On Mon, 2004-01-19 at 09:57, Matt Benjamin wrote: > Mark, > It seems to me as if a Linux-specific security exam essentially has to > be focussed on the technical aspects of securing Linux systems. If the > kinds of highly general security certification are already in CISSP etc, > then it's hard to see why LPI would or even could duplicate it.
Actually, the LPI exam should model the actual _implementation_ of the relevant 7 or 10 domains in the SSCP or CISSP, respectively. I'll assume it would be more towards the 7 in the SSCP, and not the full spread of 10 in the CISSP, because we're testing on Linux, "system" in practice. > Having said that, I think that just in the technical area there are big > challenges. For example, what mandatory access control tool (LIDS, > Selinux, Subdomain, SeOS/eTrust) will this exam expect people to know? A fine question. Do we stick with fundamentals that are general to all (which may be more like SSCP/CISSP), or get into specifics of a few? In the end, that _should_ only address one domain. Let's not be Microsoft and make the "Security Speciality" exam(s) little more than basic DAC/MAC and logging fundamentals (yes, I'm a MCSA:Sec and MCSE:Sec, which I consider to be a _joke_). > Taking the path of "doing what most Linux admins are doing" for security > will not lead to good security practices, I'm afraid... Here's my suggestions (_not_ complete, comprehensive): Application Security: Apache, FTP, DNS w/Auth, etc... Host Access Control: TCP Wrappers, Sudo, DAC/MAC (as above) Host Local/Network Filesystems: Ext3/XFS ACLs, NFS/Samba, AFS Host Auditing: Syslog, Kernel (maybe 2.6-focused?), Select Add-ons Host/Net Filter: NetFilter/IPTables, IPTable Modules Network Authentication: Kerberos, LDAP-SASL Vunerability Scans: nmap, Nessus, other "top 10/25" tools Host IDS: Tripwire, other checksumming tools (one begins with "A", can't remember because I don't use it, but I should) Network IDS: Snort, complementary tools, other "top 10/25" tools I'm sure I'm missing a few domains and tools there, but that's the jist of most of the "implementation" issues that are specific to Linux. -- Bryan J. Smith, E.I. -- Engineer, Technologist, School Teacher [EMAIL PROTECTED] _______________________________________________ lpi-examdev mailing list [EMAIL PROTECTED] http://list.lpi.org/mailman/listinfo/lpi-examdev
