LinuxCBT Enterprise Linux 5 Edition focuses on the RedHat® Enterprise 5 GNU/Linux operating system. It is the successor to LinuxCBT EL-4 Edition.
LinuxCBT EL-5 Edition, is unparalleled in content, depth and expertise. LinuxCBT EL-5 Edition prepares you or your organization for successfully deploying and managing business-critical RedHat® Enterprise 5-based solutions. Let LinuxCBT EL-5 Edition teach you applicable GNU/Linux skills.
Recommended Prerequisites for:
- LinuxCBT EL-5 Edition
- Open mind & determination to master Linux and related open-source applications
- Basic MS Windows skills
- Basic understanding of networking concepts
- Access to a PC to perform all of the installations and exercises
Installations - Shell Basics - Permissions - File Systems - Package Management
- Installations - Local Media - Network - LVM- RAID5 - VMWare - Kickstart
- Explore network layout
- Discuss features of RedHat® Enterprise Linux 5
- Install RedHat Enterprise 5 on Dell Power Edge Server
using local media
- VMWare - Virtual Machine Installation
- VMWare Network Installation
- Installation with RAID5
- Installation with Logical Volume Management (LVM) volumes
- Kickstart, automated installation
- Kickstart installation with RAID5
- FTP installation
- Explore - BIOS - GRUB - INIT environments
- Explain GNU/Linux System V Init Runlevel (0 - 6) concepts & applications
- Enter the Rescue environment
- Debug failed INITRD environments
- Common BASH Shell commands - Command Line Interface (CLI)
- pwd, touch, stat, ls - explore useful Linux system commands
- echo, cat - expose ASCII text and integrate with files
- cp - copy files
- mv - move files throughout the file system
- tar - explore features and advantages of tarballs
- gzip, bzip2, zip- intetgrate with tar and examine Internet archive
- diff - compare and contrast between 2 or 3 files - diff3
- file - discuss logic used to ascertain file type
- find - single and multiple expressions and criteria
- slocate - Compare and contrast with find and create system-wide DB
- w, wall, watch, whereis, which, who - Important w commands
- ps - explore process lists
- free & top - explore process management with top
- seq, top, jobs, fg, kill, killall, bg - Manage processes using standard tools
- Use grep to process lines
- Use awk to process fields
- Use sed to process text streams
- Explore Perl basics
- User and group creation & management concepts - passwd, shadow, group, gshadow files
- Use system-config-users to create and manage users and groups
- Permissions - Symlinks - Quotas - File System
Management
- Discuss & Identify file system permissions
- Create Symbolic links (hard & soft)
- Implement file system quotas
- Use FDISK
- Create Standard Linux Partition
- Make EXT2 File System & mount for general usage
- Remove EXT2 partition and create EXT3-based parition
- FSTAB - explore File System Table
- Use FDISK to create a swap partition
- Create Swap partition using MKSWAP & SWAPON
- Provision additional swap space using swapon & swapoff
- Create Swap space using files in conjunction with partitions
- Logical Volume Management (LVM) - Discuss concepts and applications
- Allocate partitions for usage with LVM
- Create Physical Volumes
- Create Volume Groups based on Physical Volumes
- Create Logical Volumes based on Volume Groups
- Mount and use LVM Volumes
- Resize LVM Volumes
- Create run-time RAID volumes
- Evaluate results
- Kickstart-based RAID Installation
- Use Kickstart tool to configure automated kickstart process
- Installation via HTTP using Kickstart
- Discuss RAID concepts and configuration
- Configure RAID disk partitions
- RPM | YUM Package Management Tools - Concepts & Usage
- Query existing packages & file-based packages
- Identify offline and online package repositories
- Install packages
- Upgrade packages
- Freshen packages
- Remove packages
- Create YUM repository
- Install packages using YUM
- CRON - System Scheduler
- Explore Cron Implementation
- Explain scheduling options
- Global and scope-based Cron options
- Schedules jobs to run & examine the output
- Configure individual Crontab entries
- Explore System Logging via SYSLOG and Logrotate
- Explore Boot log & System Log
- Explore dmesg
- Explanation of syslog facilities & levels
- Demonstrate syslog administration
- Enable SYSLOG network listener
- Demonstrate Cisco PIX Firewall to Linux SYSLOG functionality
- Explore automatic log rotation and customization via Logrotate
- Configure Logrotate to rotate & compress sample log files
- Common Network Utilities
- Explore PING
- Use Telnet to test TCP ports
- Explore Netstat socket listings
- Use arp to reveal layer-2 information
- LFTP - basic usage, job control
- LFTP - mirror and reverse mirror content - resume transmission
- LFTP - batch, non-interactive, scripted mode
- Introduction to SSH concepts, implementation, etc.
