid Proxy server
*
* General Proxy Usage
o Configure web browser to utilize proxy services
o Grant permissions to permit local hosts to utilize proxy services
clients
*
* Squid Proxy Logs
o Discuss Squid Proxy logging mechanism
o Identify key log files
o Discuss & explore the Access log to identify HITS and/or MISSES
o Discuss & explore the Store log to identify cached content
o Convert Squid logs to the Common Log Format (CLF) for easy processing
o Discuss key CLF fields
o Configure Webalizer to process Squid-CLF logs
o Revert to Squid Native logs
o Discuss key Native log fields
o Configure Webalizer to process Squid Native logs
*
* Squid Network Configuration & System Stats
o Discuss cachemgr.cgi Common Gateway Interface(CGI) script
o Explore the available metrics provided by cachemgr.cgi
o Change default Squid Proxy port
o Modify text/graphical clients and test communications
o Discuss Safe Ports - usage & applications
Firewall Security - Module 3
* Intro IPTables
o Discuss key IPTables concepts
o OSI Model discussion
o Determine if IPTables support is available in the current kernel
o Identify key IPTables modules and supporting files
o Explore and examine the default tables
o Learn IPTables Access Control List (ACL) syntax
o Discuss ACL management
o Learn to Save & Restore IPTables ACLs
*
* IPTables - Chain Management
SELinux Security - Module 4
* Access Control Models
o Describe Access Control Model (ACM) theories (DAC/MAC/nDAC)
o Explain features & shortcomings of Discretionary Access Control (DAC) models
o Identify key DAC-based utilities
o Discuss the advantages & caveats of Mandatory Access Control (MAC)models
o Explore DAC-based programs
*
* SELinux - Basics
o Discuss subjects & objects
o Explain how SELinux is implemented in 2.6.x-based kernels
o Confirm SELinux support in the kernel
o Identify key SELinux packages
o Use sestatus to obtain the current SELinux mode
o Discuss subject & object labeling
o Describe the 3 SELinux operating modes
o Identify key utilities & files, which dictate the current SELinux operating mode
o Focus on the features of SELinux permissive mode
o Explore the boot process as it relates to SELinux
*
* SELinux - Object Labeling
o Discuss subject & object labeling
o Discuss the role of extended attributes (XATTRs)
o Expose the labels of specific objects
o Alter the lables of specific objects
o Configure SELinux to automatically label objects per security policy
o Reset the system and confirm labels on altered objects
o Explain security tuples
o Use fixfiles to restore object labels on running system per security policy
*
* SELinux - Type Contexts - Security Labels Applied to Objects
كود:
https://rapidshare.com/files/131041225/LinSec.part01.rar
https://rapidshare.com/files/131041698/LinSec.part02.rar
https://rapidshare.com/files/131042176/LinSec.part03.rar
https://rapidshare.com/files/131042668/LinSec.part04.rar
https://rapidshare.com/files/131043239/LinSec.part05.rar
https://rapidshare.com/files/131043794/LinSec.part06.rar
https://rapidshare.com/files/131044401/LinSec.part07.rar
https://rapidshare.com/files/131040765/LinSec.part08.rar
https://rapidshare.com/files/131045898/LinSec.part09.rar
https://rapidshare.com/files/131046369/LinSec.part10.rar
https://rapidshare.com/files/131046908/LinSec.part11.rar
https://rapidshare.com/files/131047416/LinSec.part12.rar
https://rapidshare.com/files/131048060/LinSec.part13.rar
https://rapidshare.com/files/131048767/LinSec.part14.rar
https://rapidshare.com/files/131049491/LinSec.part15.rar
https://rapidshare.com/files/131050338/LinSec.part16.rar
https://rapidshare.com/files/131050884/LinSec.part17.rar
https://rapidshare.com/files/131051584/LinSec.part18.rar
https://rapidshare.com/files/131052355/LinSec.part19.rar
https://rapidshare.com/files/131053205/LinSec.part20.rar
https://rapidshare.com/files/131053998/LinSec.part21.rar
https://rapidshare.com/files/131054860/LinSec.part22.rar
https://rapidshare.com/files/131045367/LinSec.part23.rar
https://rapidshare.com/files/131057155/LinSec.part24.rar
https://rapidshare.com/files/131057972/LinSec.part25.rar
https://rapidshare.com/files/131059046/LinSec.part26.rar
https://rapidshare.com/files/131060120/LinSec.part27.rar
https://rapidshare.com/files/131061321/LinSec.part28.rar
https://rapidshare.com/files/131062162/LinSec.part29.rar
https://rapidshare.com/files/131062995/LinSec.part30.rar
https://rapidshare.com/files/131064745/LinSec.part31.rar
https://rapidshare.com/files/131067221/LinSec.part32.rar
https://rapidshare.com/files/131074664/LinSec.part33.rar
https://rapidshare.com/files/131080687/LinSec.part34.rar
https://rapidshare.com/files/131095321/LinSec.part35.rar
https://rapidshare.com/files/131099588/LinSec.part36.rar
https://rapidshare.com/files/131077787/LinSec.part37.rar
https://rapidshare.com/files/131072112/LinSec.part38.rar
https://rapidshare.com/files/131105229/LinSec.part39.rar
https://rapidshare.com/files/131108316/LinSec.part40.rar
https://rapidshare.com/files/131109568/LinSec.part41.rar
https://rapidshare.com/files/131110648/LinSec.part42.rar
https://rapidshare.com/files/131111757/LinSec.part43.rar
https://rapidshare.com/files/131112793/LinSec.part44.rar
https://rapidshare.com/files/131113733/LinSec.part45.rar
https://rapidshare.com/files/131114629/LinSec.part46.rar
https://rapidshare.com/files/131115588/LinSec.part47.rar
https://rapidshare.com/files/131116611/LinSec.part48.rar
https://rapidshare.com/files/131099982/LinSec.part49.rar