Thursday, April 22, 2010

LinuxCBT PAM Edition

LinuxCBT PAM Edition
English
.BIN
305MB





LinuxCBT PAM Edition encompasses: 1. Pluggable Authentication Modules (PAM) Security.

LinuxCBT PAM Edition entails 8-hours, or ~1-day of classroom training. LinuxCBT PAM Edition prepares you or your organization for successfully securing GNU/Linux & Open Source-based solutions.

Let LinuxCBT PAM Edition cost-effectively sharpen your PAM Security skills!



Course Objectives

PAM Security - Module VII

* Introduction - Topology - Features

o Discuss course outline

o Explore system configuration

o Explore network topology

o Identify primary PAM systems

o Enumerate and discuss key PAM features

*

* PAM Rules Files & Syntax

o Identify key PAM configuration files

o Explain the purpose of the /etc/pam.d/other PAM rules file

o Discuss PAM's 4 management tasks

o Identify the 4 tokens supported within PAM rules files

o Explain possible values for the 4 supported rules file tokens

o Discuss PAM's stacking of rules for the 4 management tasks

o Examine the /etc/pam.d/sshd PAM rules file for the SSHD service/daemon

o Explore the contents of included PAM rules files

*

* Common PAMs - Identify & Discuss Commonly Implemented PAMs

o Explain the purpose and implementation of pam_echo

o Test pam_echo using SSH

o Explain the purpose and implementation of pam_warn

o Explain the purpose and implementation of pam_deny

o Identify instances of pam_warn and pam_deny modules

o Explain the purpose and implementation of pam_unix2

o Identify instances of pam_unix2 module

o Explain the purpose and implementation of pam_env

o Explain the purpose and implementation of pam_ftp

o Peruse /etc/pam.d/vsftpd and discuss the implemenation of pam_ftp

o Explain the purpose and implementation of pam_lastlog

o Explain the purpose and implementation of pam_limits

o Explain the purpose and implementation of pam_listfile

o Explain the purpose and implementation of pam_nologin

*

* Account Policies with PAM

o Explain authentication flow when using PAM

o Discuss account policies features

o Identify and peruse the default account policies file: /etc/login.defs

o Discus PAM's usage of /etc/login.defs as it pertains to system security

o Discuss pam_pwcheck is maintaining system policy

o Configure pam_pwcheck to support minimum password length

o Correlate pam_pwcheck system policy to user accounts database

o Configure pam_pwcheck to support password history

o Use chage to enumerate and change user accounts' attributes associated with system policy

*

* PAM Tally

o Explain applications of pam_tally

o Identify failed logins log file: /var/log/faillog

o Identify PAM authentication messages in /var/log/messages

o Compare and contrast pam_tally with faillog

o Use pam_tally to display user's tally

o Enable pam_tally system-wide with desired policy

o Fail to login multiple times, exceeding the system policy and evaluate results

o Reset user's login count using pam_tally and faillog

o Redirect PAM log messages using Syslog-NG

*

* PAM Password Quality Check (pam_passwdqc)

o Identify pam_passwdqc using RPM

o Discuss features

o Enumerate the supported password character classes - Complex passwords

o Replace pam_pwcheck with pam_passwdqc using at least 2 character classes

o Test password policy in non-enforcing mode

o Evaluate the effects

o Enable password policy in enforcing mode and evaluate

o Alter character class and length (complexity) requirements and evaluate

*

* PAM Time - Time-based Access Control

o Discuss features

o Explain configuration file syntax

o Impose restrictions on common services

o Evaluate results

*

* PAM Nologin

o Discuss features

o Explain configuration file syntax

o Implement nologin module via /etc/nologin

o Evaluate results

*

* PAM Limits - System Resource Limits Controlled by PAM

o Discuss features

o Explain configuration file syntax

o Impose restrictions on system resources

o Evaluate results

*

* PAM Authentication with Apache

o Discuss features and desired result

o Install Apache and development modules providing apxs support

o Download PAM Apache module

o Compile and install PAM Apache module

o Configure Apache web site to support PAM

o Evaluate results

*

* PAM Make $HOME Dir

o Explore features

o Implement pam_mkhomedir

o Create new accounts without $HOME

o Evaluate module results

*

* PAM Execute Processes

o Discuss applicability

o Implement pam_exec with various types

o Evaluate module results

*

* PAM Password History
Policy Enforcement

o Discuss benefits

o Implement pam_pwhistory

o Tweak defaults

o Evaluate module results

o Implement pam_pwcheck

o Contrast with pam_pwhistory

o Apply policy to all users

o Evaluate resuls



Info:

_http://www.linuxcbt.com/products_linuxcbt_pam_edition.php



Download HotFile:



 



Download Uploading:







Download SHR:





No comments :

absende