Table of contents :
Title Page……Page 1
Contents……Page 3
Introduction……Page 13
Audience……Page 14
Certification and Prerequisites……Page 15
SUSE Linux Enterprise Server 10 Support and Maintenance……Page 18
Novell Customer Center……Page 19
SUSE Linux Enterprise Server 10 Online Resources……Page 20
Agenda……Page 21
Scenario……Page 22
Exercise Conventions……Page 23
Objectives……Page 25
Understand the Basics of a Security Concept……Page 26
Perform a Communication Analysis……Page 30
Analyze the Protection Requirements……Page 33
Analyze the Current Situation and Necessary Enhancements……Page 34
Secure Network……Page 43
Demilitarized Zone (DMZ)……Page 44
Packet Filters……Page 45
Application-Level Gateway……Page 47
Virtual Private Network……Page 48
Remote Access Service (RAS)……Page 49
Summary……Page 50
Objectives……Page 53
Place the Server in a Separate, Locked Room……Page 54
Secure the BIOS with a Password……Page 55
Secure the GRUB Boot Loader with a Password……Page 56
Hard Disk Partitioning……Page 57
The Basic Rule for User Write Access……Page 59
The Basic Rule for User Read Access……Page 60
How Special File Permissions Affect System Security……Page 61
Objective 3 Limit the Installed Software Packages……Page 63
Objective 4 Configure Security Settings with YaST……Page 65
Objective 5 Stay Informed about Security Issues……Page 66
Exercise 2-1 Subscribe to the SUSE Security Announcements……Page 68
Objective 6 Apply Security Updates……Page 69
Configure the Novell Customer Center……Page 70
Use the YaST Online Update……Page 71
netstat……Page 74
ethereal……Page 77
nmap……Page 81
nessus……Page 83
Documentation……Page 85
Exercise 2-2 Use nmap and nessus……Page 86
Logging……Page 87
Process Accounting……Page 90
Tools to Automate Checking of Log Files and Other Information……Page 91
Summary……Page 94
Objectives……Page 97
Objective 1 Improve Application Security with AppArmor……Page 98
Objective 2 Create and Manage AppArmor Profiles……Page 100
Understand Profiles and Rules……Page 101
Administer AppArmor Profiles with YaST……Page 104
Administer AppArmor Profiles with Command Line Tools……Page 113
Exercise 3-1 AppArmor……Page 118
Start and Stop AppArmor……Page 119
View AppArmor’s Status……Page 120
Reload Profiles……Page 122
Security Event Report……Page 123
Security Event Notification……Page 126
Summary……Page 128
Objectives……Page 131
Encryption and Decryption……Page 132
Cryptographic Hash Algorithms and Digital Signatures……Page 139
Objective 2 Create a Certification Authority (CA) and Issue Certificates with CLI Tools……Page 143
Create a Root CA……Page 144
Create a Certificate Signed by the Root CA……Page 148
Create a Certificate Revocation List (CRL)……Page 151
Exercise 4-1 Create a Root CA and Certificates on the Command Line……Page 153
Create a Root CA with YaST……Page 154
Create a Certificate Signed by the CA with YaST……Page 158
Create a CRL with YaST……Page 164
Exercise 4-2 (optional) Create a Root CA and Certificates with YaST……Page 165
Create a Key Pair……Page 166
Export and Import Public Keys……Page 169
Encrypt and Decrypt Files……Page 170
Use GPG Within Kmail……Page 173
Exercise 4-3 Work with GPG……Page 176
Summary……Page 177
Objectives……Page 179
Infrastructure……Page 180
Remote Access……Page 185
RPC-Based Services……Page 188
Email……Page 190
The World Wide Web……Page 193
File Transfer……Page 195
Wireless Networks……Page 197
Objective 2 Secure Access with TCP Wrapper……Page 198
The Role of the TCP Daemon……Page 199
Configure Access Controls……Page 200
Check the TCP Wrapper……Page 204
Moles and Trappers……Page 205
Exercise 5-1 Configure the TCP Wrapper……Page 207
Objective 3 Use SSL to Secure a Service……Page 208
Exercise 5-2 Use stunnel to Secure POP3 with SSL……Page 213
Objective 4 Secure Clients……Page 214
Summary……Page 215
Objectives……Page 217
Objective 1 Understand Firewall Concepts and Purpose……Page 218
Packet Filter……Page 219
Application-Level Gateway (ALG)……Page 221
Demilitarized Zone (DMZ)……Page 224
Packet Filters……Page 227
Caution……Page 228
Summary……Page 230
Objectives……Page 231
TCP/IP Basics……Page 232
Routing……Page 233
Static Packet Filters……Page 234
Dynamic (Stateful) Packet Filters……Page 236
Chains……Page 238
Basic Syntax……Page 240
Exercise 7-1 Get Familiar with Basic iptables Syntax……Page 246
Matches and Targets……Page 247
User-Defined Chains……Page 252
Exercise 7-2 Modify the Script to Set and Delete iptables Rules……Page 255
PREROUTING and POSTROUTING Chains……Page 256
Types of NAT……Page 257
Summary……Page 259
Objectives……Page 261
The Purpose of Application-Level Gateways……Page 262
How Application-Level Gateways Work……Page 263
Understand the Basics of HTTP……Page 265
Understand How Squid Works……Page 267
Install Squid on SUSE Linux Enterprise Server 10……Page 268
Understand the Squid Configuration File……Page 269
Control Access to Squid……Page 275
Configure Web Browsers to Use Squid……Page 283
Exercise 8-1 Install and Configure Squid……Page 290
Understand How Squid Handles SSL Connections……Page 291
Exercise 8-2 Configure SSL in Squid……Page 296
Configure Proxy Authentication……Page 297
Exercise 8-3 Configure Proxy Authentication……Page 305
Configure URL Filtering……Page 306
Exercise 8-4 Configure URL Filtering……Page 312
Configure an Intercepting Proxy Server……Page 313
Analyze Squid Log Files……Page 314
Exercise 8-5 Analyze Squid Log File……Page 316
Understand SOCKS……Page 317
Install and Configure Dante……Page 318
Configure Clients to Use a SOCKS Server……Page 327
Exercise 8-6 Use Dante……Page 333
Objective 4 Configure and Use rinetd……Page 334
Configure Forwarding Rules……Page 335
Configure Allow and Deny Rules……Page 336
Configure Logging……Page 337
Exercise 8-7 Configure rinetd……Page 338
Summary……Page 339
Objectives……Page 341
Objective 1 VPN and IPSec Basics……Page 342
Objective 2 Configure and Establish an IPSec Connection……Page 344
Connect Two Sites with IPSec (Site-to-Site)……Page 345
Connect a Single Computer with a Site (End-to-Site)……Page 353
Establish the Connection……Page 357
Test the Connection……Page 360
Exercise 9-1 Establish a VPN Connection……Page 361
Filter the IPSec Packets……Page 362
Connections Initiated from Road Warriors to Hosts Behind the Gateway……Page 364
Connections Initiated from Hosts Behind the Gateway to Road Warriors……Page 365
Exercise 9-2 (optional) Filter IPSec Traffic……Page 367
Summary……Page 368
Objectives……Page 369
Objective 1 Log Files and Their Evaluation……Page 370
Log to a Remote Host……Page 371
Exercise 10-1 Log to a Remote Host……Page 373
Evaluate Log Files and Run Checks……Page 374
Objective 2 Host-Based Intrusion Detection……Page 382
AIDE……Page 383
rpm……Page 386
Objective 3 Network-Based Intrusion Detection……Page 387
snort……Page 388
Argus……Page 389
Honeypots……Page 391
Exercise 10-2 Use Argus……Page 393
Immediate Reaction……Page 394
Documentation and Investigation……Page 395
Re-Evaluate Your Security Policy……Page 397
Summary……Page 399
SECTION 11 LiveFire Exercise……Page 401
Scenario……Page 402
Objective 1 Set Up the Application-Level Gateway……Page 404
Objective 2 Set Up the Screening Router……Page 405
Objective 3 Set Up a Web Server in the DMZ……Page 406
Objective 4 Set Up the Mail Server in the LAN……Page 407
Objective 5 Set Up the VPN Gateway……Page 408
SUSE Linux Enterprise Server 10: Security
Free Download
You must be logged in to post a review.
Related products
Computers , Information Systems: EC businessesSkype Me!: From Single User to Small Enterprise and Beyond
Free Download
Computers , Information Systems: EC businessesJava Enterprise Design Patterns: Patterns in Java
Free Download
Computers , Information Systems: EC businessesOutsourcing for Radical Change: A Bold Approach to Enterprise Transformation
Free Download
Computers , Information Systems: EC businessesPro Crystal Enterprise / BusinessObjects XI Programming
Free Download- Computers , Information Systems: EC businesses
Sun Certified Enterprise Architect for J2EE Study Guide: Exam 310-051
Free Download 
Computers , Information Systems: EC businessesPatterns of Enterprise Application Architecture
Free Download
Reviews
There are no reviews yet.