TWO-DAY WORKSHOP
November 17-18, 2003

With the backing of major system vendors like IBM and HP, and support for a variety of hardware platforms, the non-proprietary Linux operating system is fast becoming the system of choice for server system software. Built on concepts originally incorporated within Unix, Linux has extended those capabilities with a wide array of Open System software and freeware.

In this two day seminar we will concentrate on the access controls within Linux and how they should be set to prevent unauthorized user or file access. You will also learn about the key areas that must be carefully reviewed during your audit because they are often used by attackers to gain unauthorized access. Since no server can be a server without network access, we will review the key network control files and some common network services.

Because of its Unix foundation, understanding Linux will also help you in auditing other Unix-based systems. To facilitate this, we will compare Linux with other popular Unix-based systems such as Solaris, AIX, and HP-UX in a head-to-head comparison of security and control features. Presented by an experienced Unix systems auditor, you will leave this seminar with the thorough understanding of the areas of risk within Linux to successfully complete your audit.

At This Seminar You Will Learn:

• The basic concepts of Linux.

• How to control file and directory access.

• How to access standard documentation.

• How Linux controls user access.

• How to review standard system logs.

• The Linux networking environment, common network services and critical control files.

• How Linux stacks up against other Unix-based systems like AIX, HP-UX, and Solaris

• How to verify that key system and user controls are properly specified.

Speaker:

Edward Dorsey, Automated Design Enterprises

For questions, please contact:

Peter Kane at PKane@cablevision.com

or Bob May at Robert.May@isacany.org