Applied Security Tools for Sysadmins

Constitution Ballroom B

Full Day
9:00 am5:00 pm
LISA16: Engineering

The course is a direct response to the many requests I have gotten for “more tools”, and so I have written it with an eye to meeting that goal. The class will be taught through a “secure and defend” plan where we will take the majority of class to learn offensive and defensive tools and break into teams and work to secure and setup monitoring for provided on-site test environments. The second phase of our class will involve students coming to LISALabs to use the attack tools and defend their environments from their peers. There would be scheduled times for either the teams independently or in groups to deal with created 'incidents'.

This will be a coordinated event that I will support both in my role as instructor and as a member of LISABuild and Labs, and the second phase will be running throughout the Conference. I will have some form of visual score keeping in Labs where people can walk in and see what's going on with the event. At the end, I will provide prizes and/or accolades for the best teams.

Who should attend: 

Participants should be beginning to advanced system administrators of any stripe with an interest in IT Security and a desire to learn how to attack and defend against potential threats in their environments. It is required that participants have experience with *nix command line, basic networking and an understanding of virtual environments.

Take back to work: 

Knowledge of how to evaluate an environment, find vulnerabilities and mitigate them, improve security monitoring and the detect and defend attacks. Students will learn how to use a working security toolkit which can be directly applied to students' home environment.

Topics include: 
  • basic security concepts and architectural design
  • how to scope and scan an environment using readily available tools and general sysadmin knowledge.
  • how to identify, understand, remediate vulnerabilities, and verify the solution
  • how to monitor and react to incursions
Presentation Type: