Re: [tlug] System Administration exercises

[Tim Hurman <kano-tlug@example.com>]

On Fri, May 23, 2003 at 12:10:45PM +0200, Pietro Zuco wrote:
> Hi.
> 
> I was googling a lot (maybe it was not enough) to look for some exercises
> for the people that want to improve or learn system administration.
> In my job I have to administer a little network over Linux and as a second 
> job by telnet a remote system (in the same city I'm living now) with a 
> group of peacefull users so I can't really improve my knowledge in terms of 
> security and all the topics of system administration.
> I know there are plenty of manuals, books and texts about security and 
> system administration, but I didn't find exercises. I mean usefull 
> exercises, because everyone can playing with commands, but sometimes that 
> is not enough to learn and dominate some topics.
> 

Hi,

You may find that exmaples (step by step instructions) on sysadmin
security are quite thin, this is probably because everyone's security
requirements are different. You may have more luck in finding instructions
for securing particular items, E.G. securing Apache.

I have found that a large part of system security is reading and trying
things for yourself. Things that tought me quite a lot:

Roll your own Linux distribution. This will teach you pretty much how
distributions are put together, what to look for, what to disable and what
to remove. From here you can think up ideas on how to improve security
more (E.G. permissions, read only filesystems, ...).

See what processes are running on your system and then find out if it is
really needed. You may find all sorts of dependancies across your system.

Do an external port scan of the machine, this will tell you services the
box has. From that list you can go through and find out where each service
is started if you should be running it. This will also lead you to packet
filtering and other network security.

btw, this is a really short list, there are lots of things I have not even
touched on here. There is a lot of good documentation around though, here
is some:

http://www.ibiblio.org/pub/Linux/docs/HOWTO/other-formats/html_single/
http://www.insecure.org/reading.html
http://www.securityfocus.org/

If you have the time and patience you could also try the honeypot
challanges (forgotten the URL) which, iirc, are images of machines that
have been broken into. This is really a lesson in forensics but will teach
you a lot about system security.

Hope that helps,

Tim.

-- 
"ergo it is easier to drag sheep downhill" - Applied Ergonomics Magasine
Tim Hurman - Email: kano at kano.org.uk - Phone: Yeah right.

Attachment: pgp00080.pgp
Description: PGP signature