Categories: Linux administration, Networking, Security
An intensive workshop dedicated to security mechanisms available in Linux, including the basics of circumventing those mechanisms with examples of attacker’s code hiding techniques.
This workshop is recommended for both administrators and system security testers.
Topics presented during this workshop might also be useful for Linux administrators in big institutions. The acquired knowledge will be helpful when it comes to avoiding “catching” the so-called “nasty surprises” on servers. These are not only individually aimed attacks, but also the common bugs spreading through outdated or not secured “overlooked” machines which can happen extremely easily especially in big environments.
Duration
4 days
Agenda
- Strengthening mechanisms
- SELinux
- GRSec
- AppArmor
- chroot/sandbox/LXC
- ASLR
- PaX
- Advanced compilation techniques
- position independent code
- optimalisations, strengthening
- Security bypassing techniques
- escaping chroot
- bypassing ASLR
- Code hiding methods
- based on the kernel module
- not based on the kernel module
- Honeypots
- structure
- detection
Audience and prerequisites
Medium-advanced knowledge of Linux systems.
Certificates
Course participants receive completion certificates signed by ALX.
See also:
- Linux administrator
- Advanced Linux administrator
- LPI 101. An introduction to Linux administration
- LPI 102. Linux administration and networking
- Building a modern CI / CD process using the Jenkins server
- Selected Linux network services
- LPI 201. Linux architecture and low-level configuration
- LPI 202. Selected network services and network security
- LPIC-2 exam prep course
- LPI 300: LDAP, Samba, Integration with MS Windows and Mixed Environments
- LPI 303: Cryptography, Access Control, Services and Network Security
- LPI 304: Linux Virtualization and High Availability
- E-mail server - Exim, anti-spam solutions
- E-mail server - Postfix
- Bash shell programming
- Advanced shell programming, Bash, AWK
- Linux backups
- Advanced network traffic and content filtering
- VPNs in theory and practice
- Bandwidth and Traffic Management (QoS) on Linux
- Server and network monitoring, SNMP, Nagios, Munin
- Apache HTTP server on Linux
- Bind domain name server on Linux
- LDAP directory services on Linux. Integrating authorization systems
- Samba server on Linux
- Advanced Samba configuration (PDC, LDAP, replication)
- Linux virtualization
- Wireless networks and their security
- Digital signature and encryption with OpenSSL and GnuPG
- High availability: Linux Virtual Server and supporting technologies (HA1)
- NFS: Network File System on Linux
- Safe Internet in a computer lab
- Linux - application and kernel debugging
- Linux - exploiting applications and operating system. Low level attacks.
- Linux - application security testing, searching for possible exploits. High-level attacks
- MySQL administration