Linux System Hardening Training 1

1
SECURIUM FOX offers cyber security consultancy
services with its expert and experienced team. We
are providing consulting services to prevent
cyber attacks, data leak and to ensure that our
customers are ready and safe against cyber
attacks, with more than 15 years of
experience.In addition to pentests and
consulting services, SECURIUM FOX prepares its
customers and field enthusiasts for real life
scenarios by providing trainings in the lab
environment which was prepared by themselves,
with its young, dynamic and constantly following
team.Everytime that hackers are in our lives,
there are always risks that we can face with a
cyber attack. Over the years cyber security has
become a critical precaution for all
organizations and companies after the effects and
number of attacks. SECURIUM FOX tests the weak
points of customers for possible attacks and
provides consulting services to eliminate these
weak points.SECURIUM FOX team also offers
support for the development of our country in
this field by supporting free events being
organized as a volunteer by the Octosec team.
ABOUT US
2

• LINUX SYSTEM HARDENING TRAINING

3

• Linux System Hardening Training is a training for
  system configuration and hardening in terms of
  services on linux distributions and security on
  the system. This training is mainly for system
  administrators and network security
  professionals, as well as anyone with an interest
  in cyber security can join.

4
Linux Server Hardening Checklist and Tips

• The following instructions assume that you are
  using CentOS/RHEL or Ubuntu/Debian based Linux
  distribution.

1 Encrypt Data Communication

• All data transmitted over a network is open to
  monitoring. Encrypt transmitted data whenever
  possible with password or using keys /
  certificates.

5

• Use scp, ssh, rsync, or sftp for file transfer.
  You can also mount remote server file system or
  your own home directory using special sshfs and
  fuse tools.
• GnuPG allows to encrypt and sign your data and
  communication, features a versatile key
  management system as well as access modules for
  all kind of public key directories.
• OpenVPN is a cost-effective, lightweight SSL VPN.
  Another option is to try out tinc that uses
  tunneling and encryption to create a secure
  private network between hosts on the Internet or
  private insecure LAN.
• Lighttpd SSL (Secure Server Layer) Https
  Configuration And Installation
• Apache SSL (Secure Server Layer) Https (mod_ssl)
  Configuration And Installation
• How to configure Nginx with free Lets Encrypt
  SSL certificate on Debian or Ubuntu Linux

6
2 Avoid Using FTP, Telnet, And Rlogin / Rsh
Services

• Under most network configurations, user names,
  passwords, FTP / telnet / rsh commands and
  transferred files can be captured by anyone on
  the same network using a packet sniffer. The
  common solution to this problem is to use either
  OpenSSH , SFTP, or FTPS (FTP over SSL), which
  adds SSL or TLS encryption to FTP. Type the
  following yum command to delete NIS, rsh and
  other outdated service
• yum erase xinetd ypserv tftp-server
  telnet-server rsh-server
• If you are using a Debian/Ubuntu Linux based
  server, try apt-get command/apt command to remove
  insecure services
• sudo apt-get --purge remove xinetd nis yp-tools
  tftpd atftpd tftpd-hpa telnetd rsh-server
  rsh-redone-server

7
3 Minimize Software to Minimize Vulnerability

• Do you really need all sort of web services
  installed? Avoid installing unnecessary software
  to avoid vulnerabilities in software. Use the RPM
  package manager such as yum or apt-get and/or
  dpkg to review all installed set of software
  packages on a system. Delete all unwanted
  packages.
• yum list installed
• yum list packageName
• yum remove packageName
• OR
• dpkg --list
• dpkg --info packageName
• apt-get remove packageName

8
The training term is 2 days.

• Participants in the trainings will be given a
  certificate of participation by SECURIUM FOX.

• Training Contents
• Cyber Security Fundamentals
• Physical Security
• Secure Setup
• User Management
• Password Security

9

• Basic Security Configurations
• Packet Management Hardening
• Service Hardening
• File System Security
• Firewall Using
• SE Linux Using
• Logging Infrastracture
• Vulnerability Discovery Practices
• Intrusion Detection Systems
• Backup Processes
• Applications

10
You can always contact with SECURIUM FOX. You can
contact us through our email addresses or by
using the contact form on the side.

• INFO
• 3rd Floor,Lohia Towers,
• Nirmala Convent Rd,
• Gurunanak Nagar,Patamata,Vijyawada,
• Andhra Pradesh -520010
• 9652038194
• 08666678997
• info_at_securiumfoxtechnologies.com

11

• info_at_securiumfoxtechnologies.com
• Andhra Pradesh Office
• 91 8666678997,91 91652038194
• 3rd Floor,Lohia Towers,
• Nirmala Convent Rd,Gurunanak Nagar,Patamata,Vijaya
  wada,
• info_at_securiumfoxtechnologies.com
• UK Office
• 44 2030263164
• Velevate, Kemp House, 152 - 160,City Road,EC1V
  2NX
• London
• info_at_securiumfoxtechnologies.com
• Tamil Nadu Office
• 91 9566884661
• Kailash Nagar, Nagar, Tiruchirappalli, Tamil Nadu
  620019
• info_at_securiumfoxtechnologies.com

• Noida Office
• 91 (120) 4291672, 91 9319918771
• A-25, Block A,
• Second Floor,Sector - 3,
• Noida, India
• info_at_securiumfoxtechnologies.com
• USA Office
• 1 (315)933-3016
• 33 West,17th Street,
• New York,
• NY-10011, USA
• info_at_securiumfoxtechnologies.com
• Dubai Office
• 971 545391952
• Al Ansari Exchange, Ansar Gallery - Karama
  Branch, Hamsah-A Building - 3 A St - Dubai -
  United Arab Emirates