ďVery detailed. The workshops were great. One of the best trainings Iíve been to.Ē
-Holly Robins, Senior Technology Consultant, Protiviti
Unix is still the most popular operating system for critical and high-volume applications. The number of servers running Unix-based systems such as AIX, Solaris, HP-UX and Linux increases daily. For many enterprises, these systems donít just support the business they are the business. On its own, a newly installed Unix system is no more a security risk than other system of its genre. But as we add users, network services, applications, and customizations for administrative support, we also add the possibility of mistakes and configuration errors that can turn the system into a security nightmare.
In this hands-on, five-day seminar you will go through the steps to take to audit and analyze the security of a Unix-based system. You will begin by reviewing a typical Unix system that has been salted with common configuration errors for you to discover. You will evaluate the systemís user access controls, examine standard system logs, analyze the effect of file and directory permissions, search for special files that allow users extended capabilities, and evaluate the risks of system processes. You will learn how to use the Unix shell, the standard user interface, to navigate the system, test file and directory access controls, access and manage files, use the system search tools, and capture evidence with shell redirection. So that you can review shell scripts that control many of the operations of a Unix-based server, youíll cover the basics of shell programming.
Since servers use network interfaces to provide their service, you will also learn how to review Unix network control files and evaluate the risks of selected common network services. You will explore add-on security tools and conduct a head-to-head comparison of the key features and capabilities of each of the major Unix-based operation systems, including Solaris, AIX, HP-UX, Tru-64, and the most popular Linux varieties.
After each section you will perform a hands-on exercise to allow you to investigate the settings on our sample server. After each exercise, the seminar leader will review the class findings and go over the possible system risk that each issue represents. When applicable, the instructor will demonstrate how some of these common errors can be used to successfully attack the system. A hand-out on each issue will provide you with valuable information on the findingís risk, severity, and recommended solution.
You will return to your office with the know-how to set up, manage, and maintain an enforceable Unix security policy, and with a thorough audit approach for securing Unix-based operating systems.
Prerequisite: Information Security Boot Camp (ISG291), Network Security Essentials (ASG203), or equivalent experience.
Advanced Preparation: None
Learning Level: Advanced
Delivery Method: Group-Live
Field: Specialized Knowledge & Applications