Board index Unix Security

Any Good Courses on UNIX Security Tools?

Any Good Courses on UNIX Security Tools?

Post by Robert Domini » Mon, 15 Feb 1999 04:00:00



I've been trying to find information about any good UNIX Security Tools
courses that might be offered by any vendors, educational institutes or
private training organizations (other than the upcoming SANS conference
in May).

Specifically, I'm looking for any courses that might cover how (and more

importantly _when_) to use tools in some of the following categories:

 Static analysis (e.g., COPS, tiger, tripwire)
 Log monitoring (e.g., logsurf, swatch)
 Network analysis (e.g., tcp_wrapper, SATAN, nfsbug)
 Privilege (e.g., sudo, smrsh)
 Authentication (e.g., npasswd, S/Key, SSH)

I know there are plenty of papers, books, ReadMEs, etc. on security,
and am certainly using those resources. Moreover, I realize that good
security involves more than just running a bunch of tools and scripts.
However, I was hoping to find a really good course that I could
recommend my employer send other system administrators to.

I work mainly with HP-UX 9000 and Sun Solaris Enterprise servers.

Any information you can share would be appreciated. Please reply by
email.
Thanks in advance.
--
 Robert Dominis
 Seattle, WA  USA

 
 
 
Top

Any Good Courses on UNIX Security Tools?

Post by Jose Nazari » Tue, 16 Feb 1999 04:00:00



> sun's administring security for solaris 2 environments (sc300) includes:
> aset, satan, courtney, tripwire, tcp wrappers, crack, skip and ssh.

well, combining your subject line and this, i'd have to say the response
would be to check the SANS institute. good people, good courses, etc...
a conference is fast approaching, may be just the ticket. www.sans.org

Quote:> I've got plenty of Java and Chesterfield Kings
>         Donald Fagen

:)

jose

 
 
 
Top

Any Good Courses on UNIX Security Tools?

Post by Seth Ros » Tue, 16 Feb 1999 04:00:00


It seems like you really want Matt Bishop's "UNIX Security Tools and
Their Uses" course, detailed at
http://www.sans.org/sans99/fri1courses.htm#Fri-I-7

This appears to be _the course_ of the topic. I don't know of any
others.

I'm writing a book on UNIX system security tools, which should be out
later this year. This is such as rich area -- the UNIX community has
produced a formidable corpus of security tools in the past ten years.
There's a pretty straightforward answer to the question of _when_ to
deploy tools -- safeguards should be put in place when the cost of
potential loss exceeds the cost of deployment (including labor). In
general, systems should be hardened before they're put into production,
especially if they're connected to the net or lack physical security.

Yours,
Seth T. Ross


> I've been trying to find information about any good UNIX Security Tools
> courses that might be offered by any vendors, educational institutes or
> private training organizations (other than the upcoming SANS conference
> in May).

> Specifically, I'm looking for any courses that might cover how (and more
> importantly _when_) to use tools in some of the following categories:

>  Static analysis (e.g., COPS, tiger, tripwire)
>  Log monitoring (e.g., logsurf, swatch)
>  Network analysis (e.g., tcp_wrapper, SATAN, nfsbug)
>  Privilege (e.g., sudo, smrsh)
>  Authentication (e.g., npasswd, S/Key, SSH)

 
 
 
Top

Any Good Courses on UNIX Security Tools?

Post by Seth Ros » Tue, 16 Feb 1999 04:00:00


It seems like you really want Matt Bishop's "UNIX Security Tools and
Their Uses" course, detailed at
http://www.sans.org/sans99/fri1courses.htm#Fri-I-7

This appears to be _the course_ of the topic. I don't know of any
others.

I'm writing a book on UNIX system security tools, which should be out
later this year. This is such a rich area -- the UNIX community has
produced a formidable corpus of security tools in the past ten years.
There's a pretty straightforward answer to the question of _when_ to
deploy tools -- safeguards should be put in place when the cost of
potential loss exceeds the cost of deployment (including labor). In
general, systems should be hardened before they're put into production,
especially if they're connected to the net or lack physical security.

Yours,
Seth T. Ross


> I've been trying to find information about any good UNIX Security Tools
> courses that might be offered by any vendors, educational institutes or
> private training organizations (other than the upcoming SANS conference
> in May).

