With the LPIC-3 certification, you are able to demonstrate that you are at the pinnacle of your career in Linux Administration. Having already gained your LPIC-2 Certification you can now choose from your expertise level certification. The LPIC-3 exam 303 allows you to show your skill in Linux Security by passing the exam 303-200. For detailed objectives, you may visit the LPI Website.
LPIC-3 Exam 303 : Security Topics
- Cryptography
- Access Control
- Application Security
- Operations Security
- Network Security
325.1 X509 Certificates and PKI
The first video in this topic look at setting up the 389-DS LDAP directory Service. We need that later in LPIC-3 303 to look at Authenticating with SSSD and PAM. The install will give you both LDAP and LDAPS access, however, with a self-signed certificate the security is not great and commands will fail if we don’t ignore invalid certificates. We can fix this by creating our own CA, certificate authority, and issuing certificates from certificate signing request form the LDAP server. This is a clean and simple CA that we can start with before moving into a more complex setup.
326.1 Host Hardening
We begin this course by looking at topic the LPI objective 326.1 and how we can harden, or secure, our Linux hosts. The LPI publish the objectives online and weight each topic. Host hardening shows with a weight of 3 indicating that you should expect 3 questions on this topic in the exam, from a total of 60. By the end of this topic you will be able to secure your Linux system against common threats. Methods that you will be able to use will include the correct configuration of the Kernel and software. You will find that there is much we can do here to extend the security delivered by and out-of-the box install
Each objective is available to view online. However if you prefer to have all the content in one place and study from an eBook then this objective is now available to download for just £0.99.
- Mastering sysctl and sysctl.conf
- Understanding ASLR – Address Space Layout Randomization
- Understanding Exec-Shield and NX Protection against Overflow Attacks
- Stop your Linux Server from Responding to Network Pings
- Managing Broadcast ICMP
- Limit Server Capabilities – Disabling IPv6
- IP Address Spoofing, Denial of Service Attacks, Reverse Path Filtering and Logging Martians
- Managing Chroot Jails
- Managing Unused Services
- Grub Passwords
- Protecting Server Resources with Ulimit
326.2 Intrusion Detection
Linux Security is not all about prevention. Being able to detect malicious or incorrect use of the server is a major part of a Linux Administrators role and in this objective we take a look at how we can detect such invasions and intruder detection.
- An Introduction to the Linux Audit System
- Configuring the Linux Audit System and the auditd.conf File
- Creating Custom Audit Rules in CentOS 7
- Installing the Linux Audit System on Ubuntu 18.04
- Auditing User Keystrokes with PAM
- Simple rootkit detection in CentOS using rpm
- Monitoring Ubuntu Filesystems with AIDE
- Detecting Rootkits in Ubuntu 18.04 with rkhunter
- Using rkhunter in CentOS 7
- Using chkrootkit in Ubuntu 18.04
- Using chkrootkit with CentOS 7 and scheduling with cron
- Linux Malware Detection, (LMD)