Javascript Menu by Deluxe-Menu.com LinuxCBT Basic Security Edition
 



Price: $95 for Single-Computer License - licensing details
Government | Academic Price: $75
Student Price: $49
Multi-User License: Select During Checkout
System Requirements: Web Browser with Flash support
Duration: 11 hours on 1-DVD
MD5SUM: 7b3033ed041d25ed834a3025dedff4d4
SHA1SUM: cb42e4262663d224f4fc40320b681dae02b2c6ca
Content Size: 599.42 MB ( 628,537,344 bytes )
Demos: here

LinuxCBT Basic Security Edition encompasses: 1. Security Basics (fundamentals)

LinuxCBT Basic Security Edition is unparalleled in content, depth and expertise. It entails 11-hours, or over 1-day of classroom training. LinuxCBT Basic Security Edition prepares you or your organization for successfully securing GNU/Linux & Open Source-based solutions. As a by-product, many of the covered concepts, utilities and tricks are applicable to heterogeneous computing environments, ensuring your coverage of the fundamentals of securing corporate infrastructures.

Let LinuxCBT Basic Security Edition cost-effectively sharpen your GNU/Linux & Open Source Security skills!

Recommended Prerequisites for:

  • Any LinuxCBT Operating System Course (Classic/EL-4/SUSE/Debian Editions)
    • Open mind & determination to master Linux and related open-source applications
    • Basic understanding of networking concepts
    • Access to a PC to follow the exercises

Basic Security - Module I

  • Boot Security
    • Explore Dell PowerEdge BIOS Security-related features
    • Discuss concepts & improve Dell PowerEdge BIOS security
    • Explain run-time boot loader vulnerabilities
    • Explore single-user mode (rootshell) and its inherent problems
    • Modify default GRUB startup options & examine results
    • Secure boot loader using MD5 hash
    • Identify key startup-related configuration files & define boot security measures
    • Identify key boot-related utilities
    • Confirm expected hardware configuration
    • Discuss INIT process, runlevel configuration & concepts
    • Explore & tighten the security of the INIT configuration
  • Shell Security
    • Confirm expected applications
    • Discuss Teletype Terminals (TTYs) and Pseudo Terminals (PTS)
    • Identify common TTYs and PTSs
    • Track current TTYs and PTSs - character devices
    • Discuss concepts related to privileged and non-privileged use
    • Restrict privileged login
    • Use SSH and discuss TTYs
    • Discuss the importance of consistent system-wide banners & messages
    • Define and configure system banners for pre and post-system-access
    • Identify user-logon history and correlate to TTYs
    • Identify current user-connections - console-based and network-based
    • Use lsof to identify open files and sockets
  • Syslog Security
    • Discuss Syslog concepts and applications
    • Explain Syslog semantics - facilities & levels - message handling & routing
    • Focus on security-related Syslog facilities
    • Examine security logs managed by Syslog
    • Configure Network Time Protocol (NTP) on interesting hosts
    • Secure NTP configuration
    • Ensure time consistency to preserve log-integrity
    • Configure Syslog replication to preserve log-integrity
    • Identify log discrepancies between Syslog hosts
  • Reconnaissance & Vulnerability Assessment Tools
    • Discuss Stage-1 host/network attack concepts
    • Upgrade NMAP reconnaissance tool to increase effectiveness
    • Identify NMAP files
    • Discuss TCP handshake procedure
    • Discuss half-open/SYN connections
    • Perform connect and SYN-based host/network reconnaissance
    • Identify potential vulnerabilities on interesting hosts derived from reconnaissance
    • Examine NMAP logging capabilities
    • Perform port sweeps to identify common vulnerabilities across exposed systems
    • Secure exposed daemons/services
    • Perform follow-up audit to ensure security policy compliance
    • Discuss vulnerability scanner capabilities and applications
    • Prepare system for Nessus vulnerability scanner installation - identify/install dependencies
    • Generate self-signed SSL/TLS certificates for secure client/server communications
    • Activate Nessus subscription, server and client components
    • Explore vulnerability scanner interface and features
    • Perform network-based reconnaissance attack to determine vulnerabilities
    • Examine results of the reconnaissance attack and archive results
    • Secure exposed vulnerabilities
  • XINETD - TCPWrappers - Chattr - Lsattr - TCPDump - Clear Text Daemons
    • Install Telnet Daemon
    • Install Very Secure FTP Daemon (VSFTPD)
    • Explore XINETD configuration and explain directives
    • Configure XINETD to restrict communications at layer-3 and layer-4
    • Restrict access to XINETD-protected daemons/services based on time range
    • Examine XINETD logging via Syslog
    • Discuss TCPWrappers security concepts & applications
    • Enhance Telnetd security with TCPWrappers
    • Confirm XINETD & TCPWrappers security
    • Discuss chattr applications & usage
    • Identify & flag key files as immutable to deter modifcation
    • Confirm extended attributes (XATTRs)
    • Discuss TCPDump applications & usage
    • Configure TCPDump to intercept Telnet & FTP - clear-text traffic
    • Use Ethereal to examine & reconstruct captured clear-text traffic
  • Secure Shell (SSH) & MD5SUM Applications
    • Use Ethereal to examine SSH streams
    • Generate RSA/DSA PKI usage keys
    • Configure Public Key Infrastructure (PKI) based authentication
    • Secure PKI authentication files
    • Use SCP to transfer files securely in non-interactive mode
    • Use SFTP to transfer files securely in interactive mode
    • Configure SSH to support a pseudo-VPN using SSH-Tunnelling
    • Discuss MD5SUM concepts and applications
    • Compare & contrast modified files using MD5SUM
    • Use MD5SUM to verify the integrity of downloaded files
  • GNU Privacy Guard (GPG) - Pretty Good Privacy (PGP) Compatible - PKI
    • Discuss GPG concepts & applications - symmetric/asymmetric encryption
    • Generate asymmetric RSA/DSA GPG/PGP usage keys - for multiple users
    • Create a local web of trust
    • Perform encrypts/decrypts and test data-exchanges
    • Sign encrypted content and verify signatures @ recipient
    • Import & export public keys for usage
    • Use GPG/PGP with Mutt Mail User Agent (MUA)
  • AIDE File Integrity Implementation
    • Discuss file-integrity checker concepts & applications
    • Identify online repository & download AIDE
    • Install AIDE on interesting hosts
    • Configure AIDE to protect key files & directories
    • Alter file system objects and confirm modifications using AIDE
    • Audit the file system using AIDE
  • Rootkits
    • Discuss rootkits concepts & applications
    • Describe privilege elevation techniques
    • Obtain & install T0rnkit - rootkit
    • Identify system changes due to the rootkit
    • Implement T0rnkit with AIDE to identify compromised system objects
    • Implement T0rnkit with chkrootkit to identify rootkits
    • T0rnkit - rootkit - cleanup
    • Implement N-DU rootkit
    • Evaluate system changes
  • Bastille Linux - OS-Hardening
    • Discuss Bastille Linux system hardening capabilities
    • Obtain Bastille Linux & perform a system assessment
    • Install Bastille Linux
    • Evaluate hardened system components
  • top





