services


	LINUX
	LAMP
	PERL
	PHP
	LINUX SECURITY
	PYTHON
	SHELL SCRIPTING
	ETHICAL HACKING
	BUILDING CLUSTERS IN LINUX

Download PDF

Course Duration : 32 Hours

UNIT-1 THE THREAT MODEL AND PROTECTION METHODS
Internet threat model and the attacker's plan
System security and service availability
An overview of protection mechanisms

UNIT-2 BASIC SERVICE SECURITY
SELinux
Host-based access control
Firewalls using Netfilter and iptables
TCP wrappers
xinetd and service limits

UNIT-3 CRYPTOGRAPHY
Overview of cryptographic techniques
Management of SSL certificates
Using GnuPG

UNIT -4 LOGGING AND NTP
Time synchronization with NTP
Logging: syslog and its weaknesses
Protecting log servers

UNIT -5 BIND and DNS Security
BIND vulnerabilities
DNS Security: attacks on DNS
Access control lists
Transaction signatures
Restricting zone transfers and recursive queries
DNS Topologies
Bogus servers and blackholes
Views
Monitoring and logging
Dynamic DNS security

UNIT -6 Network Authentication: RPC, NIS, and Kerberos
Vulnerabilities
Network-managed users and account management
RPC and NIS security issues
Improving NIS security
Using Kerberos authentication
Debugging Kerberized Services
Kerberos Cross-Realm Trust
Kerberos Encryption

UNIT -7 Network File System
Overview of NFS versions 2, 3, and 4
Security in NFS versions 2 and 3
Improvements in security in NFS4
Troubleshooting NFS4
Client-side mount options

UNIT -8 OpenSSH
Vulnerabilities
Server configuration and the SSH protocols
Authentication and access control
Client-side security
Protecting private keys
Port-forwarding and X11-forwarding issues

UNIT -9 Electronic Mail with Sendmail
Vulnerabilities
Server topologies
Email encryption
Access control and STARTTLS
Anti-spam mechanisms

UNIT -10 Postfix
Vulnerabilities
Security and Postfix design
Configuring SASL/TLS

UNIT -11 FTP
Vulnerabilities
The FTP protocol and FTP servers
Logging
Anonymous FTP
Access control

UNIT -12 Apache security
Vulnerabilities
Access control
Authentication: files, passwords, Kerberos
Security implications of common configuration options
CGI security
Server side includes
suEXEC

UNIT -13 Intrusion Detection and Recovery
Intrusion risks
Security policy
Detecting possible intrusions
Monitoring network traffic and open ports
Detecting modified files
Investigating and verifying detected intrusions
Recovering from, reporting, and documenting intrusion

Home \| Courses \| Modular Courses \| Workshop & Lab Courses \| Career Courses \| Training \| Services \| Contact Us
Copyright © 2010. Linobox Technology. All Rights Reserved.