arrow Biztonsági hírek

Guru: English security news selection, with hungarian comments.

Ubuntu biztonsagi frissitesek
A tomcat6 nem megfelelően kezeli az érvénytelen Transfer-Encoding HTTP fejlécet, a szerver DoS-olható, vagy információ szivárgási hi... >> Continue
2010-08-31
Debian biztonsagi frissitesek
A zope-ldapuserfolder modul nem ellenőrzi a vészhelyzeti felhasználó jelszavát, így a támadó tetszőleges jelszót használva belé... >> Continue
2010-08-31
Microsoft Windows DLL betoltesi hiba
Amikor egy alkalmazás futás közben egy DLL-t kíván betölteni, úgy a rendszer az aktuális könyvtárban is keresi. Ez rendkívül sok pr... >> Continue
2010-08-31
More security news in the Guru.


arrow menu

Training activity

Our most important training areas are network- and programming security, development and system administration on Linux, *BSD and Solaris. If you are interested in any of our training areas, send your inquiry to the following e-mail address: info@andrews.hu

Our training areas

Programming specific courses

  • C
  • Perl
  • Shell
  • Linux/Unix developer courses:
    • Network management
    • Secure program development
    • Linux/Unix development
    • GNU developer tools (gcc, gmake, autotools etc.)

General computer security technology training:

The basics of computer security

Level of the course: beginner

Duration: 5 days

Completely distribution-independent course.

Aim of the course: The participants of the course get to know the vulnerabilities of the computer systems, the theoretical possibilities of exploiting them and the defense methods against these.

Draft syllabus:

  • Introduction, general basics
  • Typical programming mistakes and their exploits
  • Local security on Unix systems
  • Security questions of Linux systems
  • High security extensions to the Linux kernel
  • Installation of a secure Linux server
  • Security questions of computer networks (IP, TCP, UDP, ICMP)
  • Types of firewalls: packet filters, stateful packet filters, application layer filters
  • Protection plan, network flaw demonstration
  • The stateful packet filter of Linux
  • Cryptology
  • Secure development, audit - CC

Linux courses from beginner to expert levels:

Basic course for operators

Level of the course: beginner

Duration: 5 days

With optional distribution-specific parts. optional distributions:

  • Red Hat
  • Fedora
  • SuSe
  • Debian
  • Ubuntu

Aim of the course: After completing the course, the participants will be capable to install a Linux workstation, managing an installed server through it, starting and stopping the server, checking its services and solving easier problems that occur. This basic training assists later self-learning of related material.

Draft syllabus:

  • Installation and basic settings of Linux workstations
  • Options for managing Linux servers
  • Starting and stopping servers, run levels
  • Starting and stopping services, general configuration methods
  • Troubleshooting basics (return value, STDERR, log analysis)
  • Monitoring the running system (processes, daemons, network servers)
  • Timed command execution, running commands in the background
  • Basics of user management, groups
  • Access control, file systems
  • Installing new devices into the system (disks, network devices)
  • Package management system and its usage
  • Implementing a simple backup system

General administrator skills

Level of the course: beginner

Duration: 5 days

Completely distribution-independent course.

The aim of the course: After completing the course, the participants will be capable of efficient work using the command line on a Linux system. They will be prepared to write shell scripts that even solve more complex tasks through which the maintenance of the system and the efficiency of the management functions can be dramatically improved. They get to know the query and configuration tools that can be used on Linux systems, which assist to using functions far beyond capable than graphical configuration tools.

Draft syllabus:

  • The parts of the Linux file system
  • Commands related to file management
  • Pipes and their usage, the most important basic commands
  • Management of disks and file systems at high level
  • The options of the Bourne shell family, globs, complex shell commands
  • Process management on Unix systems
  • Simple shell programming
  • Basics of querying and configuring network settings
  • Details about the system initialization
  • Interpretation of a chosen init script
  • Developing complex shell scripts on Linux
  • Characteristics of cron scripts
  • Developing a simple automatic log analyzer

Troubleshooting on Linux

Level of the course: beginner +++

Duration: 2 days

Completely distribution-independent course.

Aim of the course: During the course the participants get to know those tools which can assist in the prediction, detection and prevention of errors of the computer, the programs running on it and the network.

Draft syllabus:

  • The nature of errors
  • Detecting and preventing program errors
  • Detecting and predicting hardware errors
  • Detecting and preventing network errors

Server installation on Linux

Level of the course: beginner

Duration: introductory course: 2 days, then per module: 3 days

With optional distribution-specific parts. Optional distributions:

  • Red Hat
  • Fedora
  • SuSe
  • Debian
  • Ubuntu

Aim of the course: During the introductory course the participants get to know the basics of the installation of a general server. Reliability of operation and security aspects are mentioned in connection with the installation, and such general knowledge that prepares the participants for the installation of almost any server program with the appropriate documentation.

