UNIX Audit and Security

Course:  UXAUD
Duration:  5 Days
Level:  I
Course Summary

Having acquired a high level understanding of UNIX, you will learn how to assess security hands on. All aspects are covered, both business and technical. Planning for audits and discussion of suitable tests forms a substantial part of the course. Delegates will get a chance to run audit and security related commands.

Though the course is designed specifically for a SUN Solaris installation, it will serve as a good general overview for any flavour of UNIX.

« Hide The Details
Topics Covered In This Course


  • What is Computer Security?
  • Security and UNIX

Policies and Guidelines

  • Planning Your Security Needs
  • Risk Assessment
  • Cost-Benefit Analysis
  • Policy
  • The Problem with Security Through Obscurity

UNIX Basics

  • Logging in
  • A UNIX session
  • Standard documentation
  • Logging out

Common Shell Commands

  • Navigation commands
  • Listing and searching commands
  • File management commands
  • Saving evidence with redirection
  • Managing processes inside the shell

UNIX File Systems

  • File system structure
  • Mounting file systems
  • Access permissions
  • Default permissions
  • Symbolic links
  • fsck

Managing users

  • The super user
  • User authentication vs. authorization
  • /etc/passwd and /etc/shadow
  • Pluggable authentication modules (PAM)
  • Control files in /etc affecting users and user sessions
  • Password quality controls
  • Session records, groups, profiles
  • Managing application systems - users, groups and file accesses

Startup and Shutdown

  • Booting UNIX and System start-up
  • Init states
  • rc scripts
  • Scheduling jobs
  • System Shutdown

Shell Programming

  • Script syntax
  • Variables
  • Condition tests
  • Loops

Special Files

  • SUID/SGID files
  • Security issues

System and User Security Control

  • Shell environment
  • Security procedures
  • System logs
  • Advanced security procedures

UNIX Networking

  • UNIX networking overview
  • Internet protocol
  • TCP / UDP
  • The Internet daemon
  • RPC programs

File Transfer Services

  • ftp
  • Anonymous ftp
  • tftp
  • smtp

Remote Access Services

  • Telnet
  • rlogin and rsh

Other Common Services

  • Finger
  • NIS
  • NFS

Risks and Reactions

  • Programmed threats
  • Reacting to a compromise
  • Security and audit products
Who Should Take This Course

The course is intended for those who need to find out what UNIX is and where the different components are located, with a specific security objective in mind. In conjunction with an explanation of the technology, the prime risks and defences will be pointed out. Delegates who will benefit most from this course are typically computer auditors, security specialists and security conscious managers. The course also serves as a useful general introduction to UNIX.

Recommended Prerequisites

Delegates should have had some experience of using UNIX beforehand and be able to enter simple shell commands, such as ls and more, in a terminal environment. Shell programming and C programming experience would be an advantage.

Training Style

This course is instructor led, with strong emphasis on hands-on practical sessions to reinforce the concepts introduced in the classroom.

« Hide The Details
Related Courses
Code Course Title Duration Level
Securing the Virtual Environment
3 Days
UNIX/Linux: The Essentials
3 Days
Linux Security
5 Days

Every student attending a Verhoef Training class will receive a certificate good for $100 toward their next public class taken within a year.

You can also buy "Verhoef Vouchers" to get a discounted rate for a single student in any of our public or web-based classes. Contact your account manager or our sales office for details.

Schedule For This Course
There are currently no public sessions scheduled for this course. We can schedule a private class for your organization just a couple of weeks from now. Or we can let you know the next time we do schedule a public session.
Notify me the next time this course is confirmed!
Can't find the course you want?
Call us at 800.533.3893, or
email us at [email protected]