THE HARTMANN SOFTWARE GROUP

303.377.6176

Unix Security Administration Training

Course Description
This five-day course enhances system administrator's abilities to develop practical security measures on their Solaris machines. Students will be provided with hands-on experience in addition to valuable security knowledge. Course Length: 5 Days Course Tuition: $1690 (US)

Prerequisites
Completion of Introduction to UNIX, UNIX Administration I, and UNIX Administration II or equivalent experience.

Course Outline

Security Concepts
What is Security?
Balance
Scope of this Manual
Staying up to Date
Documentation
Thinking Like the Enemy

Creating a Security Policy
What is a Security Policy?
Step 1 - Initially Secure the System
Step 2 - Maintain System Security
Step 3 - Recovery

Securing User Accounts
Introduction
Account Names
Mail aliases
The /etc/passwd, /etc/shadow and /etc/group files
Users and their passwords
Users with no passwords
Forcing user to change their password
Preventing user from changing their password
Restricted shell
Application accounts
Same UID, multiple user accounts
Dealing with the su command
Saving login failures
Tool: ASET
Tool: Crack
Other tools

Securing System Accounts
The root Account
Tools: COPS
Other System Accounts
Group System Account

Securing the File System
Basic UNIX permissions
Setting default permissions
Special permission: SUID
Special permission: SGID
Special permission: sticky bit
Access Control Lists (ACL)
Changing the ownership of a file
Changing the group ownership of a file
Device files
Partitions
Disk Quotas
Backups
Tool: Using pkgchk to detect security problems
Tool: Tiger

System Startup and Processes
Boot Up Process
Process Control

cron and at
crontab vs. at
Using the crontab Command
Using the at Command
Additional Security Concerns Regarding crontab and at
Tool: Tripwire

Auditing
ASET
System Logs
Typical System Logs
Process Accounting

Programmed Threats
What are Programmed Threats?
Protecting Against Programmed Threats
Executable Stacks

Physical Security
What is Physical Security?
Access Protection
Protecting PROM
Devices
Natural Disasters
Hardware Error
Theft

Network Security
Overview of Network Security
Basic Networking Files
Network Services
Unnecessary Services
Tool: Secure Shell
NFS
Firewalls
Tool: Satan

Training can be conducted in a number of different ways outside of a classroom setting. To that end, we offer some free on line tutorials which we will update extensively in the very near future. We also offer mentoring services to help design, integrate and develop large scale complicated systems.

Public Training Schedule

Java Training - June 11th - 15th

C/C++ Training - June 11th - 15th

Object Oriented C# Training - August 13th - 17th

See all public training classes & Register

Learn from anywhere!

Some of the places where we have taught >>

New York City
Los Angeles, California
Chicago, Illinois
Houston, Texas
Philadelphia, Pennsylvania
Pittsburgh, Pennsylvania
Phoenix, Arizona
San Antonio, Texas
San Diego, California
Dallas, Texas
San Jose California
Buffalo, New York
Toronto, Canada
Montreal, Canada
Detroit, Michigan
Indianapolis, Indiana
Jacksonville, Florida
San Francisco, California
Columbus, Ohio
Austin, Texas
Memphis, Tennessee
Baltimore, Maryland
Fort Worth, Texas
Charlotte, North Carolina
El Paso, Texas
Milwaukee, Wisconsin
Seattle, Washington
Boston, Massachusetts
Denver, Colorado
Louisville, Kentucky
Washington DC
Nashville, Tennessee
Las Vegas, Nevada
Portland, Oregon
Oklahoma City, Oklahoma
Tucson, Arizona
Albuquerque, New Mexico
Long Beach, California
Atlanta, Georgia
Fresno, California
Sacramento, California
New Orleans, Louisiana
Cleveland, Ohio
Kansas City, Kansas
Boulder, Colorado
Virginia Beach, Virginia
Omaha, Nebraska
Oakland, California
Miami, Florida
Tulsa, Oklahoma
Honolulu, Hawaii
Minneapolis, Minnesota
Colorado Springs, Colorado

Let's Have Fun

Public Training Schedule