Return to Training Programs


Course-Number: ATR-104

Course-Description: Linux System & Network Security

Duration of course: 3 day

Course Description:

This is a 3-day course that concentrates exclusively on system and network security. This is not a beginner's course. The course expects participants to already have had some exposure to administration and setting up networking services, even if not on linux.

The course begins by describing various features of the linux operating system that make it vulnerable. Starting from absolute basics, the course describes security aspects of login, passwords, encryption/decryption, brute-force methods of cracking passwords, /etc/shadow, MD5etc.

The course then goes on into packet-filtering and firewalling concepts, managing routers and VPN devices etc. Participants are introduced to various types of attacks such as brute force attacks, Denial-of-service attacks, trojans, rootkit attacks, logfile attacks etc.

Standard hacker techniques are introduced such as port scanners, detecting port scanners, password-grabbers ( Use of SysRq key ) etc.

The course finally covers important topics like Intruder Detection Systems, tools like tripwire & LIDS etc.

Target Audience:

Ideally suited for administrators with some experience on any platform.


Some background knowledge of linux is assumed.






Introduction to system and network security

1.5 hrs

The big picture. Discusses issues and problems facing system and network administrators.

Passwords & Cracking Tools

1.5 hrs

DES cracker, passwords, /etc/passwd and /etc/shadow, MD5 etc.

Packet filtering mechanisms

1.5 hrs

Stateless & Stateful firewalls, packet filters, IP Masquerading, IP-Spoofing, NAT-ting, port-forwarding, DMZs

Advanced filtering concepts

1.5 hrs

Netfilter extensions


Forms of attacks

1.5 hrs

Denial of Service, Logfile attacks, Buffer Overflow problems, rootkit attacks, man-in-the-middle attacks, cryptographic methods.

Hacker tools

1.5 hrs

Nessus, Satan, Gabriel, Tiger, COPS

Detecting Intrusion

1.5 hrs

LIDS, tripwire

Advanced techniques

1.5 hrs

logfile monitors, incremental analysis, Honey-pot techniques, anti-virus gateway scanners etc.


Strengthening basic services

1.5 hrs

Strengthening xinetd, telnet, rlogin, vsftpd etc.

Strengthening advanced services

1.5 hrs

apache, squid, dns, sendmail, imap/pop3

Cyber crime & the law

1.5 hrs

Crime inside the firewall & issues

Miscellaneous topics

1.5 hrs

Summary & Openhouse.

(C) 2005 -   All Rights Reserved.

Return to Training Programs