SANS SEC506 Securing Linux Unix
 
SEC506: Securing Linux/Unix offers comprehensive coverage of Linux and Unix security concerns, providing specific configuration guidance and practical examples, tips, and tricks from real-world scenarios. The course addresses how to mitigate or eliminate common issues applicable to Unix-like operating systems, covering vulnerabilities in the password authentication system, file system, virtual memory system, and commonly used applications on Linux and Unix platforms.

Key Learning Points:

- Reduce vulnerabilities in Linux/Unix systems by turning off unnecessary services
- Protect systems from buffer overflows, denial-of-service attacks, and physical access threats through OS configuration settings
- Configure host-based firewalls to block external attacks
- Implement SSH for secure administrative sessions and automate routine administrative tasks securely
- Utilize sudo for controlling and monitoring administrative access
- Establish a centralized logging infrastructure using Syslog-NG and deploy log monitoring tools to detect significant events
- Utilize SELinux to isolate compromised applications from affecting other system services
- Securely configure internet-facing applications like Apache and BIND
- Investigate compromised Unix/Linux systems using tools like the Sleuthkit, lsof, and other open-source utilities
- Recognize attacker rootkits and employ tools like AIDE and hunter/chkrootkit for detection

Course Components:

- SEC506 Securing Linux/Unix Course
- SEC506 Courseware