Slide 1
Most trusted JOB oriented professional program
DevOps Certified Professional (DCP)

Take your first step into the world of DevOps with this course, which will help you to learn about the methodologies and tools used to develop, deploy, and operate high-quality software.

Slide 2
DevOps to DevSecOps – Learn the evolution
DevSecOps Certified Professional (DSOCP)

Learn to automate security into a fast-paced DevOps environment using various open-source tools and scripts.

Slide 2
Get certified in the new tech skill to rule the industry
Site Reliability Engineering (SRE) Certified Professional

A method of measuring and achieving reliability through engineering and operations work – developed by Google to manage services.

Slide 2
Master the art of DevOps
Master in DevOps Engineering (MDE)

Get enrolled for the most advanced and only course in the WORLD which can make you an expert and proficient Architect in DevOps, DevSecOps and Site Reliability Engineering (SRE) principles together.

Slide 2
Gain expertise and certified yourself
Azure DevOps Solutions Expert

Learn about the DevOps services available on Azure and how you can use them to make your workflow more efficient.

Slide 3
Learn and get certified
AWS Certified DevOps Professional

Learn about the DevOps services offered by AWS and how you can use them to make your workflow more efficient.

previous arrow
next arrow

Linux Security Tools

Spread the Knowledge
  • Vulnerability Assessment with Nessus
  • Traffic Security with Ethereal
  • Web Proxying with Squid

Vulnerability Assessment with Nessus

  • Nessus is a vulnerability assessment tool
  • Comes built-in with most distros
  • More than just a port scanner
  • Ability to scan a sytem for open ports and services, applications, and vulnerabilities associated with system
  • Useful to help find your systems’s
  • Can be run against local host or networked systems
  • Requires root privileges to be effective
  • Two major pieces:
  • Server(nessusd)
  • Client(nessus)
  • Server is run on host to be canned, client is for viewing scan results
  • Requires a username and password or certificate to be setup
  • Use ‘nessus’ command with options to configure program
  • Nessus uses port 1241 by default to listen, but can be changed
  • GUI can be used to configure scans and view them
  • Many scan options can cause DOS attack against target – use with caution!
  • Scan results can tell you about vulnerabilities, possible effetcs, and how to correct them
  • Nessus uses updateable database of Vulnerabilities
  • Usually kept very current
  • Ensure you check website for latst database updates
  • Nessus Demonstration

Traffic Security with Ethereal

  • Ethereal (now Wireshark) most popular network sniffer
  • Open source and commercial versions
  • De facto sniffer used with Linux
  • Uses libcap library
  • Enables “promiscuous mode” NIC opeartion
  • Can intercept any raw traffic NIC receives
  • Use to ensure communications security of your network:
  • Determine if integrity of packets are assured
  • Determine if/when encryption in needed
  • Determine if paswords are secured
  • Can capture real-time traffic or saved traffic for later analysis
  • Saves to a file that is readable by different programs
  • Breaks out capture by time, protocol, source, and destination IP addresses/MAC addresses
  • Ethereal Demonstration

Web Proxying with Squid

  • A proxy runs on a server beween two networks
  • Client establishes connection through proxy to destination server/network
  • Client negotiates with proxy server establish connection on behalf of client between proxy server and destination
  • Proxy then receives and forwards traffic to and from the client and destination on behalf of client
  • Effectively masquuerades client for security purposes
  • Squid is the most popular open-source Web proxy for Linux
  • Uses rules to determin if requests are valid or allowed
  • Checks web responses for validity
  • Can cache web pages to enhance performance
  • Can use plug-ins to perform additional rule checking and validate content
  • Configured using command line or Webmin grapical interface
  • Denies outgoing requests by default – must be configured to allow requests
  • Squid Configuration Demostration
Rajesh Kumar
Latest posts by Rajesh Kumar (see all)