HP-UX Security Eğitimi

Ön Kayıt ve Fiyat Bilgi Formu



Tarih ve lokasyonlar


Bu eğitimi özel sınıf olarak kendi kurumunuzda talep edebilirsiniz.
Lütfen bizimle iletişime geçin:


info@bilginc.com

+90 212 282 7700

Talep Formu
Eğitim Tipi ve Süresi

3 Days ILT    

HP-UX Security (H3541)

In this course, you will examine the most common HP-UX system security vulnerabilities and be introduced to a variety of tools and techniques that can be used to prevent hackers from exploiting these vulnerabilities. You will spend half of class in hands-on labs.

What You'll Learn

  • Use role based access control (RBAC), secure shell (SSH), host intrusion detection system (HIDS), software assistant (SWA), IPFilter, Bastille, and other HP supported tools to harden and secure HP-UX systems
  • Create and secure isolated execution environments for applications with HP-UX security compartments and secure resource partitions
  • Use Tripwire, John the Ripper, nmap, lsof, and other open source tools to improve HP-UX system security

Who Needs to Attend

Experienced system and network administrators responsible for securing and monitoring HP-UX systems

Prerequisites

  • HP-UX System and Network Administration I and HP-UX System and Network Administration II or equivalent experience
  • HP-UX for Experienced UNIX System Administrators or equivalent experience
  • HP-UX System and Network Administration I (H3064)
  • HP-UX System and Network Administration II (H3065)
  • HP-UX for Experienced UNIX System Administrators (H5875)

Follow-On Courses

There are no follow-ons for this course.

Course Outline

1. Introduction

  • Security
  • HP-UX Security Tools
  • HP-UX Security Certifications

2. Securing User Accounts: User Passwords

  • /etc/passwd file
  • /etc/shadow file
  • DES-Based Password Encryption
  • SHA512 Password Encryption
  • Enabling Shadow Passwords
  • Enabling SHA512 Passwords
  • Enabling Long Passwords
  • Managing Passwords
  • Configuring Password Aging
  • Cracking Passwords with John the Ripper
  • Authenticating Users via PAM
  • Configuring /etc/pam.conf

3. Securing user accounts: special cases

  • Protecting User Accounts: Guidelines
  • Protecting the Root Account: Guidelines
  • Limiting Root and Operator Access Via
    • /etc/security
    • sudo
    • Restricted SAM Builder
    • SMH
  • Configuring Accounts for
    • Guest Users
    • Single Application Users
    • Teams and Groups
  • Preventing Dormant Accounts

4. Securing User Accounts: Standard Mode Security Extensions (SMSE)

  • Configuring SMSE User Security
  • Standard Mode Security Enhancements Benefits
  • SMSE Attributes and Repositories
  • Configuring
    • /etc/security.dsc
    • /etc/default/security
    • /etc/passwd and /etc/shadow
    • /var/adm/userdb/ via userdbset, userdbget, and userdbck
  • Enforcing SMSE Security Policies

5. Securing User Accounts: Role Based Access Control (RBAC)

  • RBAC Features and Benefits
  • Installing RBAC
  • Configuring and Assigning RBAC Roles
  • Configuring and Assigning RBAC Authorizations
  • Configuring RBAC Commands and Privileges
  • Verifying the RBAC Database
  • Configuring RBAC Logging and Auditing
  • Running Commands with privrun
  • Editing Files with privedit
  • Enabling RBAC Keystroke Logging

6. Protecting Data Via File Permissions and JFS Access Control Lists (ACLs)

  • Hackers Exploit Improper File and Directory Permissions
  • Viewing and Changing File Permissions
  • Searching for Files with Improper Permissions
  • Configuring and Using
    • SUID Bit
    • SGID Bit
    • sticky Bit
    • JFS ACLs

7. Protecting Data via swverify, md5sum, and Tripwire

  • File integrity Checking
  • Verifying Executable Integrity with swverify
  • Verifying File Integrity with md5sum
  • Verifying File Integrity with Tripwire
  • Installing Tripwire
  • Creating Tripwire Keys
  • Creating the Tripwire
    • Configuration File
    • Policy File
    • Database
  • Performing a Tripwire Integrity Check
  • Updating the Tripwire Database and Policy File