Copyright © LinuxGenius, LLC. 2003-2010 - All Rights Reserved - Home | Demos | Privacy | Site Map | LinuxCBT UnixCBT News
Linux is a registered trademark of Linus Torvalds.
All brands, products or company names are trademarks or registered trademarks of their respective companies.
 


LinuxCBT DBMS Edition - Updates...(more)

LinuxCBT UnixCBT News

Accenture
Actel
AccuWeather
AIG
Akamai Tech
Alcatel
Alliant Energy
Ameritrade
Avocent
AutoDesk
Bechtel Corp.
Bentley College
Blue Man Group
BNP Paribas
Boston Pub Health
Burlington Coat
Cadence
CalState PolyTech
CALTECH
Canada Space Agency
City of Orlando
Cisco Systems
Computer Sciences
Continental Airlines
CNET
Daimler Chrysler
Dublin AA
DisplayTech
Dept. of Labor
DELL
DISA.GOV
DORMAN
Duke B. School
Duke Energy
EMC
ENTRUST
FBI.GOV
FH Cancer Research
Fuji Film Canada
Georgia Lottery
GIA.edu
Good Year
Google
GrayBar Electric
GTECH
Hewlett Packard
Ingersoll Rand
Iowa State U.
JP Morgan Chase
Kramer Levin LLP
Louisville Tech
Maui HPCC
Maxtor Corporation
McGill University
Methodist University
Mt. Sinai Medical
Namasco
NASA.GOV - JPL
NATS
NAVY
NICHIA Corp
NIH.GOV
NLN.org
NOAA.GOV
NOKIA
Northrop Grumman
NorTel
Ontario Power Gen.
PABC Bank
Park Nicollet
Partners Healthcare
PA State Senate
Phelps Dodge
Piper Jaffray
REUTERS
ROGERS
SAIC
SafeNet, Inc.
Sanofi-Aventis
Sarah Lawrence
Seton Hall U.
SGI
Simon & Schuster
SLCC.EDU
Smiths Aerospace
Sony DADC
Spectra Labs
Symantec
TD Waterhouse
TeliaSonera
Texas Instruments
TrackMaster
United Nations
UC Irvine
UCLA
UC San Francisco
UC Santa Cruz
U. of Afghanistan
Univ. of Alaska
Univ. of Colorado
University of Iowa
Univ. of Louisville
Univ. of New Haven
UMass School of Med.
Unilever
Unisys
US Courts
Veritas
VMWare
WebTrends
Weidlinger Associates
Woods Hole
XEROX