最新消息:网盘下载利器JDownloader--|--发布资讯--|--站务--|--解压出错.密码问题--

LinuxCBT Basic Security Edition

网络技术 047cg 0评论

LinuxCBT Basic Security Edition

English | .MOV | h264, yuv420p, 800x600, 5.00 fps(r) | aac, 44100 Hz, mono | 1.24 GB

Genre: E-learning

 

Boot Security

Explore Dell PowerEdge BIOS Security-related features
Discuss concepts & improve Dell PowerEdge BIOS security
Explain run-time boot loader vulnerabilities
Explore single-user mode (rootshell) and its inherent problems
Modify default GRUB startup options & examine results
Secure boot loader using MD5 hash
Identify key startup-related configuration files & define boot security measures
Identify key boot-related utilities
Confirm expected hardware configuration
Discuss INIT process, runlevel configuration & concepts
Explore & tighten the security of the INIT configuration

Shell Security

Confirm expected applications
Discuss Teletype Terminals (TTYs) and Pseudo Terminals (PTS)
Identify common TTYs and PTSs
Track current TTYs and PTSs - character devices
Discuss concepts related to privileged and non-privileged use
Restrict privileged login
Use SSH and discuss TTYs
Discuss the importance of consistent system-wide banners & messages
Define and configure system banners for pre and post-system-access
Identify user-logon history and correlate to TTYs
Identify current user-connections - console-based and network-based
Use lsof to identify open files and sockets 

Syslog Security

Discuss Syslog concepts and applications
Explain Syslog semantics - facilities & levels - message handling & routing
Focus on security-related Syslog facilities
Examine security logs managed by Syslog
Configure Network Time Protocol (NTP) on interesting hosts
Secure NTP configuration
Ensure time consistency to preserve log-integrity
Configure Syslog replication to preserve log-integrity
Identify log discrepancies between Syslog hosts 

Reconnaissance & Vulnerability Assessment Tools

Discuss Stage-1 host/network attack concepts
Upgrade NMAP reconnaissance tool to increase effectiveness
Identify NMAP files
Discuss TCP handshake procedure
Discuss half-open/SYN connections
Perform connect and SYN-based host/network reconnaissance
Identify potential vulnerabilities on interesting hosts derived from reconnaissance
Examine NMAP logging capabilities
Perform port sweeps to identify common vulnerabilities across exposed systems
Secure exposed daemons/services
Perform follow-up audit to ensure security policy compliance
Discuss vulnerability scanner capabilities and applications
Prepare system for Nessus vulnerability scanner installation - identify/install dependencies
Generate self-signed SSL/TLS certificates for secure client/server communications
Activate Nessus subscription, server and client components
Explore vulnerability scanner interface and features
Perform network-based reconnaissance attack to determine vulnerabilities
Examine results of the reconnaissance attack and archive results
Secure exposed vulnerabilities 

XINETD - TCPWrappers - Chattr - Lsattr - TCPDump - Clear Text Daemons

Install Telnet Daemon
Install Very Secure FTP Daemon (VSFTPD)
Explore XINETD configuration and explain directives
Configure XINETD to restrict communications at layer-3 and layer-4
Restrict access to XINETD-protected daemons/services based on time range
Examine XINETD logging via Syslog
Discuss TCPWrappers security concepts & applications
Enhance Telnetd security with TCPWrappers
Confirm XINETD & TCPWrappers security
Discuss chattr applications & usage
Identify & flag key files as immutable to deter modifcation
Confirm extended attributes (XATTRs)
Discuss TCPDump applications & usage
Configure TCPDump to intercept Telnet & FTP - clear-text traffic
Use Ethereal to examine & reconstruct captured clear-text traffic 

Secure Shell (SSH) & MD5SUM Applications

Use Ethereal to examine SSH streams
Generate RSA/DSA PKI usage keys
Configure Public Key Infrastructure (PKI) based authentication
Secure PKI authentication files
Use SCP to transfer files securely in non-interactive mode
Use SFTP to transfer files securely in interactive mode
Configure SSH to support a pseudo-VPN using SSH-Tunnelling
Discuss MD5SUM concepts and applications
Compare & contrast modified files using MD5SUM
Use MD5SUM to verify the integrity of downloaded files 

GNU Privacy Guard (GPG) - Pretty Good Privacy (PGP) Compatible - PKI

Discuss GPG concepts & applications - symmetric/asymmetric encryption
Generate asymmetric RSA/DSA GPG/PGP usage keys - for multiple users
Create a local web of trust
Perform encrypts/decrypts and test data-exchanges
Sign encrypted content and verify signatures @ recipient
Import & export public keys for usage
Use GPG/PGP with Mutt Mail User Agent (MUA) 

AIDE File Integrity Implementation

Discuss file-integrity checker concepts & applications
Identify online repository & download AIDE
Install AIDE on interesting hosts
Configure AIDE to protect key files & directories
Alter file system objects and confirm modifications using AIDE
Audit the file system using AIDE 

Rootkits

Discuss rootkits concepts & applications
Describe privilege elevation techniques
Obtain & install T0rnkit - rootkit
Identify system changes due to the rootkit
Implement T0rnkit with AIDE to identify compromised system objects
Implement T0rnkit with chkrootkit to identify rootkits
T0rnkit - rootkit - cleanup
Implement N-DU rootkit
Evaluate system changes 

Bastille Linux - OS-Hardening

Discuss Bastille Linux system hardening capabilities
Obtain Bastille Linux & perform a system assessment
Install Bastille Linux
Evaluate hardened system components 

NPING - Flexible Packet Crafting

Discuss benefits
Download and install
Explore typical usage 

Nikto - Web Server Vulnerability Scanner

Download and install
Discuss configuration options
Scan web servers
Evaluate results

LinuxCBT Basic Security Edition


Download Firedrive and 百度云

以下隐藏内容只提供VIP赞助会员

sorry! The following hidden content sponsorship VIP members only.

您必须 登录 才能发表评论!