Linux Security and Hardening
General Linux Security
Physical Security for Linux
Network Security in Linux
Additional Security Resources
In this section, you’ll take a deep dive into Linux security. You’ll build your knowledge and skills through a comprehensive overview of the key areas that you need to know to secure Linux systems.
You’ll begin with Linux security in general before moving on to physical security and the countermeasures you can employ to protect your hardware. From there, you’ll explore authentication systems and the various account types on a Linux system, and how to secure each one. You'll also learn how to enforce strong passwords and manage account and password expirations.
In the networking section, you'll learn how to secure network services that run on Linux systems. You'll also learn how the local firewall works in Linux and how to configure it. You’ll learn about file system security and how permissions work in detail, including special modes, file attributes, and ACLs. You'll also discover what rootkits are, how to detect them, and how to remove them.
You’ll also find several security resources you can use to continue your security education and stay on top of the latest security issues for Linux distributions.
There are several knowledge checks as you go through these resources. These will help you identify any areas that you might need or want to review. At the end you’ll find a final exam, where you can test yourself on what you’ve learnt.
- Get a general view of Linux security including roles, network services, encryption, accounts, and multifactor authentication
- Learn specific strategies for mitigating physical security risks and protecting your Linux systems against the most common physical attacks
- Learn about data encryption and how to implement it on new Linux systems, as well as those that are already in service
- Understand the different types of accounts you'll find on a Linux system and the special precautions you need to take with each account type
- Learn how to enforce good password security practices on your Linux systems
- Learn about multi-factor authentication and how it can be implemented in Linux
- Learn techniques and strategies to secure network services
- Learn how to secure your files and directories on Linux through permissions, data sharing, special modes, file attributes, ACLs, and rootkits
I hope you enjoyed this course and learned a lot along the way. I did my best to stay focused on issues that were specific to the Linux operating system and pointed out some of the most common Linux security concerns and how to address them. However, I realize that no matter how much material I include in this course, there will always be certain areas that each student wishes I had spent more time on, or provided even greater details on. Also, I know there will be some of you who are not only interested in Linux security, but also in broader topics like network security or information security in general. That's why I've put together this section of the course. In it I will start off by directing you to some additional resources that are Linux specific. If you take Linux security seriously and want to stay on top of the latest findings, you'll want to take special note of these resources. Next, I'll be sharing some resources with you that go beyond just Linux security. These resources will be of interest to those of you who want to explore information security in greater detail, and the broader implications of information security. I put together a list of Linux hardening guides that you can read online or download, they're located at LinuxtTrainingAcademy.com/hardening. I'll also include this list in the course downloads. The Center for Internet Security publishes hardening guides, which they call benchmarks. You can find their guides at benchmarks.cisecurity.org. They provide guides for many of the most popular Linux distributions, including Amazon's Linux distro, CentOS, Debian, Red Hat, Slackware, SUSE and Ubuntu. The first few guides on that list are from CIS. Fedora published a security guide that you can find online at docs.fedoraproject.org. It covers Fedora 19, and I couldn't find a newer version of the guide for their later releases of Fedora, but if you're running Fedora it may be worth checking out. The next hardening guide on the list applies to all Linux distributions, it's a checklist provided by the SANS Institute. Their website is located at sans.org. Red Hat has also published security guides for their distributions, you can find them on Red Hat's website at access.redhat.com. If you're using CentOS, you can follow these Red Hat guides as well. Other organizations have released security guides for Red Hat. We've already talked about the CIS benchmarks, however, the Defense Information Systems Agency, or DISA, has also released guides for Red Hat. Their guides are called STIGs, which stand for Security Technical Implementation Guides. The National Security Agency also released a guide for Red Hat, but it's fairly old, because it's for Fed Hat 5. You can find their Red Hat guide among other guides that they've released for other operating systems at their website at nsa.gov. The Global Information Assurance Certification created a Red Hat installation hardening checklist. Their website is located giac.org. SUSE has published guides for their SUSE Linux Enterprise Server Distributions, and you can find them on their website at suse.com. Ubuntu has some security hardening documentation located at help.ubuntu.com. Now that you have a hardening guide for your distribution, you need to keep up with the latest security issues for your distribution. Each distro typically has an email list that you can subscribe to so you can stay on top of the latest issues and fixes. I posted a list at LinuxTrainingAcademy.com/security-list, and I've included that list in the course downloads as well. If you want to meet in person to talk about security, consider going to a CitySec meeting. There you'll get to meet and interact with like-minded people who have an interest in security. For the list, visit LinuxTrainingAcademy.com/citysec, or look in the course downloads. You can also find security, and even Linux related meetups in your area on meetup.com. I've also put together a list of security conferences that publish their videos online. You can watch hours and hours of presentations given at these various security conferences by visiting LinuxTrainingAcademy.com/security-videos. Again, I'll make sure this list is in the course downloads. Also, most of these videos are about broader security topics, and they aren't in a structured course format, but if you're looking to gain some insights into information security as a whole, then you'll definitely enjoy some of these videos.