Draft syllabus:

Basic knowledge:

  • The requirements for choosing a server program
  • Co-existing services and their risks
  • Acquiring the basic skills necessary for installation
  • Installation and configuration of the server
  • Functional tests and creating installation documentation
  • Basics of troubleshooting and problem solving
  • Log analysis and reaction
  • Necessity of updates and their installation
  • Importance of backup methods and their planning
  • Making a disaster recovery plan, restoration test

Optional modules:

  • Apache webserver
  • Bind name server and DHCP server
  • Squid webcache
  • Mailing (basics of SMTP, POP3 and IMAP)
  • Samba file and printer server
  • Virus and spam filtering of mail
  • LDAP server

Advanced network administrator on Linux

Level of the course: Advanced

Duration: 5 days

Completely distribution-independent course.

Aim of the course: After completing the course, the participants are capable of operating network subsystems of Linux based systems, developing secure network topologies and analysing, preventing network problems occurring in connection with the managed systems. The course contains a review of the TCP/IP protocol at the administrator level.

Further purpose of the course is to review a Linux based implementation of the following topics:

  • Encrypted Private networks (Virtual Private Network -- VPN)
  • Basics of network bandwidth management
  • Linux kernel network routing system -- Advanced Routing

Draft syllabus:

  • Basics of network communication, TCP/IP networks
  • The networking subsystem in Linux
  • Network segmentation and topology design
  • Packet filtering firewall subsystem of the Linux kernel
  • Basics of encrypted Private networks, Linux based implementation in practice
  • Basics of network bandwidth management
  • Advanced routing capabilities and their utilization techniques in practice

Central user management with the help of Kerberos and LDAP

Level of the course: Advanced

Duration: 5 days

Completely distribution-independent course. On demand, we can deliver this course for other Unix (Solaris, HP-UX or FreeBSD) systems too.

Aim of the course: After completing the course the participants will be capable of installing and using LDAP and Kerberos clients and servers. They get to know a central authentication method that can be used on Linux (and other Unix) systems, its conditions, installation and usage (both on the client and the server side).

Draft syllabus:

  • The tasks and possibilities of the LDAP system
  • The structure of the LDAP database
  • OpenLDAP server management basics
  • Access control in LDAP
  • LDAP schemes, their set-up and usage
  • Efficient search in LDAP databases
  • LDAP data backup and restoration
  • LDAP replication
  • What support does libc offer to the central user management?
  • Usage and configuration of the LDAP NSS module
  • What is Kerberos and what is it for?
  • User level review of Kerberos
  • Installation of a Kerberos master and slave server, client configuration
  • Kerberos administration tasks
  • Kerberisation of some servers (OpenSSH, OpenLDAP)
  • The basics of PAM (Pluggable Authentication Modules)

Linux in an enterprise environment

Level of the course: advanced

Duration: 5 days

Completely distribution-independent course.

Aim of the course is to review the capabilities necessary for company level usage of the Linux operating system. The complexity of the subjects presented in the frame of the course doesn't allow the detailed review of certain features, because of this we confine ourselves to present only the operator level functionalities. In case of demand, we can organise expert courses and consultations in the given topic.

Draft syllabus:

  • Performance tuning of Linux based systems
  • Memory management of the Linux kernel
  • Performance tuning of network subsystem in the Linux kernel
  • Performance tuning of the disk subsystem and the filesystems
  • Tuning of multi-processor systems
  • High availability, fault-tolerant systems
  • Journaling filesystems
  • Developing fault-tolerant disk subsystems (RAID)
  • Implementation of logical partitions (LVM)
  • Monitoring systems
  • Introduction to the Nagios network monitoring system and its possibilities
  • Load balancing and shared resources
  • Load balancing of network resources (LVS)
  • High availability network services (HA)
  • Virtualisation technologies
  • The theory of virtualisation and its practical advantages
  • Prevalent virtualisation techniques on Linux
  • XEN
  • UML
  • VMware ESX server

General network training

TCP/IP expert course

Level of the course: advanced +++

Duration: 5 days

Completely distribution-independent course.

Aim of the course: The participants of the course get to know the TCP/IP protocol family in complete details (under which we mean bit level review in most cases). We deal with the TCP protocol in particular detail, the participant will learn the processes in the background which aren't visible to the simple users and administrators. After completing the course, the participant will be capable of identifying the most complex TCP/IP communication problems, understanding the operation of the TCP/IP stacks, and in the possession of programming knowledge, maybe implementation as well. We recommend this course only to participants with strong TCP/IP basic knowledge.

Draft syllabus:

  • TCP/IP in general
  • Data connection level
  • Structure of the IP packet
  • Basics of routing, the connection of data connection and network layer, the ARP protocol
  • The ICMP protocol
  • IP routing and the ICMP protocol
  • The UDP protocol
  • Broadcast and multicast communication, multicast routing, IGMP
  • Basics of the TCP protocol
  • Establishing and closing the TCP connection
  • TCP interactive data transfer
  • TCP mass data transfer
  • TCP timeout and retransmission
  • TCP protocol performance tuning
  • The weaknesses of the TCP/IP protocol family, network attacks

Teaching on self-developed products

  • ALF courses from beginner to expert level
  • TCB course
  • DHCPman course