Computer Society of India Mumbai Chapter
Two days hands-on workshop on:
Operating System Security
18th -19th Jan’ 2013, 9.30 am to 5.30 pm, Mumbai
Introduction:
Protecting the IT resources of a company against security threats is of vital importance. The Operating System
Security is an ideal course for anyone charged with securing Operating systems. From securing a desktop, to the
high availability options available on the platform, to directory services options, this course is going to be a swift
overview of Windows 2008, Linux and Sun Solaris.
Course Contents:
Windows 2008
Section One – General Windows 2008 Security
 Module 1: Object Oriented Design
 Module 2: Underlying Principles of Security
Architecture
 Module 3: Security Terminology
Session Two - Attacking Window System Information
 Module 4: Gathering system information
 Module 5: Interpreting important information
Session Three – Physical Security
 Module 6: BIOS Password
 Module 7: Password protected screen saver
 Module 8: Number of Windows platforms on a
machine
Session Four – Securities Policies
 Module 9: Basic Guidelines
 Module 10: Windows 2008 Security Policies
 Module 11: Local Security Policy
 Module 12: Global Policy
Session Five – User Rights Assignment
 Module 13: Security Options
 Module 14: Account Lockout Policy
 Module 15: Password Policy
Session Six – Operating System Security
 Module 16: Version of OS
 Module 17: Patches and Service Packs
 Module 18: Checking for hot fixes and service
packs
 Module 19: Using hfnetchk
 Module 20: Software Inventory
 Module 21: Alternative OS Support
 Module 22: Drives and file systems
 Module 23: NTFS, FAT



























Session Thirteen –Users and Groups
Module 55: Procedure of adding / removing users
Module 56: User security policy
Module 57: Securing root
Module 58: List of users
Module 59: Password and Account Policy
Module 60: /etc/shadow and /etc/password files
Module 61: Cracking user passwords
Module 62: Group membership
Module 63: The wheel group
Module 64: User quotas
Session Fourteen – File System Security
Module 65: List of File Systems
Module 66: Using lsof
Module 67: Determine disk usage
Module 68: UNIX file permission
Module 69: SUID and SGID files
Module 70: Umask
Module 71: Permissions on critical files and
folders File integrity mechanisms – Tripwire, MD5
Sun Solaris
Session Fifteen – Physical Security
Module 72: General Checks
Module 73: The Server itself
Module 74: EEPROM Security
Module 75: GUI Security
Session Sixteen – Operating System
Module 76: Identify Vendor and Version
Module 77: Processes on Unix systems
Module 78: Hardware and software inventory
Module 79: Basic Security Module (BSM)
Module 80: Security patches
Module 81: Cron and At



Module 24: Introduction to Access Control

Module 25: Shares and Share Security
Module 26: File/Folder permissions and

Encryption

Session Seven – Network Security

 Module 27: Find Open Ports

 Module 28: Determine services keeping open

ports

 Module 29: Unnecessary and necessary services 
 Module 30: Dangerous network protocols

 Module 31: Network settings to avoid DoS attacks
Session Eight – IIS Security

 Module 32: ODBC connections security

 Module 33: IIS installation location
 Module 34: IIS components
 Module 35: Services required for IIS

