Linux - System and Network Security (LNX5)

Cybersecurity, ICT Security

This course covers best practices for securing Linux servers and networks. You will learn system hardening, effective access control and how to build secure VPN solutions. Emphasis is practical configuration and testing.

The course also covers SSH best practices, application-level SSL configuration and secure file handling, plus disk encryption options like dm-crypt and encfs. You will practice firewall design and tools to protect services and data in Linux.

Location, current course term

Contact us

Custom Customized Training (date, location, content, duration)

The course:

Hide detail
  • Security concepts on Linux
  • Access permissions under the classic UNIX model
    1. Principles
    2. Limitations
  • Configuring ACL permissions
    1. Supported file systems
    2. Relation to the classic UNIX permission model
  • Effective use of SSH
    1. Configuring network access with keys
    2. Recommended hardening practices
    3. Using SSH for remote file transfer
  • Securing network services
    1. Application-level security options (SSL)
    2. Network-level security options and benefits
  • Securing network-layer transport
    1. VPN concepts
  • OpenVPN
    1. Advantages and disadvantages
    2. Server (endpoint) configuration
    3. Client setup
  • IPsec
    1. Advantages and disadvantages
    2. Using IPsec in tunnel and transport modes
    3. IPsec support on Linux: configuration options and implementations
    4. PSK and certificate concepts
    5. Configuring an IPsec tunnel between two endpoints
  • Effective firewall creation
    1. Overview
    2. Blocking clients
    3. Connection limiting
  • File encryption
    1. Using PGP/GPG to encrypt files
  • Disk encryption support
    1. Pros and cons of software and hardware encryption
    2. dm-crypt concept
    3. EncFS concept, advantages and disadvantages
    4. Creating an encrypted disk
  • SSL configuration in the Apache web server
    1. Creating certificates
    2. Installing certificates
    3. Verifying operation
Assumed knowledge:
Basic Linux system administration knowledge.
Recommended previous course:
Linux – Basic Administration (LNX1)
Schedule:
3 days (9:00 AM - 5:00 PM )
Language:

Vybrané zákaznické reference

DELINFO, spol. s r.o., Jan K.
Linux - System and Network Security ( LNX5)
"Bylo to příjemné. Děkujeme."