OBJECTIF

This course aims to address the problems of securing Linux servers and workstations, what it is necessary to know and put in place to protect its fleet. It will include a presentation of GNU Linux and its operation, hardening methods of the kernel and the general principles of using Linux in a secure way (rights management, password policy, etc.).

In particular, the objectives of the training are:

• • Put in place an effective security policy
  • Add protection mechanisms
  • Define an effective security policy
  

PREREQUISITES

• Knowledge in Linux administration

• Network knowledge

• Knowledge in virtualized system

GENERAL INFORMATION

• Code : SL
• Duration : 3 Days
• schedule : 8h30 - 17h30
• place : training center, Center Urbain Nord

TARGETED AUDIENCE

• •administrators
• • Engineers / Technicians
• • consultants

RESOURCES

• Course materials
• 40% demonstration
• 40% of theory
• 20% practical exercises

PROGRAM OF TRAINING

• Days 1
• Presentation of security policies
• Linux system overview
• Implementation of the first security

• Secure Boot
• Grub
• DMA Attacks


• Securing the Core

• Compiling the kernel
• GRSEC
• System auditing
• Manipulation of services
• Update
• Logging
• Automation


• Days 2
• Rights and access management

• RWX
• Identity management
• The PAM identification system
• Kernel capabilities
• SELinux
• Principle of the minimum privilege


• Network management

• Filtering network entries

• Disk encryption

• dm-crypt
• LUKS


• Memory protection

• Bit NX
• ASLR
• Stack canary


• Days 3
• Configure and secure your services

• SSH
• Samba
• OpenSSL
• Apache
• MySQL


• Application isolation

• CHROOT
• Docker and hardening