> Specifically, I'm looking for any courses that might cover how (and more

> importantly _when_) to use tools in some of the following categories:

>  Static analysis (e.g., COPS, tiger, tripwire)
>  Log monitoring (e.g., logsurf, swatch)
>  Network analysis (e.g., tcp_wrapper, SATAN, nfsbug)
>  Privilege (e.g., sudo, smrsh)
>  Authentication (e.g., npasswd, S/Key, SSH)

> I know there are plenty of papers, books, ReadMEs, etc. on security,
> and am certainly using those resources. Moreover, I realize that good
> security involves more than just running a bunch of tools and scripts.
> However, I was hoping to find a really good course that I could
> recommend my employer send other system administrators to.

> I work mainly with HP-UX 9000 and Sun Solaris Enterprise servers.

> Any information you can share would be appreciated. Please reply by
> email.
> Thanks in advance.
> --
>  Robert Dominis
>  Seattle, WA  USA


 
 
 
Top

Any Good Courses on UNIX Security Tools?

Post by Daniel McAlliste » Fri, 19 Feb 1999 04:00:00


In addition, you may wish to look at the Learning Tree course on Unix System
and Network Security (course # 433). To reach Learning Tree International,
simply go to http://www.learningtree.com or call 1-800-THE-TREE.

Dan McAllister
Software Innovations, Inc.

PS: In all fairness, I teach the above recommended course for Learning Tree


>I've been trying to find information about any good UNIX Security Tools
>courses that might be offered by any vendors, educational institutes or
>private training organizations (other than the upcoming SANS conference
>in May).

>Specifically, I'm looking for any courses that might cover how (and more

>importantly _when_) to use tools in some of the following categories:

> Static analysis (e.g., COPS, tiger, tripwire)
> Log monitoring (e.g., logsurf, swatch)
> Network analysis (e.g., tcp_wrapper, SATAN, nfsbug)
> Privilege (e.g., sudo, smrsh)
> Authentication (e.g., npasswd, S/Key, SSH)

>I know there are plenty of papers, books, ReadMEs, etc. on security,
>and am certainly using those resources. Moreover, I realize that good
>security involves more than just running a bunch of tools and scripts.
>However, I was hoping to find a really good course that I could
>recommend my employer send other system administrators to.

>I work mainly with HP-UX 9000 and Sun Solaris Enterprise servers.

>Any information you can share would be appreciated. Please reply by
>email.
>Thanks in advance.
>--
> Robert Dominis
> Seattle, WA  USA


 
 
 
Top

Any Good Courses on UNIX Security Tools?

Post by Erik Peter » Fri, 26 Feb 1999 04:00:00



> I've been trying to find information about any good UNIX Security Tools
> courses that might be offered by any vendors, educational institutes or
> private training organizations (other than the upcoming SANS conference
> in May).

> Specifically, I'm looking for any courses that might cover how (and more

> importantly _when_) to use tools in some of the following categories:

>  Static analysis (e.g., COPS, tiger, tripwire)
>  Log monitoring (e.g., logsurf, swatch)
>  Network analysis (e.g., tcp_wrapper, SATAN, nfsbug)
>  Privilege (e.g., sudo, smrsh)
>  Authentication (e.g., npasswd, S/Key, SSH)

maybe you want to try MRTG (a good tool for network analysis using snmp)
URL: http://www.mrtg.org

i tried an offspring of SATAN too.
its called SAINT and you can find it by a freshmeat search.
(i think you know http://www.freshmeat.net)

--
  ___________________________________________________________________

/  Faktum Softwareentwicklung                   http://www.faktum.de  \
\                                                                     /
 \_______Linux is like a wigwam, no windows, no gates, apache inside_/

 
 
 
Top

Any Good Courses on UNIX Security Tools?

Post by JWMeri » Wed, 03 Mar 1999 04:00:00


MIS has a good course.  Ken Cutler's list Introduction to TCP/IP Security and
Audit goes into a few fairly well (and Matt's, of course!)

Jim Meritt, CISSP
The Red Queen rules!

 
 
 
Top

1. searching for a good Unix course

http://www-wks.acs.ohio-state.edu/unix_course/intro-1.html

--
-----------------------------------------------------------------------
David Lawver - speaking for me, not UW-Madison, DoIT, or anyone else

"Those who would do away with essential liberties for the sake of a
little safety deserve neither liberty nor safety." - Benjamin Franklin

2. how to store * as argument and pass on?

3. Looking for -good- hands on course in SCO Unix \ Windows NT intergration.

4. Xlock

5. ANNOUNCE:UNIX Network Security Course

6. keymap error

7. UNIX Security Course

8. Mininum HD space

9. Unix Security Course

10. Good Sales/Marketing Tool for UNIX?

11. Really serious security hole in Microport Unix (Re: SECURITY BUG IN INTERACTIVE UNIX SYSV386)

12. Unix security tools

13. Unix Security Audit Tools


All times are UTC
Board index