 Module 36: FPSE (Front Page Server Extensions) 
Security

 Module 37: ACLs on virtual directories

 Module 38: Sample files and websites

 Module 39: Script mappings
Session Nine – Internet Explorer Security

Session Ten – Miscellaneous

 Module 40: Registry Security

 Module 41: Event Log configuration

 Module 42: Backup procedures

 Module 43: Virus Protection
Session Eleven – Active Directory

 Module 44: Integrated Zones

 Module 45: Sites, domains and organizational

units

 Module 46: AD Groups

 Module 47: AD redundancy

 Module 48: Group Policy Objects

Linux

Session Twelve – User and Group Security

 Module 49: Check Local User Accounts and Group
Accounts
 Module 50: Check password security
 Module 51: Startup files in /etc/rc.d
 Module 52: Network services
 Module 53: Critical network files
 Module 54: NFS Security
Who Should Attend:
Module 82: Logging
Session Seventeen – Network Security
Module 83: Determine Network Interfaces
Module 84: Network connections
Module 85: Unix Services /etc/inetd.conf
Module 86: Startup files in /etc/rc.d
Module 87: Critical network files
Module 88: Network services
Module 89: NFS Security
Module 90: Banners
Module 91: SMTP Security
Module 92: FTP Security
Module 93: Apache Security
Session Eighteen – Backup and Emergency Procedures
Session Nineteen – Automated Security Testing
Module 94: NMAP
Module 95: Nessus
Module 96: GFI Languard
Module 97: BSM
Module 98: Solaris Security Toolkit – JASS
Session Twenty – Linux Security
Module 99: Linux Boot Loader Security
Module 100: Linux kernel security
Module 101: RPM Security
Module 102: Xinetd features
Module 103: SSH Security
Session Twenty One – Apache Security
Module 104: Secure Apache Installation
Module 105: OS Security
Module 106: Directives
Module 107: CGI Security
Module 108: Chroot jail
Module 109: Secure HTTP Server Tools
Nmap
Nessus
GFI Languard
MBSA / Belarc
If you're a newcomer to the field of information security but a long time user of these Operating Systems or a
newcomer to these Operating Systems but a long time information security expert, this is the course for you. You
will develop skills that will help you to bridge the gap between the Operating Systems administrators and the
security administrators in most organizations; and you will learn the ins and outs of keeping your data private.
Facilitator / Faculty Profile:
Mr. Sanoop Thomas is a Trainer, Vulnerability Assessor, Penetration Tester, and Wireless Expert at NII. He has
delivered lots of Information security trainings and has performed vulnerability assessment, penetration testing
for some of NII’s premier customers. He has consistently impressed clients with his ability to think out of the box,
and creatively attack systems and applications. He is well-versed with the OWASP, OSSTMM and ISO 27001
Standards.
He currently serves as Information Security Analyst & Trainer at NII Consulting focusing on Application Security;
Java & ASP.NET secure coding practices.
His technical abilities span a very wide range of technologies across networks, operating systems, databases, web
servers, and applications; however his specialization is web applications, VoIP and Wireless security. He possesses
strong analytical skills and is at the forefront of the research activities that NII undertakes.
Educational Qualification
    Master of Computer Application, Anna University, Tamil Nadu, India
    Bachelors of Computer Science, Calicut University, Kerala, India
Certifications:
    Certified Professional Hacker
    Sun Certified Java Programmer
    Offensive Security Wireless Professional
Detailed Experience & Expertise
 Application Security
o
Expertise in Threat Modeling, web application testing, and operational environment audit.
o
Well-versed with the Open Web Application Security Project Top Ten security vulnerabilities and Web
Application Security Consortium Threat Classification.
 Network Security
o
In-depth knowledge of TCP/IP fundamentals
o
Expertise in Wireless Security
 Forensics
o
Malware Analysis
o
Disc Based and Network Based Forensics Analysis
 Compliance & Guidelines
o
Is well versed with ISO/IEC 27001 Standards
o
Good Knowledge in PCI DSS
Technical Skills
    Operating Systems: Windows 9x/NT/2000/XP/7/2003, Linux
    Databases: MS-SQL, Oracle, MySQL
    Network components: Firewalls, Routers, VPN, Switches
    Security tools: Nmap, Teneble Nessus, Metasploit, Aircrack-ng, BurpSuite, Wireshark, NetCat, Hydra,
OphCrack, Nikto, Wikto, tnscmd, OSScanner, IkeScan, IkeProbe, Hping, tcpdump, Netcat, Superscan, firewalk,
brutus, Sam Spade, Cain and Abel, forceSQL, SQLPing, John the Ripper, etc.
    Languages: C, C++, PHP, J2SE, J2EE, ASP.NET, HTML, XML, Scripting
Significant InfoSec projects
 Vulnerability Assessment Testing for:
    One of India’s largest local search engine
    One of the International web-based payment system
    Wireless Discovery for the top IT firms
 Forensics Investigation for:
    Malware Analysis
    Disc Based forensics with EnCase (imaging and analysis)
Achievements
 Speaker at :



NulCon on “Wireless Penetration Testing”
Fraud Management Conference by Global Land Mark on Advanced Fraud Prevention & Forensic
Investigation
eXodus 2012 on “Wireless attack on Open Authenticated Networks”
 Articles:

Step by Step wireless penetration in techtarget
 http://searchsecurity.techtarget.in/tip/Step-by-step-aircrack-tutorial-for-Wi-Fi-penetration-testing
Registration Fees:
 CSI Members Rs. 10,000/- Per Participant
 Non CSI Member Rs. 12,000/- Per Participant
Venue & For Registration Contact:
Harshavardhan Mane
CSI Mumbai Chapter,
Unit no 3, 4th floor, Samruddhi Venture, MIDC, Andheri East, Mumbai - 400093.
Tel:022 28235476 / 28235548, (Mobile) 9819089527, 9664926800, Fax: 022 28235546
Email: harsh@csimumbai.org / info@csimumbai.org / csimumbai@vsnl.com, http://www.csimumbai.org
Participation only through advance registration, (Batch size : 20 participants only)
Note – Out station participants need to confirm atleast 2 days prior to the commencement of the training
Disclaimer:
This mail is not spam mail and is a genuine communication from Computer Society of India (CSI) Mumbai Chapter to
its members and other IT Professionals to inform them about the forthcoming event. If you feel that this mail
should not have been sent to you or you want similar communication to be sent to your different e-mail address,
please reply to this mail and specify it in the message.