GL413 – Enterprise Linux Server Hardening

GL413

Overview

About the course

Hardening of a RHEL Linux System.

This course covers a wide range of security concepts and practices for Red Hat Enterprise Linux 7 (RHEL7). It starts with an introduction to basic security principles, including minimization, service discovery, and hardening techniques. The course then delves into scanning, probing, and mapping vulnerabilities, covering tools like WHOIS, DNS interrogation, Nessus/OpenVAS, and intrusion detection systems like Snort.

The course also covers tracking security updates and software maintenance, including managing RPM packages, Yum repositories, and the Red Hat Network Subscription Manager. It explores filesystem management, partitioning, encryption, and securing the filesystem with disk quotas, file attributes, and mount options. Additionally, the course covers special permissions, file access control lists (ACLs), and monitoring for filesystem changes using host-based intrusion detection systems (HIDS) like AIDE.

User account management, password security, and the Pluggable Authentication Modules (PAM) framework are also covered. The course introduces FreeIPA for centralized authentication and discusses log file administration, including systemd Journal, rsyslog, and log management tools. Kernel-level auditing with auditd is explored, along with securing services like Xinetd, TCP Wrappers, and firewalls (FirewallD and iptables).

Finally, the course delves into SELinux, covering its goals, modes, policies, troubleshooting, and the differences between Discretionary Access Control (DAC) and Mandatory Access Control (MAC) security models.

Course Details

  • Course Ref: GL413
  • Course Duration: 4 days
  • Course Location: Virtual Classroom
  • Course Dates: TBC
  • Course Price: £995 (Excl VAT)

Modules

  • Seurity concepts
  • Scanning, probing, and mapping vulnerabilities
  • Tracking security updates and software maintenance
  • Manage the filesystem
  • Securing the filesystem
  • Manage special permissions
  • Manage file access controls
  • Monitor for filesystem changes
  • Manage user accounts
  • Password security and pam
  • Using freeIPA for centralized authentication
  • Log file administration
  • Accountability with kernel audit
  • Securing services
  • SELinux

Course Outline