About the course
Hardening of a RHEL Linux System.
This course covers a wide range of security concepts and practices for Red Hat Enterprise Linux 7 (RHEL7). It starts with an introduction to basic security principles, including minimization, service discovery, and hardening techniques. The course then delves into scanning, probing, and mapping vulnerabilities, covering tools like WHOIS, DNS interrogation, Nessus/OpenVAS, and intrusion detection systems like Snort.
The course also covers tracking security updates and software maintenance, including managing RPM packages, Yum repositories, and the Red Hat Network Subscription Manager. It explores filesystem management, partitioning, encryption, and securing the filesystem with disk quotas, file attributes, and mount options. Additionally, the course covers special permissions, file access control lists (ACLs), and monitoring for filesystem changes using host-based intrusion detection systems (HIDS) like AIDE.
User account management, password security, and the Pluggable Authentication Modules (PAM) framework are also covered. The course introduces FreeIPA for centralized authentication and discusses log file administration, including systemd Journal, rsyslog, and log management tools. Kernel-level auditing with auditd is explored, along with securing services like Xinetd, TCP Wrappers, and firewalls (FirewallD and iptables).
Finally, the course delves into SELinux, covering its goals, modes, policies, troubleshooting, and the differences between Discretionary Access Control (DAC) and Mandatory Access Control (MAC) security models.