G. Matthew Rice wrote:
On Sun, 2008-27-07 at 14:50 -0500, Bruce Dubbs wrote:
What is the status and proper method for proceeding for the security exam
development?
There was a brief discussion on security topics to add to the draft
objectives, plus I got feedback from a couple of TAC meetings and some
affiliates of LPI.
I'm a little slow but I want to get a draft of them out this week.
However, if you want to throw out your ideas of "must haves" please do
so. At this point, nothing is excluded. We add everything (that isn't
completely unrelated or unreasonable) and let the JTA survey tell us
what isn't really germane to the exam topic.
OK, I have reviewed the LPI-2 objectives and have found the security related
items listed below.
I'm not sure what the specialized security exam will cover other than the items
listed in the attached list, but in more detail. There are some candidates:
email spam and malicious message detection and removal.
rootkit detection and removal/auditing ( lsof, tripwire, nessus/nmap, wireshark,
etc)
Doing a vulnerability survey
Security Policies
Boot security (grub, lilo, BIOS)
Password security (Crack, John the ripper, etc)
Permissions (checking for suid, guid programs; /tmp configuration; mounting
partitions read only, dot in PATH, etc)
sql injection attacks
DNS attacks
firewall configuration( DMZ, etc )
Samba security
Log analysis
GPG/PGP
Open SSL Certificates
There is also a pretty good summary of available security tools (not just Linux)
at http://sectools.org/index.html.
-- Bruce Dubbs
--------------------
2.209.2 Configuring an NFS server
Access restrictions to certain hosts and/or subnets
Mount options on server and client
2.205.1 Basic networking configuration
Authentication protocols such as PAP and CHAP.
2.205.2 Advanced Network Configuration and Troubleshooting
Utilities to monitor and analyze the TCP/IP traffic
OpenVPN
2.207.3 Securing a DNS server
Configuring BIND to run in a chroot jail
DNSSEC configuration files, tools and utilities
Split configuration of BIND using the forwarders statement
2.208.1 Implementing a web server
Access restriction methods and files
2.208.2 Maintaining a web server
SSL (OpenSSL) configuration files, tools and utilities
SSL certificate handling
2.210.4 PAM authentication
PAM configuration files, terms and utilities
passwd and shadow passwords
2.212.2 Configuring a router
iptables configuration files, tools and utilities
2.212.3 Securing FTP servers
Layout and content of FTP access restriction files
Client user authentication methods
Usage of chroot to secure FTP
2.212.4 Secure shell (SSH)
SSH (OpenSSH) configuration files, tools and utilities
Differences between SSH versions 1 and 2
Login restrictions for the superuser and the normal users
Managing and using server and client keys to login with and without password
Usage of XWindow and other application protocols through SSH tunnels
2.212.5 TCP_wrappers
tcpwrappers configuration files, tools and utilities
(x)inetd configuration files, tools and utilities
2.212.6 Security tasks
Basic KERBEROS 5 configuration files, tools and utilities to ensure secure
logins to a server
Tools and utilities to scan and test ports on a server
Locations and organizations that report security alerts as Bugtraq, CERT, CIAC
or other sources
Tools and utilities to implement an intrusion detection system (IDS)
_______________________________________________
lpi-examdev mailing list
[email protected]
http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