8. Protecting Data via Encrypted Volumes and File Systems (EVFS)

  • EVFS, EVS, and EFS Features and Benefits
  • EVFS Architecture
  • EVFS Volumes
  • EVFS Volume Encryption Keys, User Keys, and Recovery Keys
    • Step 1: Installing and Configuring EVS Software
    • Step 2: Creating User Keys
    • Step 3: Creating Recovery Keys
    • Step 4: Creating an LVM or VxVM Volume
    • Step 5: Creating EVS Device Files
    • Step 6: Creating and Populating the volume's EMD
    • Step 7: Enabling the EVS Volume
    • Step 8: Creating and Mounting a File System
    • Step 9: Enabling Autostart
    • Step 10: Migrating Data to the EVS Volume
    • Step 11: Backing Up the EVS configuration
  • Managing EVS Volume Users
  • Managing the EVS Key Database
  • Extending an EVS Volume
  • Reducing an EVS Volume
  • Removing EVS Volumes
  • Backing up EVS Volumes
  • EVS Limitations
  • EVS and TPM/TCS Integration

9. Securing Network Services: inetd and tcpwrapper

  • inetd Service
  • inetd Configuration File
  • Securing inetd
  • Securing the inetd Internal Services
  • Securing the RPC Services
  • Securing the Berkeley Services
  • Securing FTP
  • Securing FTP Service Classes
  • Securing Anonymous FTP
  • Securing Guest FTP
  • Securing Other ftpaccess Security Features
  • Securing Other inetd Services
  • Securing Other non-inetd Services
  • Securing inetd via TCPwrapper

10. Securing Network Services: SSH

  • Legacy Network Service Vulnerabilities:
    • DNS
    • Sniffers
    • IP spoofing
  • Solution:
    • Securing the Network Infrastructure
    • Using Symmetric Key Encryption
    • Using Public Key Encryption
    • Using Public Key Authentication
  • HP-UX Encryption and Authentication Product
  • Configuring SSH Encryption and Server Authentication
  • Configuring SSH Client/User Authentication
  • Configuring SSH Single Sign-On
  • Managing SSH Keys
  • Using the UNIX SSH Clients
  • Using PuTTY SSH Clients

11. Securing Network Services: IPFilter and nmap

  • Firewall
  • Packet Filtering Firewalls
  • Network Address Translation Firewalls
  • Host vs. Perimeter Firewalls
  • Installing IPFilter
  • Managing IPFilter rulesets
  • Configuring a Default Deny Policy
  • Preventing IP and Loopback Spoofing
  • Controlling ICMP Service Access
  • Controlling Access to UDP Services
  • Controlling Access to TCP Services
  • Controlling Access via Active and Passive FTP
  • Testing IPFilter rulesets with ipftest
  • Testing IPFilter rulesets with nmap
  • Monitoring IPFilter and Nessus

12. Hardening HP-UX with Bastille

  • Bastille
  • Installing Bastille
  • Generating a Bastille Assessment
  • Creating a Bastille Configuration File
  • Applying a Bastille Configuration File
  • Applying a Pre-Configured Bastille Configuration File
  • Applying a Pre-Configured Bastille Configuration via Ignite-UX
  • Reviewing the Bastille Logs
  • Monitoring Changes with bastille_drift
  • Reverting to the Pre-Bastille Configuration
  • Integrating Bastille and HP SIM

13. Monitoring Activity via System Log Files

  • Monitoring Log Files
  • Monitoring Logins Via Last, lastb, and Who
  • Monitoring Processes via ps, top, and whodo
  • Monitoring File Access via ll, fuser, and lsof
  • Monitoring Network Connections via netstat, idlookup, and lsof
  • Monitoring inetd Connections
  • Monitoring System Activity via syslogd
  • Configuring /etc/syslog.conf
  • Hiding Connections, Processes, and Arguments
  • Doctoring Log Files and Time Stamps

14. Monitoring Activity via SMSE Auditing

  • Auditing
  • Trusted System vs. SMSE Auditing
  • Enabling and Disabling Auditing
  • Verifying Auditing & System Calls to Audit
  • Selecting Users to Audit
  • Selecting System Calls, Aliases, and Events to Audit
  • Creating and Applying an Audit Profile
  • Viewing and Filtering Audit Trails via auditdp
  • Switching Audit Trails
  • Audomon AFS and FSS Switches
  • Audomon Audit Trail Names
  • Configuring audomon Parameters
  • Configuring audomon Custom Scripts

