Plexus

  • Bangalore : + 91 96114 99550
  • Chennai : + 91 98402 64442

RedHat Server Hardening (RH413)

Introduction
  • RedHat Server Hardening (RH413) aims to teach Linux system administrators how to setup and confgiure systems to comply with various securityrecommended practise or security policy audit requirements
Objectives
  • Managing Software Updates
  • Working with filesystem options and features
  • Usage of special permissions and ACLs
  • Monitering filesystem and files changes
  • Managing user authorization details
  • Configuring PAM Authentication
  • Boot sequence of RHEL6
  • Configuring IdentityManagement
  • Iptables
no-logo
Course Overview
  • The Red Hat Server Hardening course supplies methods and approaches for security policy and configuration requirements and options for user authentication, applying updates, system auditing and logging, file system integrity and other factors
  • Red Hat Server Hardening provides strategies for addressing specific policy and configuration concerns
Audience
  • Red Hat Server Hardening was very helpful for linux system administors, who going to manage the linux servers that people
  • Needs technical guidance on how to enhance the security of Red Hat Enterprise Linux systems
  • Responsible for implementing security policy requirements on Red Hat Enterprise Linux systems consistently and in a reproducible, scalable way
Prerequisites
  • TBasic knowledge in RedHat Operating Systems
  • RedHat Certified System Administator or equivalent knowledge in 6
  • RedHat Certified Engineer Certification or equivalent knowledge in 6
    • System Administrators to know including,
    • Installing Linux Operating System and entry level commands called (touch,cat,cd,pwd,ls,history,vim,cp,mv)
    • Installing and removing Applications using (yum and rpm)
    • Service and Daemons Handling using chkconfig and service commands

Topics In RedHat Server Hardening



1 . Tracking security updates

  • What is redhat security response?
  • What is redhat severity scoring?
  • What is CVE and Errata?
  • Various types of redhat software updates
  • Package Backporting
2 . Managing software updates

  • Validating package updates
  • Applying package updates
  • What is GPG Key in package management
  • Validating intergrity of rpms
  • Examine the scripts of suspect packages before installing them


3 . Creating file systems

  • Implementing filesystem encryption using LUKS
  • Assign multiple password for single luks partion
  • Backuping and restoring luks partion header informations
  • providing encrypted password for the partion via the file.
4 . Managing file systems

  • Securing filesystem using different types of mount options
  • How to apply superblock mount options
  • Applying extend file attributes
  • Applying file attributes
5 . Managing special permissions

  • Usage of special permission concepts
  • Special permission types
  • Applying special permissions for files and drectories
  • Review the effects of special permmisions on files and directories
  • Auditing files with special permissions
6 . Managing additional file access controls

  • Setting default file permissions using umask
  • How change the umask values as persistent
  • Usage of ~/.bashrc,~/.bash_profile,~/.bash_history,/etc/bashrc,/etc/profile
  • Managing Accesscontrollists
  • Usage of defaults acls
7 . Monitering for file system changes

  • What is AIDE?
  • How to install and confiure aide
  • What is prelink?
8 . Managing user accounts

  • Managing password aging
  • Tuning users defaults password expiry settings
  • Auditing user accounts
9 . Managing pluggable authentication modules

  • What is PAM?
  • How its working?
  • understanding pam configuration file syntax
  • Usage of pam controls and pam types
  • Understanding pam documentations
  • Configuring password complexity using pam modules
  • Limiting users resoruces via pam module
  • Identifying users failed loggins and locking users account via pam module
10 . Securing console access

  • Boot sequence of RHEL 6
  • What is Grub?
  • Setting a bootloader and an os boot password in RHEL6
  • Disable Control-Alt-Delete Key combination in text console
  • Disable users list in users login screen in graphical console
  • Disaply messages while users loggin in graphical console
11 . Installing central authentication

  • What is identity Management?
  • How its identity management works
  • Installing identity management
  • Configuring identity management server
  • Adding users and groups in identity management server
  • configuring identity management clients
12 . Managing central authentication

  • Define identity management server users password expiration policy
  • Limit client ssh user access
  • Managing sudo on identity Management client systems
13 . Configuring system logging

  • What is log?
  • How to collect logs from linux system using rsyslog
  • Remote rsyslogging via encrypted tcp
  • segregate logs in linux systems
  • What is logrorate?
  • Change log file roration freqency based on expected size
14 . Configuring system auditing

  • What is Audit?
  • Configuring audit
  • Remote logging with audit
  • Analyzing audit log messages
  • Writing custom audit rules as persistent and temporary
  • Removing audit rules
  • Implement full terminal keystroke logging
15 . Controlling access to network services

  • What is iptables?
  • How iptables is working
  • Configuring iptables in linux system
  • Writing custom rules in iptables to deny or allow specific client request
  • Troubleshooting iptables issues
16 . Comprehensive review

  • Practice and demonstrate knowledge and skills learned in Red Hat Server Hardening



Outcome


Copyrights © 2017 Plexus Net Labs Pvt.Ltd.  All Rights Reserved.

UserName:




Email:




PhoneNo: