Unix Security Administration – UNX107 – 5 Days
This five-day course enhances system administrators’ abilities to develop practical security measures on their Solaris machines. Students will be provided with hands-on experience in addition to valuable security knowledge. Students will learn how to secure user and system accounts, ensure file system security through the use of passwords and file ownership, utilize the crontab and at commands, handle programmed threats, and ensure physical and network security.
Unix Security Administration – UNX107 – 5 Days Request a Class Date
This five-day course enhances system administrators’ abilities to develop practical security measures on their Solaris machines. Students will be provided with hands-on experience in addition to valuable security knowledge.
Course ID: UNX107 Duration: 5 days
Audience: Administrators wishing to maximize their system’s security.
Prerequisites: Completion of Introduction to UNIX and UNIX Administration I and UNIX Administration II training courses or equivalent experience.
Unix Security Training Course Topics
- What is Security?
- Balance
- Scope of this Manual
- Staying up to Date
- Documentation
- Thinking Like the Enemy
Creating a Security Policy
- What is a Security Policy?
- Step 1 – Initially Secure the System
- Step 2 – Maintain System Security
- Step 3 – Recovery
Securing User Accounts
- Introduction
- Account Names
- Mail aliases
- The /etc/passwd, /etc/shadow and /etc/group files
- Users and their passwords
- Users with no passwords
- Forcing user to change their password
- Preventing user from changing their password
- Restricted shell
- Application accounts
- Same UID, multiple user accounts
- Dealing with the su command
- Saving login failures
- Tool: ASET
- Tool: Crack
- Other tools
Securing System Accounts
- The root Account
- Tools: COPS
- Other System Accounts
- Group System Account
Securing the File System
- Basic UNIX permissions
- Setting default permissions
- Special permission: SUID
- Special permission: SGID
- Special permission: sticky bit
- Access Control Lists (ACL)
- Changing the ownership of a file
- Changing the group ownership of a file
- Device files
- Partitions
- Disk Quotas
- Backups
- Tool: Using pkgchk to detect security problems
- Tool: Tiger
System Startup and Processes
- Boot Up Process
- Process Control
cron and at
- crontab vs. at
- Using the crontab Command
- Using the at Command
- Additional Security Concerns Regarding crontab and at
- Tool: Tripwire
Auditing
- ASET
- System Logs
- Typical System Logs
- Process Accounting
Programmed Threats
- What are Programmed Threats?
- Protecting Against Programmed Threats
- Executable Stacks
Physical Security
- What is Physical Security?
- Access Protection
- Protecting PROM
- Devices
- Natural Disasters
- Hardware Error
- Theft
Network Security
- Overview of Network Security
- Basic Networking Files
- Network Services
- Unnecessary Services
- Tool: Secure Shell
- NFS
- Firewalls
- Tool: Satan