|What to bring:
Students are encouraged to bring Unix enabled laptop, this course will focus on recent versions of Solaris 7.x and Red Hat Linux 7.x, though the material applies broadly to all Unix variants.
Out of the box, most operating systems are sitting ducks. Within six months of release, they tend to become rather crackable and it only gets worse as the operating system ages. According to the Honeynet Project, a default server install of Red Hat 6.2 averages a life expectancy of only 72 hours. You don't have to stand for this kind of weakness.
This fast-paced, live demonstration course, "Securing Solaris and Locking Down Linux " will teach you how to protect a system from compromise. You'll learn how the attacks work and how to use hard-core hardening to defeat the bulk of them; you will be able to take your machines to a state of minimum necessary risk.
This course teaches you how to tighten all major aspects of the operating system for security, taking into consideration the purpose of the system and the needs of your organization. You'll learn how to tune kernel and operating system parameters, deactivate components, and tighten the components that remain. You'll examine major server applications tightening, including Web, Mail, FTP and DNS servers and along the way, you'll understand how external and internal attackers use privilege escalation and how you can lessen their odds of gaining root. You'll also be able to apply key security concepts from defense-in-depth to least privilege to risk evaluation to determine what actions you should take and in what order of priority.
You will leave this course with the ability to:
- Configure Solaris and Linux for much greater resilience to attack.
- Understand each Solaris and Linux boot script and be capable of judging which scripts can or cannot be safely deactivated.
- Audit the Solaris and Linux file permissions and Set-UID/GID programs to combat compromise and escape privilege escalation.
- Understand and set kernel and operating system variables for best security.
- Configure Unix Web, Mail, FTP and DNS servers to thwart or contain attacks.
This course targets system/network administrators and security administrators/auditors with an understanding of Unix commands and basic operating system functions. While others are welcome, a complete lack of familiarity with Unix is too great a burden to overcome in a single day class.
This engaging, interactive course invites participants to bring a Unix-enabled laptop to harden on the fly. For the sake of simplicity, this course will focus on recent versions of Solaris 7.x and Red Hat Linux 7.x, though the material applies broadly to all Unix variants.
Jay Beale is the Lead developer of Bastille Linux and a contributing member of the Honeynet Project. He works independently as a security consultant and trainer, and speaks at conferences, hackers meetings, and defense/intel gatherings. He has written a number of articles, along with several books and guides, including Addison Wesley's, 'Locking Down Linux the Bastille Way,' on attacking and securing systems.