AppArmor Administration
- AppArmor Overview
- Management of AppArmor with Yast
- AppArmor command line tools
- AppArmor policy syntax
- Creation of new AppArmor profiles
- AppArmor ChangeHat Concept
- Apache2 with mod-apparmor and Virtual Hosts
Development of SELinux Policies
- SELinux Language components
- Analysis of the service
- Simple policy for a commandline tool
- Development of a policy template for a network service
- Determination of additional necessary rights
- Adaptation of the Directive
- Test of the policy
- Troubleshooting
Firewall Solutions with Linux
- Firewall technologies and topologies
- Linux packet filter with iptables
- Transparent packet filters with ebtables
- Graphical user interfaces for administration
- Application Level Gateways with o Squid o HAVP o Postfix o etc.
- Penetration tests
Hacking Web Applications
- Attack methods and your backgrounds
- SQL injection
- Blind SQL Injection
- LDAP injection
- cross-site scripting
- remote command execution
- SPAM Shipping
- HTTP Response Splitting
- AJAX security vulnerabilities
- Directory Traversal
- Google as a hacking tool
- Implementation of attack methods in practice
- First steps of defense
Intrusion Detection with Snort
- Introduction to Snort
- Snort Installation
- Placement of the Snort sensors
- Snort Architecture
- Snort configuration and operation
- Management of messages
- Rule management
- Introduction to the Snort rule language
- Optimization of preprocessors and rules
- Analysis of messages in case studies
- Distributed Snort sensors
- Snort as Intrusion Prevention System (inline operation)
Modsecurity
- Installation and basic configuration of Modsecurity
- Adaptation to your own web application
- Prevention of false-positive messages
- Adaptation of the supplied rules
- Create your own rules
- Use of the Modprofiler for automatic creation of rules
- Advanced rules with Lua scripts
- Monitoring the user session
- Connection to the Modsecurity console with mlogc
- Use in reverse proxy for the protection of alternative web servers
SELinux Administration
- Introduction to SELinux
- SELinux Architecture
- SELinux policies
- Tools
- User administration
- Boolean variables
- Simple Adaptations of the Policy
- Monitoring of SELinux
Snort Rule Writing
- Rule syntax and simple language elements
- Optimization of the rules and regulations
- PCRE in Snort Rules
- Byte_Jump, Byte_Test and Byte_Extract
- State storage with flowbits
- IPS rules
- Measurement and optimization of the control overhead
- Best Practices
Spam Solutions
- What is SPAM? A definition.
- Legal regulations in dealing with SPAM.
- Rspamd Installation
- Connection to Postfix or Sendmail
- Optimization of Rspamd
