I am to go for an interview for a unix/NT network security job. My background is in networking and cisco technologies with good understanding of unix systems and network security. I have brushed up on unix security topics, but want to get a feedback from folks on this forum. What are the the topcis/tools I should focus on the most? What are the things I MUST know to manage unix security.

You defentely need to be familiar with the IPTABLES system and you have to know some basic *nix network tools like iptraf, netstat, nmap, nessus, snort and so on..

But most of all and for sure IPTABLES, you can get a whole bunch of documetnation from www.netfilter.org.


Good Luck!!!

unix/linux security is a board topic even alone Internet security is very big topic.
well for sack of your interview do read about firewalling (iptables) and also ipfw freebsd why they are necessary for orgnaizations etc, Introsion Detection System (IDS), and Introsion preventation system, etc
also im kinda n00b to internet security world but you could google for similar keywords

regards

mago, are you aware that netfilter/iptables is Linux-specific? BSD OSs use IPF, IPFW, and PF. Solaris uses proprietary firewalls, or IPF, other UNIX-like OSs uses various other native or third-party packet filters, but I'm not aware of any non-Linux OSs that use netfilter/iptables.

Any way, the most important areas to know for UNIX security are:
Patch management for each OS in question
OS hardening (i.e. what services to disable, what permissions to alter, what daemons to chroot)
Account management (provisioning, authentication, directory integration, etc)
Log analysis (well, intrusion forensics in general)
Security architectures (network design considerations, application deployment, etc)

Well, that's a good start any way.