Harness Security Enhanced Linux for a Truly Hardened Server
Submitted by REJY M CYRIAC (@rejy) on Friday, 31 October 2014
Learn, explore and experience the security provided by Security Enhanced Linux (SELinux), to get set on the path of SELinux Enlightenment, and improve server security.
Security Enhanced Linux (SELinux) provides tremendous power to tighten process security on Linux systems. By not optimising, or worse, by not enabling SELinux, Linux server hardening would remain incomplete, and the Linux servers may be vulnerable to process hijacks/exploits.
The first step to set this right is to understand the fundamentals of SELinux, and to have a hands-on learning experience in fine tuning the available rules and parameters. This would remove the barriers of fear in using SELinux, and provide the confidence to proceed to making use of SELinux, on development to production Linux servers, for widely used services. And then progressively, with the enhanced knowledge of experience, it would be easier to further progress to the advanced usage of SELinux, for securing customised services as well.
This workshop on SELinux is targeted to help System Administrators and DevOps Engineers to get started on the path, and provide hands-on experience in the initial steps along the path. The workshop will utilise interactive lecture, live demonstration, and direct participant hands-on models of learning.
Fedora20/RHEL6/CentOS6 System/VirtualMachine with the following packages installed
Live DVD images of the Fedora20 will be made available, which may be used to boot up a Virtual Machine on the system.
If a Virtual Machine is intended to be used, please make sure that the virtualization environment on the system is prepared beforehand.
A few Live DVDs and Live USBs of Fedora20 will also be available, to be used to boot the laptop into Fedora20, if desired.
A repository of the required packages and their dependencies will also be available.
Working in Engineering at Red Hat, Bangalore
User and Evangelist of SELinux for over 8 years
Have trained and assisted SysAdmins/DevOps to use SELinux on servers
Passionate about Open Source
Red Hat Certified Architect
Red Hat Certified Data Center Specialist
Red Hat Certified Security Specialist