مدت دوره: 40 ساعت
شهریه: 1,200,000 تومان
ارائه دهنده: NooraNet
توضیح دوره

دوره امنیت لینوکس

نام انگلیسی:  Securing Linux/Unix

در دوره SEC506 افراد با ایمن سازی سیستم عامل لینوکس و یونیکس آشنا می شوند . یکی از موثرترین لایه های دفاعی ایمن سازی سیستم عامل می باشد که این کار با ویژگی های خود سیستم عامل و در برخی موارد با استفاده از نرم افزارهای دیگر انجام می شود در دوره SEC506 به افرادی مکانیزم های امنیتی که از BOF جلوگیری میکند اموزش داده می شود و. همچنین پیاده سازی SELinux و مکانیزم های مختلف کنترل دسترسی پیاده سازی می شود

برای اطلاعات بیشتر در زمینه زمان برگزاری دوره  SEC506 به لینک زیر مراجعه فرمایید و یا با با کارشناسان تماس حاصل نمایید.

پیش نیاز دوره

پیش نیاز این دوره، CEH  می باشد.

مخاطبین دوره
  • افراد علاقمند به تست نفوذ
  • کارشناسان تست نفوذ برنامه های تحت وب
  • کارشناسان امنیت شبکه
سر فصل دوره
 SEC506.1: Hardening Linux/Unix Systems, Part 1

Memory Attacks and Overflows

Stack and Heap Overflows

Format String Attacks

Stack Protection

Vulnerability Minimization

Minimization vs. Patching

OS Minimization

Patching Strategies

Boot-Time Configuration

Reducing Services

systemd vs init

Email Configuration

Legacy Services

Encrypted Access

Session Hijacking Exploits

The Argument For Encryption

SSH Configuration

Host-Based Firewalls

IP Tables and Other Alternatives

Simple Single-Host Firewalls

Managing and Automating Rule Updates

 

SEC506.2: Hardening Linux/Unix Systems, Part 2

Rootkits and Malicious Software

Backdoors and Rootkits

Kernel Rootkits

chkrootkit and rkhunter

File Integrity Assessment

Overview of AIDE

Basic Configuration

Typical Usage

Physical Attacks and Defenses

Known Attacks

Single User Mode Security

Boot Loader Passwords

User Access Controls

Password Threats and Defenses

User Access Controls

Environment Settings

Root Access Control With Sudo

Features and Common Uses

Configuration

Known Issues and Work-Arounds

Warning Banners

Why?

Suggested Content

Implementation Issues

Kernel Tuning For Security

Network Tuning

System Resource Limits

Restricting Core Files

 

SEC506.3: Hardening Linux/Unix Systems, Part 3

Automating Tasks With SSH

Why and How

Public Key Authentication

ssh-agent and Agent Forwarding

 

AIDE Via SSH

Conceptual Overview

SSH Configuration

Tools and Scripts

 

Linux/Unix Logging Overview

Syslog Configuration

System Accounting

Process Accounting

Kernel-Level Auditing

 

SSH Tunneling

X11 Forwarding

TCP Forwarding

Reverse Tunneling Issues

 

Centralized Logging With Syslog-NG

Why You Care

Basic Configuration

Hints and Hacks for Tunneling Log Data

Log Analysis Tools and Strategies

 

SEC506.4: Application Security, Part 1

chroot() for Application Security

What is chroot()?

How Do You chroot()?

Known Security Issues

 

The SCP-Only Shell

What It Is and How It Works

Configuring chroot() directory

Automounter Hacks for Large-Scale Deployments

 

SELinux Basics

Overview of Functionality

Navigation and Command Interface

Troubleshooting Common Issues

 

SELinux and the Reference Policy

Tools and Prerequisites

Creating and Loading an Initial Policy

Testing and Refining Your Policy

Deploying Policy Files

 

SEC506.5: Application Security, Part 2

BIND

Common Security Issues

Split-horizon DNS

Configuration for Security

Running BIND chroot()ed

 

DNSSEC

Implementation Issues

Generating Keys and Signing Zones

Key “Rollover”

Automation Tools

 

Apache

Secure Directory Configuration

Configuration/Installation Choices

User Authentication

SSL Setup

 

Web Application Firewalls with mod_security

Introduction to Common Configurations

Dependencies and Prerequisites

Core Rules

Installation and Debugging

 

SEC506.6: Digital Forensics for Linux/Unix

Tools Throughout

The Sleuth Kit

Foremost

chkrootkit

lsof and Other Critical OS Commands

 

Forensic Preparation and Best Practices

Basic Forensic Principles

Importance of Policy

Forensic Infrastructure

Building a Desktop Analysis Laboratory

 

Incident Response and Evidence Acquisition

Incident Response Process

Vital Investigation Tools

Taking a Live System Snapshot

Creating Bit Images

 

Media Analysis

File System Basics

MAC Times and Timeline Analysis

Recovering Deleted Files

Searching Unallocated Space

String Searches

 

Incident Reporting

Critical Elements of a Report

Lessons Learned

Calculating Costs

تقویم آموزشی
فهرست