SUMMARY:   Critical Success Factor: To satisfactorily cope with the day to day security administration of a multi-user UNIX site, understand security issues and be able to define security policies in an enterprise level multi-server environment. AUDIENCE:   Security administrators, auditors and others who need to understand all aspects of security in a UNIX environment. This course assumes no prior knowledge of UNIX. PREREQUISITES:   Attendees should be IT literate with a good understanding of similar topics in another operating environment. DURATION:   3 Days APPROACH:   The course is highly interactive and consists of theory with plenty of hands on practical content. A dedicated server will be used so that the more complex commands and security administration utilities can be practised in the security of a classroom environment. OBJECTIVES:   To provide staff new to UNIX with an extensive insight into all issues connected with security in a UNIX environment. Whilst this course covers many aspects of the UNIX operating environment itself, network security is considered to be a separate issue. COURSE CONTENT:   Introduction Why do Users Choose UNIX? An Operating System The UNIX Operating System Components of the UNIX Operating System Organization of a UNIX System The Kernel The Filesystem The Shell User Interfaces Terminal based interface The Command Processor Utilities Windows based Interfaces Using a Graphical Interface Distributed Environments and Client/Server Networking Unix Basics and Getting Help Logging On Accessing the UNIX Command Line Format of UNIX Commands Getting Help Internet Based Help Setting and Changing the Password Understanding the UNIX Filesystem Structure of a UNIX Filesystem Identifying Files and Directories The Home Directory Moving Around the Filesyste Listing Directory Contents Creating Directories Removing Directories Displaying Files Copying Files and Directories Moving / Renaming Files & Directories Removing Files Useful Commands for Security Administrators Grep Regular Expressions Who is on the System Find & Locate Files by Type Sort or merge Files sed (Stream Editor) Process, What is a? Process, Report Status Process, kill a Controlling Access to the System (Users and account management, types of access) Logon Accounts Client/Server Users Files used to control user access Controlling Access to Files and the Filesystem File System Permissions Change mode Symbolic Notation Octal Notation Change owner Change group Default Creation Mode (umask) Access Control Lists Security and the different 'flavors' of UNIX Principal Differences for the Main Vendor versions of UNIX: AIX (IBM) Solaris (Sun Microsystems) HP/UX (Hewlett Packard) LINUX (Available in Various Distributions inc. Red Hat, SuSe etc) Controlling Access to the root account and other privileged services The su command Use of Roles Privileged Commands Available Only via Group Membership Dangerous Commands (and why they are sometimes needed) Bulk removal of Files Change Owner Change Group SUID and SGID bits Backing Up and Securing the System Common Utilities Available on All Systems: tar cpio pax System Specific Utilities: AIX Solaris HP/UX LINUX Monitoring Security Issues on the System Root Access User Access Network Access Removal of Unnecessary Processes Monitoring for Unusual or Unauthorised Usage Monitoring for Attempted Introduction of Trojan Horses, etc Monitoring for Unexpected File Permission Changes Best Practice Procedures Things to Avoid Physical Security Password Control Additional Topics: The Standard UNIX Editor (vi) Printing GN/06