I Teach PHP.com

Apache Configuration Basics
Install Fedora C1
Install Red Hat 7.2
Install Red Hat 7.3
SSH Clients
Virtual Hosting
links
syllabus

Bash Bash Shell Tips And Tricks

CSS links
syllabus

DHTML syllabus

HTML Basic HTML Tags
Creating Images
links
syllabus

Linux Install Fedora C1
Install Red Hat 7.2
Install Red Hat 7.3
Linux Basics
SSH Clients
links
mailme

Linux Clusters Cluster Books
Install Fedora C1
Install Red Hat 7.2
Install Red Hat 7.3
SSH Clients
syllabus

Linux Security Install Fedora C1
Install Red Hat 7.2
Install Red Hat 7.3
PHP Security
SSH Clients
syllabus

Linux SysAdmin Install Fedora C1
Install Red Hat 7.2
Install Red Hat 7.3
PHP Security
SSH Clients
syllabus
show book

Linux for Business Install Fedora C1
Install Red Hat 7.2
Install Red Hat 7.3
syllabus
show book

PHP 4 page DB system
Install Fedora C1
Install Red Hat 7.2
Install Red Hat 7.3
Linux Basics
PHP Security
Password Protect
Perl CGI Problems
Perl vs. PHP
Yahoo Stocks
links
syllabus

PHP for Flash 1-Flash Intro
2-Flash-PHP Form
Flash-PHP FAQ
Linux Basics
SSH Clients
syllabus

Perl Perl CGI Problems
SSH Clients
syllabus

TCP-IP links

WML Yahoo Stocks
links
syllabus


E-MAIL
Linux Web Server Security

Linux Web Server Security

James D. Keeline <James@Keeline.com>
http://ITeachPHP.com/

Security has always been a concern for System Administrators. As the numbers and sources of threats have increased, greater emphasis is being placed on security issues. This class will focus on security issues which affect the server, specifically a server running the Red Hat Linux Operating System and Apache web server software. We will also discuss several of the recent attacks on Microsoft servers (CodeRed, Nimda, SQL Server Worm) and note how they affect a Linux server.

Since Linux is essentially self-documenting and there are many good tutorials resources on the Internet, no specific textbook will be used in this class.  However, if you would like to purchase a reference, some good ones are:

Some of the web resources we will use are:

Red Hat Linux: http://www.redhat.com/
http://fedora.redhat.com/
Apache Web Server: http://en.tldp.org/HOWTO/Apache-Overview-HOWTO.html
Vi Editor: http://www.unb.ca/documentation/UNIX/tips/vim/
Virtual Hosting: http://httpd.apache.org/docs/vhosts/
Bash Programming: http://en.tldp.org/LDP/abs/html/
Linux Tutorials: http://en.tldp.org/
http://www.yolinux.com/
Certification: http://www.brainbench.com/
http://www.lpi.org/
http://www.redhat.com/training/rhce/courses/
Security Sites: http://www.LinuxSecurity.com/
http://www.sans.org/top20/top20.pdf
http://www.cert.org/
http://www.securityfocus.com/
http://trinux.sourceforge.net/
http://www.grc.com/
http://www.chkrootkit.org/
http://www.nsa.gov/selinux/








Planned Topics (subject to change depending on pace of class):

Day 1
  1. Why would anyone want to hack my computer?
  2. Basic Security Philosophy
    • Install and run only the server programs you absolutely need
    • Keep all software up to date with regard to security and bug fixes
    • Configure server programs with security in mind
    • Limit and monitor root access whenever possible
    • Close all ports except those which are absolutely necessary
    • Understand and monitor logfiles
    • Monitor filesystem for evidence of intrusion
    • Monitor network traffic for evidence of hacking attempts
  3. Security Considerations for Installation
  4. Red Hat Network (up2date)
  5. Manual installation of software from source code and RPM

Day 2
  1. Configuration of required server software (sshd)
  2. Limit root access (su, sudo, suexec)
  3. Use a firewall to close all but essential ports (ipchains, iptables, lokkit, shorewall)

Day 3
  1. Monitor filesystem (tripwire)
  2. Intrusion Detection Systems (snort)
  3. Security audit software and websites


This site contains files and links to support the free courses taught by James D. Keeline at the New Media Center / North City Center through the San Diego Community College District's Centers For Education and Technology.   A list of courses available at the center may be consulted.

The site will be updated throughout the semester both with new content and as a way to try out technologies used in several of the classes. This file modified 13-Jan-2007.