Advanced Unix(tm)and
Internet Security

THREE-DAY SEMINAR

• About This Program
• Who Should Attend
• Prerequisites
• Advanced Unix and Internet Program Outline
• Testimonials - Advanced Unix and Internet Security
• About UniForum
• UniForum Guarantee
• To Register

As information systems become more and more critical in today's business environment, access to corporate networks through the Internet has become commonplace. While the Internet is becoming an essential part of your infrastructure, it also makes it possible to probe or attack your networks from anywhere in the world. Your network is at risk both from casual hackers and from experts hired by your competitors. Over 90 percent of security problems can be solved with attention to good user and administrative practices. This three-day program provides the basis for practical Unix System and Internet Security.

About This Program

Two key approaches:

1. To "harden" the security of computers which provide network services.
2. To understand TCP/IP and establish effective access to your networks.

Part one focuses on building networks which include Unix workstations and/or servers with connectivity to the Internet, or other possibly hostile TCP/IP-based networks.

Part two focuses on the first line of defense--a firewall between the protected network and potentially hostile ones. Firewalls consist of different components (routers, gateways, bastion hosts, mail servers, and proxy servers), which work together to provide a safe connection to a hostile network.

You will learn to:

• Common weaknesses of Unix systems, what you can do about them and how to audit Unix systems for these weaknesses.
• Attack scenarios which have been used in the past, and how to defend against them.
• How to know whether your computer or network has been probed, and what you can do about it.
• How a router is configured and used as part of a firewall.
• What you must do to create a bastion host.
• How to use proxy servers in a firewall, and advanced authentication techniques available with some proxies.
• How to set up a secure Web server.

Who Should Attend

System & network administrators & managers, system integrators, IT auditors & managers, computer programmers, security administrators and individuals involved in providing Internet service and securing network gateways.

Prerequisites

Attendees should be familiar with Unix and have some familiarity with TCP/IP networking.

Course level: Intermediate to Advanced.

Advanced Unix and Internet Program Outline

• Understanding Web Architecture, Components, and Protocol
• The Background
• Evaluating risks and developing site policy
• Probing your own networks
• Recent attack scenarios
• Platform Based Security
• Hardening systems
• Using audit software like COPS and ISS
• Disabling dangerous software
• Setting up anonymous FTP correctly
• Setting up NCSA HTTPD (Web server) correctly
• Security System-Level Networking Software
• TCP services vs. RPC services
• Checking the Internet configuration
• Protecting individual services
• Defending RPC services
• Auditing System Integrity
• Version checking software
• Commercial system audit software
• TCP/IP Background
• Protocol basics
• Application protocols, configuration, and weaknesses
• Future of IP
• Using Routers in a Firewall
• Choosing the right router
• Creating access control lists
• Examples of configuring a Cisco router
• Gateway Hosts
• Creating a bastion system
• Configuring e-mail and the naming service
• Setting up proxy servers (SOCKS)
• Examples from TIS
• Firewall Toolkit
• Using authentication devices
• Combining routers with gateways

Testimonials - Advanced Unix and Internet Security

"Best three-day technical training course I've ever attended."

Alex Cook, Unix Lab Manager, SAIC

"This has been an eye opening experience showing many of the security holes I need to plug at my site. It will be an invaluable aid as I implement more restrictive security. Outstanding instructor; very knowledgeable about his field."

Bob Pennay, Principal Systems Analyst, SRI International

About UniForum

UniForum, the International Association of Open Systems Professionals, is a not-for-profit organization founded in 1980. Today, it represents many thousands of vendors
and users of open systems.

UniForum's mission is to help individuals and their organizations increase the effectiveness of their information systems through the use of open systems, based on shared industry standards.

Central to UniForum's mission is the delivery of high-quality educational programs, trade shows and conferences, publications, on-line services, and peer group discussions.

UniForum Guarantee

If you are not completely satisfied with the value and benefits gained from attending these programs, we will refund your tuition in full or arrange for you to attend another UniForum training program at no additional fee.

To Register

Call 800.255.5620, ext. 30 , fax 408.986.1645, or complete the on-line form.