LinuxCBT Firewall Edition feat. IPTables encompasses: 1. Firewall Security.

LinuxCBT Firewall Edition feat. IPTables is unparalleled in content, depth and expertise. It entails 11-hours, or over 1-day of classroom training. LinuxCBT Firewall Edition feat. IPTables prepares you or your organization for successfully securing GNU/Linux & Open Source-based solutions. As a by-product, many of the covered concepts, utilities and tricks are applicable to heterogeneous computing environments, ensuring your coverage of the fundamentals of securing corporate infrastructures.

Let LinuxCBT Firewall Edition feat. IPTables cost-effectively sharpen your GNU/Linux & Open Source Security skills!

Recommended Prerequisites for:

• Any LinuxCBT Operating System Course (Classic/EL-4/SUSE/Debian Editions)
  • Open mind & determination to master Linux and related open-source applications
  • Basic understanding of networking concepts
  • Access to a PC to follow the exercises

Firewall Security - Module III

• Intro IPTables
  • Discuss key IPTables concepts
  • OSI Model discussion
  • Determine if IPTables support is available in the current kernel
  • Identify key IPTables modules and supporting files
  • Explore and examine the default tables
  • Learn IPTables Access Control List (ACL) syntax
  • Discuss ACL management
  • Learn to Save & Restore IPTables ACLs
• IPTables - Chain Management
  • Explore the various chains in the default tables
  • Discuss the purpose of each chain
  • Examine packet counts & bytes traversing the various chains
  • Focus on appending and inserting new ACLs into pre-defined chains
  • Write rules to permit common traffic flows
  • Delete & Replace ACLs to alter security policy
  • Flush ACLs - reset the security policy to defaults
  • Zero packet counts & bytes - bandwidth usage monitoring
  • Create user-defined chains to perform additional packet handling
  • Rename chains to suit the security policy/nomenclature
  • Discuss & explore chain policy
• IPTables - Packet Matching & Handling
  • Explain the the basics of packet matching
  • Identify key layer-3/4 match objects - (Source/Dest IPs, Source/Dest Ports, etc.)
  • Explore the multi-homed configuration
  • Block traffic based on untrusted (Internet-facing) interface
  • Perform packet matching/handling based on common TCP streams
  • Perform packet matching/handling based on common UDP datagrams
  • Perform packet matching/handling based on common ICMP traffic
  • Write fewer rules (ACLs) by specifying lists of interesting layer-4 ports
  • Discuss layer-3/4 IPTables default packet matching
  • Discuss default layer-2 behavior
  • Increase security by writing rules to match packets based on layer-2 addresses
• IPTables - State Maintenance - Stateful Firewall
  • Discuss the capabilities of traditional packet-filtering firewalls
  • Explain the advantages of stateful firewalls
  • Examine the supported connection states
  • Identify key kernel modules to support the stateful firewall
  • Implement stateful ACLs & examine traffic flows
• IPTables - Targets - Match Handling
  • Discuss the purpose of IPTables targets for packet handling
  • Write rules with the ACCEPT target
  • Write rules with the DROP target
  • Write rules with the REJECT target
  • Write rules with the REDIRECT target
  • Confirm expected behavior for all targets
• IPTables - Logging
  • Explore Syslog kernel logging configuration
  • Define Access Control Entry (ACEs) to perform logging
  • Explain the key fields captured by IPTables
  • Log using user-defined chain for enhanced packet handling
  • Log traffic based on security policy
  • Define a catch-all ACE
  • Use ACE negation to control logged packets
  • Label log entries for enhanced parsing
• IPTables - Packet Routing
  • Describe subnet layout
  • Enable IP routing in the kernel - committ changes to disk
  • Update routing tables on the other Linux Hosts on the network
  • Update the Cisco PIX Firewall's routing tables
  • Test routing through the Linux router, from a remote Windows 2003 Host
  • Focus on the forward chain
  • Write ACEs to permit routing
  • Test connectivity
• IPTables - Network Address Translation (NAT)
  • Discuss NAT features & concepts
  • Discuss & implement IP masquerading
  • Define Source NAT (SNAT) ACEs & test translations
  • Create SNAT multiples
  • Implement Destination NAT (DNAT) ACEs & test translations
  • Define DNAT multiples
  • Create NETMAP subnet mappings - one-to-one NATs
• IPTables - Demilitarized Zone (DMZ) Configuration
  • Describe DMZ configuration
  • Write Port Address Translation (PAT) rules to permit inbound traffic
  • Test connectivity from connected subnets
  • Configure DMZ forwarding (Routing)
  • Implement Dual-DMZs - ideal for n-tiered web applications
• IPTables - IPv6
  • Explore IPv6 configuration
  • Peruse IPv6 IPTables management tools
  • Log and Filter ICMPv6 traffic
  • Log and Filter TCPv6 traffic
  • Evaluate results
• top