Bruce Dubbs <[EMAIL PROTECTED]> writes: > OK, I have reviewed the LPI-2 objectives and have found the security related > items listed below. > > I'm not sure what the specialized security exam will cover other than the > items listed in the attached list, but in more detail. There are some > candidates:
Thanks for the list, Bruce. I'll look over these while I'm flying to LW and work them in. Regards, --matt > > > email spam and malicious message detection and removal. > rootkit detection and removal/auditing ( lsof, tripwire, nessus/nmap, > wireshark, etc) > > Doing a vulnerability survey > Security Policies > Boot security (grub, lilo, BIOS) > Password security (Crack, John the ripper, etc) > Permissions (checking for suid, guid programs; /tmp configuration; mounting > partitions read only, dot in PATH, etc) > > sql injection attacks > DNS attacks > firewall configuration( DMZ, etc ) > Samba security > Log analysis > GPG/PGP > Open SSL Certificates > > There is also a pretty good summary of available security tools (not just > Linux) at http://sectools.org/index.html. > > > > -- Bruce Dubbs > > -------------------- > 2.209.2 Configuring an NFS server > Access restrictions to certain hosts and/or subnets > Mount options on server and client > > 2.205.1 Basic networking configuration > Authentication protocols such as PAP and CHAP. > > 2.205.2 Advanced Network Configuration and Troubleshooting > Utilities to monitor and analyze the TCP/IP traffic > OpenVPN > > 2.207.3 Securing a DNS server > Configuring BIND to run in a chroot jail > DNSSEC configuration files, tools and utilities > Split configuration of BIND using the forwarders statement > > 2.208.1 Implementing a web server > Access restriction methods and files > > 2.208.2 Maintaining a web server > SSL (OpenSSL) configuration files, tools and utilities > SSL certificate handling > > 2.210.4 PAM authentication > PAM configuration files, terms and utilities > passwd and shadow passwords > > 2.212.2 Configuring a router > iptables configuration files, tools and utilities > > 2.212.3 Securing FTP servers > Layout and content of FTP access restriction files > Client user authentication methods > Usage of chroot to secure FTP > > 2.212.4 Secure shell (SSH) > SSH (OpenSSH) configuration files, tools and utilities > Differences between SSH versions 1 and 2 > Login restrictions for the superuser and the normal users > Managing and using server and client keys to login with and without password > Usage of XWindow and other application protocols through SSH tunnels > > 2.212.5 TCP_wrappers > tcpwrappers configuration files, tools and utilities > (x)inetd configuration files, tools and utilities > > 2.212.6 Security tasks > Basic KERBEROS 5 configuration files, tools and utilities to ensure secure > logins to a server > > Tools and utilities to scan and test ports on a server > Locations and organizations that report security alerts as Bugtraq, CERT, > CIAC or other sources > > Tools and utilities to implement an intrusion detection system (IDS) > > > > _______________________________________________ > lpi-examdev mailing list > lpi-examdev@lpi.org > http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev > -- g. matthew rice <[EMAIL PROTECTED]> starnix care, toronto, ontario, ca phone: 647.722.5301 x242 gpg id: EF9AAD20 http://www.starnix.com professional linux services & products _______________________________________________ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
