Hands-on Linux Host Security for SysAdmins: Proven security approaches and best practice detection techniques for Linux servers

Hands-on Linux Host Security for SysAdmins: Proven security approaches and best practice detection techniques for Linux servers
Hands-on Linux Host Security for SysAdmins: Proven security approaches and best practice detection techniques for Linux servers
English | MP4 | AVC 1280×720 | AAC 44KHz 2ch | 1h 20m | 328 MB

Gain critical familiarity with the best security tools (AIDE, Rootkit Hunter (rkhunter), and chroot) and access–limiting, auditing tools on host Linux systems

Gaining access to a local user is the first thing a system intruder attempts. Indeed, local users themselves can also cause havoc with your system, especially because they are real people who can exploit your personal data with minimal human engineering. This course will take you through how to lock up your host more securely.

In this course, you will learn the skills you need to lock your Linux server down and protect your data and other resources by tuning the Linux kernel using various commands, practical ports, and service monitoring. You will learn how to perform operations that change the apparent root directory to jail (mis)users. You will learn about Linux Auditing System tools and associated traceability issues, and then work hands-on with malware detection tools, rootkits, and more. You will also learn to limit user access to resources and how to deal with processing and statistics.

By the end of this course, you will have gained the skills and knowledge you need to make sure that your local security is tight and secure. You’ll be confident about hardening your Linux servers so intruders have more hurdles to cross.

Learn

  • Examine the Linux procfs filesystem, use systcl to read and write to procfs files, and work hands-on with ASLR
  • Perform port scanning and network service detection to reduce exposure to the outside world
  • Make use of chroot to lock users into jails to restrict their access and secure environments
  • Perform security practicals without the Linux auditing system installed
  • Monitor system changes with AIDE (Advanced Intrusion Detection Environment)
  • Use rootkit hunter to find changes in binaries or additional files monitoring the Linux Server
  • Implement limits and display enforced limits using the command shell built limit, adjust limits, then persist them via the limits.conf file
Table of Contents

Tuning The Linux Kernel
1 The Course Overview
2 Working with procfs
3 Working with the Kernel in procfs
4 Space Layout Randomization
5 Secure ICMP in the procfs
6 Tor Safe Browsing

Ports And Services
7 Enabling Services with Systcl
8 Disabling Services with Systcl
9 Working with Service lists
10 Settingetcsystemdtimesyncd.conf
11 Security Port Listing with ss command

Chroot Jails
12 Chrooting Users
13 Creating a Jail Chroot
14 Adding SSH user
15 SSH Login with Chroot
16 Logging on SSH

Linux System Auditing
17 Linux Auditing
18 Installing Auditing Packages
19 Working with Auditing Tools
20 Using Default Configuration
21 Working on Custom Rules

Malware Detection
22 Installing AIDE(Advanced Intrusion Detection Environment)
23 Baseline Checks and Functionality
24 Working with AIDE
25 Installing Rootkit Hunters
26 Working with Linux Malware Detection

Securing the GRUB Boot Process
27 Securing Virtual Machines
28 Creating Virtual Machines
29 Users Password Recovery
30 Secure GRUB Boot Process

Limiting Users’ Access
31 Working with ulimit Command
32 Securing Virtual Machines
33 Reporting Processors Statistics
34 Reporting Linux Processes
35 Process Management Tools

Configure User Accounts in OpenLDAP
36 Configuring the OpenLDAP Appliance
37 Creating OpenLDAP Users
38 Configuring SSSD on OpenLDAP Client Systems