- Use SSH Client to connect to remote Linux Systems using password authentication
- Identify key SSH-client files (.known_hosts, public/private key pairs,etc.)
- Authenticate to remote Linux systems using alternate credentials
- Use Secure Copy Protocol (SCP) to move data between systems non-interactively
- Use Secure File Transfer Protocol (SFTP) to move data between systems interactively
- Demonstrate how to generate Public/Private key (RSA/DSA) pairs using SSH-Keygen
- Demonstrate using SSH to authenticate to remote Linux hosts without passwords
- Install RedHat Enterprise Workstation on Dell Laptop using HTTP
- Generate Public Key/Private Key pairs for use with file and E-mail encryption
- Network Interface Configuration
- Discuss concepts
- Identify key files
- Configure aliased interfaces
- Evaluate results
- Kernel Concepts and Management
- NTSYSV & Chkconfig
- Identify and discuss kernel implementation
- Use kernel utils to identify modules and supported hardware
- Discuss proper kernel update procedures
- Download and Install the latest SMP-based kernel
- Confirm results
- Remove outdated kernel and confirm results
- Download and Install the latest Uniprocessor-based kernel
- Examine changes to GRUB and other key directory trees
- Explore ntsysv
- Explore chkconfig
- Implement Network Time Protocol (NTP) Client/Server
- Configure Network Time Protocol (NTP) to perform client/server time synchronization
- Synchronize SUSE Enterprise Linux NTP with additional Linux Stratum 2 NTP server
- Synchronize against Stratum 1 NTP servers
- Trivial File Transfer Protocol Daemon (TFTPD)
- Explain TFTPD Concepts & Applications
- Explore TFTPD configuration file
- Configure TFTPD with applicable options
- Backup Cisco configuration using TFTPD
- Very Secure File Transfer Protocol Daemon (VSFTPD)
- Explain VSFTPD Concepts & Applications
- Explore VSFTPD configuration file
- Configure VSFTPD with applicable options
- Connect to VSFTPD server
- TelnetD
- Explain Telnet Concepts & Applications
- Explore Telnet configuration files
- Evaluate Telnet connectivity
- Dynamic Host Configuration Protocol (DHCP)
- Explain DHCP Concepts & Applications
- Explore DHCP configuration files
- Configure DHCP subnet with applicable options
- Configure DHCP Reservation based on layer-2 address
- Domain Name System (DNS)
- Configure BIND as a caching-only DNS server
- Implement Master DNS Zone
- Configure Reverse Zone for local subnet
- Configure Master/Slave Zones with Linux Server
- Evaluate results of BIND configuration using DIG, nslookup & host
- Configure BIND
with reverse DNS support
- Configure BIND
with IPv6 support
- Network File System (NFS) Implementation
- Implement NFS Server
- Export shares and discuss options
- Mount NFS exports on remote Linux Host
- Implement AutoFS
- Samba Implementation
- Implement Linux & Windows Integration via Samba
- Explore Samba Configuration files
- Install Samba Server support
- Install Samba Web-based Administration Tool (SWAT)
- Configure Samba file sharing
- Configure Samba with multiple NETBIOS aliases
- Configure Samba-Active Directory Integration with Winbind
- Evaluate results
- top
Apache - MySQL® - PHP (LAMP)
- Apache Web Server Implementation
- Discuss Apache server's features and concepts
- Examine Apache HTTPD CONF hierarchy
- Examine various configuration files
- Implement Apache Mod Alias
- Follow SYMLINKS
- Discuss and implement the Directory directive
- Restrict access to content based on IPs and subnets
- Discuss .htacess file with directives
- Configure IP-based Virtual Hosts
- Configure Name-based Virtual Hosts
- Implement Basic and digest authentication schemes
- Explore Apache logging semantics
- Implement Apache logging system per virtual host
- Configure Apache with SSL support
- MySQL® Relational Database Management System
- Install MySQL® Relational Database Management System
- Secure access to MySQL®
- Explore MySQL® monitor shell-based interface
- Create sample MySQL® database
- Populate with data and execute queries
- Evaluate results
- Postfix Message Transfer Agent (MTA)
- Introduction to Sendmail Implementation
- Configure Postfix as default MTA
- Introduction to Postfix Message Transfer Agent (MTA)
- Explore the directives in the Postfix configuration files
- Define default values for the FQDN
- Alter myorigin and examine results
- Configure Postfix to route messages using a Smarthost
- Examine how Postfix delivers mail locally
- Configure SMTP Relaying in Postfix
- Use Mutt to demonstrate outbound mail handling using Postfix
- Define SMTP Virtual domains for hosting multiple DNS domains
