CanSecWest: Security Masters Dojo Vancouver
| Next Session Dates: | March 22-23 2010 |
| Venue: |
Sheraton Wall Center Vancouver, Canada |
| Duration: |
1 or 2 Day Courses. Sessions begin at 10:00 a.m. and go to 6 p.m. |
|
Registration Maximum: |
15 Students per course session. |
Course: Advanced Linux Hardening (and keeping your sanity)
Instructor:
Andrea Barisani <andrea@inversepath.com> (Inverse Path)
Jay Beale (Intelguardians)
Register for this course.
Description
The course shows how to effectively implement modern hardening frameworks and techniques for securing Linux-based (and secondarily *NIX systems) systems by keeping things manageable and at the same time avoiding the usual madness and confusion often created by MAC/hardening frameworks.
The goal of this course is to teach hands-on how to deal with every aspect of installing, configuring and maintaining hardening frameworks and learning the available techniques and administration for securing Linux systems. You'll learn the different architectures, implementation details, administration procedures and issues related to all the covered frameworks as well as acquire the proper skills for maintaining and troubleshooting the hardened environment. Special focus will be given to security monitoring and auditing, policy development and maintenance and hardening systems integration with your favourite distribution / OS.
PREREQUISITE WARNING Each class has prerequisites for software loads and a laptop is mandatory. These individual class guides will list material the students are expected have knowledge about coming in and software tools that need to be pre-installed before attending so you get the maximum benefit from the focused intermediate or advanced level course. Please pay particular attention to the prerequisites, as the material listed there will not be reviewed in the courses, and will be necessary to get the maximum benefit out of these educational programs.
Topics
You'll learn:
- basic *NIX security concepts and techniques
- security monitoring with Host Intrusion Detection Systems (HIDS)
- log monitoring and correlation
- swatch / tenshi / SEC / ...
- file system integrity checkers
- aide / samhain / osiris / ...
- sensible accounts and auth token management
- One Time Passwords
- shell account security
- extended POSIX ACLs
- hardening frameworks
- PaX / ASLR / Grsecurity
- SELinux
- RSBAC
- Systrace
- GCC hardening / Stack Smashing Protection
- ELF hardening: PIE (Position Independent Executables) / PIC (Position Independent Code)
- secure backup architectures
- centralized account management with LDAP
Bonus Topic:
- genuine Italian swearings to use when things go wrong! (and impress your co-workers)
Prerequisites
- basic command line proficiency on *NIX systems
- basic Linux/*NIX system administration skills
- familiarity with Makefiles / autoconf usage and package compilation and installation
- familiarity with Linux kernel configuration / compilation / installation
- basic scripting skills
Prerequisite material
- Each student must bring his own laptop running a recent Linux distribution, Fedora, RHE or Gentoo/Linux are the best choices but since the class will also focus on how to deal with this frameworks on any distribution we won't require any of those as long as it's a modern distribution capable of compiling without problems.
- Needless to say a working network adapter (along with a IPv4 TCP/IP) stack is required.
