This course discusses Linux security and how system managers and administrators can implement security measures on Linux. The focus of the course is on the inherent security vulnerabilities commonly found on Linux systems and how to correct them. Examples are presented which illustrate how to insure a high level of security confidence against unauthorized users from accessing the system. The common methods used to penetrate Linux systems, gain unauthorized root access permission, become another user, plant trojan horses or spoofs, and other ways of circumventing the normal system protection are disclosed. Each attendee will receive detailed audit checklists and a CD containing Linux shell and C programs which will assist in performing security auditing and risk analysis.

Upon completion of this course the attendee will be able to:

• State the built-in Linux security control mechanisms
• State the security vulnerabilities inherent to Linux systems
• Determine common methods used to gain unauthorized access to the system or data
• Identify the bugs contained in Linux system and application programs and how they are exploited by unauthorized users
• Identify how Trojan horses and spoofs are planted into the system and methods of detecting them
• State the minimum recommended file and directory access permissions
• Perform a risk analysis and analyze the results
• Execute audit programs which will assist in maintaining system security.

This course is designed for experienced system administrators who will be perform
system and network security operations.