System Security for Red Hat Linux

Course Introduction

• Administration and Course Materials
• Course Structure and Agenda
• Delegate and Trainer Introductions

Session 1: INTRODUCTION TO LINUX SECURITY

• Linux Native Security
• Areas of Security
• Common Attack Methods
• Basic Security Precautions
• Standards and Compliance

Session 2: SECURING THE USER ENVIRONMENT

• Managing User Accounts
• Bash history
• Configuring History
• Confining User History

Session 3: LOGGING WITHIN LINUX

• Linux Log Files
• systemd Journal
• Linux Audit Framework
• Generating Audit Queries
• Configuring Auditing
• Defining Auditing Rules

Session 4: SELinux

• DAC vs MAC
• The SELinux Policy
• SELinux Contexts
• SELinux Key Commands
• Viewing SELinux Decisions
• SELinux Booleans
• Exporting SELinux Configuration

Session 5: SELinux MODULES

• SELinux Entities
• SELinux Modules
• Administering Modules
• Creating Modules With audit2allow
• Writing SELinux Modules
• The Type Enforcement File

Session 6: RED HAT FIREWALL

• Firewalld Overview
• Firewalld vs IPTables
• Firewall Zones
• Configuring Firewall
• Creating a Firewall Service
• Configuring Firewall Zones
• Rich Rules
• Fail2ban Installation and Configuration

Session 7: SECURING SSH

• Key Algorithms
• SSH Agents
• SSH Server Options
• The known_hosts File
• Certificate Based Authentication
• Verifying Signed Certificates

Session 8: SECURING APPLICATIONS

• Certificate Based Authentication
• Creating a Certificate Authority
• Configuring Logging with TLS
• TCP Wrappers
• Network Time
• chrony Security
• Authenticating chrony Clients

Session 9: INTRUSION DETECTION AND PREVENTION

• Detecting Intrusions with AIDE
• Installing and Configuring AIDE
• Detecting and Removing Rootkits
• Installing and Configuring ClamAV

Session 10: SECURING PACKAGES

• Red Hat Package Management
• Obtaining Detailed Update Information
• Package Management History
• Creating an rpm Package
• Signing an rpm Package
• Installing a Signed rpm
• Creating a Package Repository

Session 11: PLUGGABLE AUTHENTICATION MODULES

• PAM File Format
• PAM Configuration File
• Using PAM to Allow/Deny a Service
• Restricting Access to SSH
• Increasing Password Complexity
• Delaying Failed Logins
• Controlling Access by Time
• Limiting user Resources

Session 12: CRACKING LINUX PASSWORDS

• Password Hashing Methods
• Verifying Password Strength
• Types Of Password Attacks
• Password Cracking
• Installing a Password Cracking Utility
• Installing a Word List
• Resetting a Lost root Password

Session 13: SUDO AND RESTRICTING LOGINS

• Configuring Sudo
• Basic Examples
• Password Administration
• Running Sudo On Remote Systems
• Sudoedit
• Sudo Logging
• Sudo Digests
• Include Statements
• Restricting root Access

Session 14: SECURING THE LINUX FILESYSTEM

• Linux Filesystem Security
• Protecting the Boot Menu
• Securely Erasing Data
• Data Sanitisation Methods
• Extended Permissions
• Extended File Attributes
• File Access Control Lists
• LUKS Encrypted Partitions

Session 15: AN OVERVIEW OF RED HAT IDENTITY MANAGEMENT

• Red Hat Identity Management
• The Identity Management Domain
• IdM Server Configuration Options

APPENDIX A: IdM INSTALLATION

• IdM Server Prerequisites
• Verifying DNS Configuration
• IdM Server Installation
• IdM Client Installation

APPENDIX B: SECURING VSFTPD WITH SSL/TLS

• Creating an SSL Certificate
• Configuring VSFTPD FOR SSL/TLS