Duration 5 days – 35 hrs
Overview
This course is designed to equip you with the knowledge and skills required to effectively secure any Linux server against potential threats and unauthorized access. By participating, you will gain expertise in hardening Linux systems, minimizing their attack surface, and significantly reducing the risk of compromise.
The course covers key security vulnerabilities inherent to the Linux operating system and provides comprehensive, step-by-step instructions on how to mitigate these risks. In addition to learning core security concepts and best practices, you will be guided through practical exercises such as penetration testing, system hardening, compromise assessment, auditing, and vulnerability assessments.
Upon completing this course, you will possess the ability to strengthen the security of any Linux system. Furthermore, you’ll gain insights into broader information security principles, with a particular emphasis on Linux-specific security concerns that demand specialized attention.
Objectives
- Identify and understand key security vulnerabilities specific to Linux systems.
- Apply practical hardening techniques to secure Linux servers.
- Mitigate security risks by configuring security updates, auditing, and vulnerability assessments.
- Implement best practices for system and network security, including access control and intrusion detection.
- Conduct penetration testing and compromise assessments on Linux systems.
- Use automation tools like Ansible to improve Linux security management.
- Address common security threats such as brute force attacks, unauthorized access, and DoS attacks.
- Develop strategies for securing Linux web servers and databases from known vulnerabilities.
- Gain a deeper understanding of the specialized security needs of Linux systems.
Audience
- System Administrators
- IT Security Professionals
- Network Engineers
- Penetration Testers
- Linux Administrators
- IT Managers responsible for securing Linux systems in their environment
- Security Auditors looking to specialize in Linux server security
Prerequisites
- Basic understanding of Linux operating systems and commands.
- Familiarity with network protocols and system administration concepts.
- Knowledge of general cybersecurity concepts is beneficial but not required.
Course Content
Day 1
- Introduction of Linux Security
- Physical Security Threats and Measures
- Optimal OS Installation
- Bypassing Linux boot loader
- Grub Boot Loader Security
- Removing unnecessary modules
- Removing unnecessary Services and Ports
- Man In the Middle Attack
- Securing Remote Access
- Understanding the Kernel Security
Day 2
- Importance of Security Updates
- Danger of untrusted packages
- Injecting payload into RPM
- Maintaining RPM Package integrity
- Discretionary Access Control
- Compromised System Processes
- Mandatory Access Control (SELinux)
- File System Security and Encryption
- Advance Intrusion Detection Environment
Day 3
- Understanding Brute Force and Dictionary Attack
- Secure Root Console Access
- Prevent Log in to Accounts with Empty Password
- Set Default Password Aging and Expiration to accounts
- Set Password Retry Prompts Permitted Per Session
- Set lockout for failed password attempts
- Cracking password hashes
- Set Password Strength and Complexity
- Limited shell configured per user
Day 4
- Network Port Scanning
- Dynamic Firewall Management
- Kernel TCP stack security
- Hiding your footprint
- System Logging and Auditing
- File Transfer Protocol over SSL
- File Transfer Protocol over SSH
- Common Web Attacks
- Protect Web and DB from known web attacks
- Denial of Service Mitigation
Day 5
- Open Security Content Automation Protocol (OpenScap)
- Securing Linux w/ Ansible Automation
- Vulnerability Assessment and Reporting
