توضیح دوره امنیت لینوکس

در دوره SEC506 افراد با ایمن سازی سیستم عامل لینوکس و یونیکس آشنا می شوند . یکی از موثرترین لایه های دفاعی ایمن سازی سیستم عامل می باشد که این کار با ویژگی های خود سیستم عامل و در برخی موارد با استفاده از نرم افزارهای دیگر انجام می شود در دوره SEC506 به افرادی مکانیزم های امنیتی که از BOF جلوگیری میکند اموزش داده می شود و. همچنین پیاده سازی SELinux و مکانیزم های مختلف کنترل دسترسی پیاده سازی می شود

برای اطلاعات بیشتر در زمینه زمان برگزاری دوره  SEC506 به لینک زیر مراجعه فرمایید و یا با با کارشناسان تماس حاصل نمایید.

پیش نیاز دوره

  1. پیش نیاز این دوره، CEH  می باشد.

مخاطبین دوره

  • افراد علاقمند به تست نفوذ
  • کارشناسان تست نفوذ برنامه های تحت وب
  • کارشناسان امنیت شبکه

سرفصل دوره

Section1: Hardening Linux/Unix Systems, Part 1

Memory Attacks and Overflows

Stack and Heap Overflows

Format String Attacks

Stack Protection

Vulnerability Minimization

Minimization vs. Patching

OS Minimization

Patching Strategies

Boot-Time Configuration

Reducing Services

systemd vs init

Email Configuration

Legacy Services

Encrypted Access

Session Hijacking Exploits

The Argument For Encryption

SSH Configuration

Host-Based Firewalls

IP Tables and Other Alternatives

Simple Single-Host Firewalls

Managing and Automating Rule Updates

Section 2: Hardening Linux/Unix Systems, Part 2

Rootkits and Malicious Software

Backdoors and Rootkits

Kernel Rootkits

chkrootkit and rkhunter

File Integrity Assessment

Overview of AIDE

Basic Configuration

Typical Usage

Physical Attacks and Defenses

Known Attacks

Single User Mode Security

Boot Loader Passwords

User Access Controls

Password Threats and Defenses

User Access Controls

Environment Settings

Root Access Control With Sudo

Features and Common Uses

Configuration

Known Issues and Work-Arounds

Warning Banners

Why?

Suggested Content

Implementation Issues

Kernel Tuning For Security

Network Tuning

System Resource Limits

Restricting Core Files

Section 3: Hardening Linux/Unix Systems, Part 3

Automating Tasks With SSH

Why and How

Public Key Authentication

ssh-agent and Agent Forwarding

AIDE Via SSH

Conceptual Overview

SSH Configuration

Tools and Scripts

Linux/Unix Logging Overview

Syslog Configuration

System Accounting

Process Accounting

Kernel-Level Auditing

SSH Tunneling

X11 Forwarding

TCP Forwarding

Reverse Tunneling Issues

Centralized Logging With Syslog-NG

Why You Care

Basic Configuration

Hints and Hacks for Tunneling Log Data

Log Analysis Tools and Strategies

Section 4:Application Security, Part 1

chroot() for Application Security

What is chroot()?

How Do You chroot()?

Known Security Issues

The SCP-Only Shell

What It Is and How It Works

Configuring chroot() directory

Automounter Hacks for Large-Scale Deployments

SELinux Basics

Overview of Functionality

Navigation and Command Interface

Troubleshooting Common Issues

SELinux and the Reference Policy

Tools and Prerequisites

Creating and Loading an Initial Policy

Testing and Refining Your Policy

Deploying Policy Files

Section 5: Application Security, Part 2

BIND

Common Security Issues

Split-horizon DNS

Configuration for Security

Running BIND chroot()ed

DNSSEC

Implementation Issues

Generating Keys and Signing Zones

Key “Rollover”

Automation Tools

Apache

Secure Directory Configuration

Configuration/Installation Choices

User Authentication

SSL Setup

Web Application Firewalls with mod_security

Introduction to Common Configurations

Dependencies and Prerequisites

Core Rules

Installation and Debugging

Section 6: Digital Forensics for Linux/Unix

Tools Throughout

The Sleuth Kit

Foremost

chkrootkit

lsof and Other Critical OS Commands

Forensic Preparation and Best Practices

Basic Forensic Principles

Importance of Policy

Forensic Infrastructure

Building a Desktop Analysis Laboratory

Incident Response and Evidence Acquisition

Incident Response Process

Vital Investigation Tools

Taking a Live System Snapshot

Creating Bit Images

Media Analysis

File System Basics

MAC Times and Timeline Analysis

Recovering Deleted Files

Searching Unallocated Space

String Searches

Incident Reporting

Critical Elements of a Report

Lessons Learned

Calculating Costs

شهریه   1,200,000  تومان

دوره های برگزار شده  : 5

  • مدت دوره :‌۴۰  ساعت

  • پیش نیاز دوره :‌ CEH
  • نام مدرک :  SEC506
  • سطح دوره :‌ میانی

فهرست