| Hands On Linux Security |
Who should attend: System administrations of Linux and other UNIX systems, anyone who runs a public UNIX server
Work with systems that have been "hacked" and include hidden files, services, and evidence of the intrusion and learn how to uncover exploited systems and properly secure them. You will perform hands-on exercises with dual-use tools to replicate what intruders do as well as tools dedicated to security. The tools vary from the ordinary, such as find and strings, to less familiar, but important, such as lsof, various scanners, sniffers, and the Sleuth Kit.
The lecture portion of this class covers the background you need to understand UNIX security principles, TCP/IP, scanning, popular attack strategies, as well as defenses for networks and individual systems. The class will end with a discussion of the use of patching and vulnerability assessment tools.
Class exercises require that you have a X86-based laptop computer that can be booted from a CD. Students will receive a Live CD (KNOPPIX) that includes the tools, files and exercises required for the course. You can download KNOPPIX yourself (v5.1) and see if your laptop is supported. Some people have come without laptops and teamed up with friendly laptop users.
Exercises:
Day 2:
This class uses a modified version of KNOPPIX.
| Date | Location |
|---|---|
| USENIX Annual Technical Conference June 17, 18 2007 | Santa Clara, CA. | Contact | USENIX |
I am willing to schedule classes directly with organizations. The host organization needs to supply the classroom, projector, and some basic network hardware (cables and hubs/switches sufficient for connecting all the students in the class). rik@spirit.com