- Configure Postfix with a production LinuxCBT DNS domain
- Examine Virtual domain routing with production and non-production DNS domains
- Internet Messaging Access Protocol (IMAP) - Dovecot
- Explain IMAP concepts and applications in comparison to POP3
- Implement IMAP services
- Connect to IMAP services from remote Windows Outlook Express client
- Implement IMAPS
- Generate new self-signed SSL certificate for use with IMAPS
- Squirrel-mail Web-based Mail Interface Implementation
- Describe required squirrel mail components for web-mail integration
- Install squirrel mail on SUSE Enterprise Linux system
- Configure Apache virtual directory for squirrel mail integration
- Configure Apache Virtual Host for squirrel mail integration
- Configure BIND DNS services for squirrel mail integration
- Explore squirrel mail's web-based interface
- Squid Proxy Server
- Discuss features and benefits
- Explore configuration
- Enable and test Squid from a web browser
- Evaluate results
- top
Security Implementation Techniques
- SELinux Intro
- Discuss features and benefits
- Explore default configuration
- Enable | Disable SELinux
- Identify key tools
- Evaluate results
- GNU Privacy Guard (GPG) Implementation
- Discuss features and benefits
- Explore default configuration
- Generate usage keys
- Encrypt | Decrypt data
- Exchange encrypted data with remote user
- Evaluate results
- Secure Shell Daemon - Secure Communications Implementation
- Explore SSHD key configuration files
- Restrict access to SSHD
- Explore SSHD logging
- Execute remote commands in non-interactive mode using SSH
- Discuss forced-commands framework
- Configure SUSE Enterprise to accomodate forced-commands
- Test forced-commands for pre-configured accounts for push/pull secure transactions
- Integrate SSHD with Windows 2003 Server and PuTTY SSH client
- Implement PKI with PuTTY SSH
- Use PSCP and PSFTP to communicate securely from Windows
- Evaluate results
- IPTABLES (Netfilter Linux Kernel-based Firewall)
- Discuss IPTABLES/Netfilter Concepts
- Explore default tables and chains
- Define and test INPUT chain
- Define and test OUTPUT chain
- Create user-defined chain and evaluate results
- Explain IPTABLES default chains/filters and policies
- Examine TCP/ICMP communications pre-IPTABLES chains
- Filter traffic based on Layer-4 TCP/UDP (Source/Destination Ports) information
- Restrict access to SSH and test connectivity
- Implement IP Forwarding between disparate subnets
- Evaluate IPTables6 (IPv6) support
-
- NMAP - Port Scanner and Vulnerability Assessment Tool
- Obtain, and install current version of NMAP
- Identify commonly used NMAPoptions/switches/parameters
- Explain typical TCPhandshake protocol while using NMAP
- Identifiy key NMAP configuration files
- Use NMAP to perform operating system fingerprinting
- Peform subnet-wide ethical scans
- Perform default TCPSYN-based ethical scans of local and remote resources
- Examine the results of scans on remote Cisco firewall with debugging mode enabled
- Perform default TCPConnect-based ethical scans of local and remote resources
- Peform local ethical scans
- Discuss NMAP's features and applications
- Perform Connect/Syn/Fin and various ethical port-scans
- Perform service exposure scans
- Nessus Vulnerability Scanner
- Download and Install Nessus Vulnerability Scanner
- Register Nessus to obtain updated definitions
- Perform basic Nessus system configuration and start the daemon
- Use Nessus Linux client to connect to Nessus Server and perform scans
- Examine resuls of scanning local and remote hosts
- Evaluate results
- Snort® 2.x Network Intrusion Detection System (NIDS)
- Obtain, and install pre-requisites (libpcap/libpcre/etc.)
- Obtain, compile and install the Snort® Network Intrusion Detection System (NIDS)
- Identify and explain key operating modes (Sniffer/Logger/NIDS)
- Explore in network sniffer mode
- Explain OSI Model and relevant sniffing options
- Explore Snort® in ASCII and Binary (TCPDUMP) logging modes
- Output logs to ASCII text format and examine the results
- Output logs to binary format and examine the results
- Implement Snort® with BPF to filter traffic
- Generate traffic from remote Linux host and evaluate with Snort
- Use Snort® with Berkeley Packet Filter (BPF) to parse logs
- Implement Snort® in NIDS modes
- Explore the snort.conf file and discuss rules
- Explain Logging and Alerting output options
- Install BASE - Analysis package
- Perform port-scans from remote Linux systems and analyze Alerts
using BASE
- Configure Snort® to log to SYSLOG
- top
|