15. Monitoring Suspicious Activity via HP's Host Intrusion Detection System (HIDS)

  • HIDS
  • HIDS Architecture
  • Installing HIDS Product
  • Configuring HIDS Detection Templates and Properties
  • Configuring HIDS Surveillance Groups
  • Configuring HIDS Surveillance Schedules
  • Configuring HIDS Response Scripts
  • Assigning Surveillance Schedules to Clients
  • Monitoring HIDS Alerts and Errors

16. Managing Security Patches with Software Assistant (SWA)

  • Security Patch
  • SWA
  • Reading US-CERT Advisory Bulletins
  • Reading HP-UX Security Bulletins
  • Installing SWA
  • Generating SWA Reports
  • Viewing SWA reports
  • Retrieving SWA Recommended Patches
  • Installing SWA Patches
  • Installing Other Products Recommended by SWA
  • Applying Other Manual Changes
  • Regenerating SWA Reports
  • Purging SWA Caches
  • Viewing SWA Logs
  • Customizing swa Defaults
  • Integrating SWA and HP SIM
  • Preventing Unauthorized SWA and swlist Access
  • Preventing Buffer Overflow Attacks
  • Setting the executable_stack Kernel Parameter
  • Setting the chatr +es Executable Stack Option

17. Hardening HP-UX with Bastille

  • Bastille
  • Installing Bastille
  • Generating a Bastille Assessment
  • Creating a Bastille Configuration File
  • Applying a Bastille Configuration File
  • Applying a Pre-Configured Bastille Configuration File
  • Applying a Pre-Configured Bastille Configuration via Ignite-UX
  • Reviewing the Bastille logs
  • Monitoring Changes with bastille_drift
  • Reverting to the Pre-Bastille Configuration

18. Isolating Applications via Security Compartments

  • Security Compartment Concepts
  • Using FGP TRIALMODE
  • Compartment Rule Concepts
  • INIT Compartment Concepts
  • Installing Compartment Software
  • Enabling Compartment Functionality
  • Creating and Modifying Compartments
  • Viewing Compartments
  • Adding Network Interface Rules
  • Adding File Permission Rules
  • Adding a Compartment-Specific Directory
  • Viewing Compartments
  • Configuring Compartment Administrators
  • Configuring Compartment Users
  • Executing Commands in compartments
  • Removing Compartments
  • Disabling Compartment Functionality

19. Isolating Applications via Secure Resource Partitions (SRP)

  • SRP Concepts
  • SRP Subsystems
  • SRP Templates
  • SRP Services
  • Installing SRP
  • Enabling and Configuring SRP
  • Verifying the SRP Configuration
  • Creating an SRP Interactively
  • Creating an SRP Non-Interactively
  • Adding the init, prm, Network, ipfilter, Login, and ipsec Services to an SRP
  • Adding the ssh, Apache, Tomcat, and Oracle Templates to an SRP
  • Adding the Custom Template to an SRP
  • Deploying an Application in an SRP
  • Updating an SRP
  • Viewing the SRP Configuration amd Status
  • Starting and Stopping an SRP
  • Accessing an SRP
  • Removing an SRP

Appendix: Improving User and Password Security with Trusted Systems

  • Trusted System
  • Configuring Password Format Policies
  • Configuring Password Aging Policies
  • Configuring User Account Policies
  • Configuring Terminal Security Policies
  • Configuring Access Control Policies
  • Configuring Password Aging Policies
  • Understanding the /tcb Directory Structure

Appendix: Implementing chroot()

  • Limiting File Access via chroot()
  • Configuring chroot()ed Applications

Appendix: Implementing Fine Grained Privileges (FGP)

  • Limiting Privileges via FGP
  • Installing FGP Software
  • Installing FGP Software
  • Recognized Privileges
  • Permitted, Effective, and Retained Privilege Sets
  • Configuring FGP Privileges via setfilexsec
  • Configuring FGP Privileges via RBAC
  • Configuring and Using FGP TRIALMODE

Appendix: Configuring Process Resource Manager (PRM)

  • Allocating Resources without PRM
  • Allocating Resources with PRM
  • PRM Advantages
  • PRM Managers
  • PRM Groups
  • PRM Fair Share Scheduler Concepts and Configuration
  • PRM PSET Concepts and Configuration
  • PRM Memory Manager Concepts and Configuration
  • Reviewing Available Resources
  • Analyzing Application Requirements
  • Enabling PRM
  • Creating and Updating the PRM Configuration File
  • Monitoring Resource Usage



Eğitim içeriğini PDF olarak indir

Eğitim Sağlayıcı ve Kategori

HP  » Performance Management Eğitimler
HP  » Operating Systems Eğitimler