IT security threats seem to be everywhere, but skilled IT security professionals do not seem to be nearly as pervasive. It's a conundrum that the Linux Foundation wants to help alleviate with the introduction of a new online Linux skills training program.
The online course, called Linux Security Fundamentals (LFS216), is an attempt to help individuals evaluate their own organizations' security readiness. The course is not intended as an introduction for those who are new to Linux, but rather is targeted at those already running Linux systems.
"Of course, security is not an entry-level topic; it's more important for folks who've already started their career," Clyde Seepersad, general manager, training and certification at the Linux Foundation, told eWEEK. "The prerequisite for this course really is that the person is actually in a job where this matters."
The LFS216 course covers threats and risk assessment, auditing and detection, application security, kernel vulnerabilities, local system security, network security, denial-of-service attacks as well as firewalling and packet filtering.
This is not the first time the Linux Foundation has offered security training. The Linux Foundation also has a course designated LFS416 that is about Linux security. Seepersad explained that the content is essentially the same with both LFS216 and LFS416, with the difference being the course format. LFS216 is a self-paced, online course that an individual can take in their own time from anywhere. In contrast, LFS416 is a four-day instructor-led course that an individual has to attend in person or watch via webcam at specific times.
"The logistical and personnel costs of the instructor-led course [$2,500] put it at a much higher price point," compared with $199 for the online class, Seepersad said. "We have heard anecdotally from many sysadmins that they don't want to point out to their employer that they need to learn more about security, so the lower price point makes this feasible [for them to pay the $199 out of pocket] without corporate training dollars."
On completion of LFS216, students receive verification that they finished the course and a certificate of completion. Seepersad noted that while the Linux Foundation does not offer a security-specific certification, this course can help with some questions on the Linux Foundation Certified Sysadmin and Engineer exams.
The Linux Foundation is using the 360Training platform to deliver the LFS216 course. The Linux Foundation also works with other online training platforms including edX, where it has a very popular Introduction to Linux Massive Open Online Course (MOOC) that was first offered in March 2014.
While understanding Linux operating system security is a broad topic, the application security piece is complex. "Application security is a huge landscape, and the applications themselves have intricate permission and user policies," Lee Elston, the course instructor for LFS216 told eWEEK. "It would be unjust to try and cover them in a single class."
The LFS216 does include application security as a topic in a way that can help students get a grasp of the key issues.
"In LFS216, we look at the systemic changes and vulnerabilities that can affect the security of the system and the applications," Elston said.
In the course, tools such as tcpdump and wireshark are used to see the packets (both clear and encrypted) coming and going to systems, he said. As for the status of the systems and applications, tools such as OSSEC are used to audit the environment for changes. Elston said that there is an opportunity for students to compile and test a kernel vulnerability (an old one) to see how kernel modules might be the source of an intrusion.
"We demonstrate many conditions the systems may face with a heavy emphasis on lab exercises for maximum exposure to the tools," Elston said. "The primary technique for this class is experience, getting your fingers into system and testing, seeing and fixing conditions that exist in the real world."
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.