LinuxCBT SLES-10 Edition
English | .MOV | aac, 44100 Hz, stereo | h264, yuv420p, 750x334, 5.00 fps | 3.94GB
Genre: E-learning
Network-based (HTTP & SSH) Installations
Enable Apache HTTPD on Installation server
Configure SUSE Ent. 10 Server as an HTTP Installation source with Apache
Discuss system requirements
Install SUSE Ent. 10 Server via HTTP
Confirm resultsGrand Unified Boot Loader (GRUB) & System V Linux Runlevel implementation
Explore GRUB configuration
Explain SUSE Linux System V Init Runlevel (0 - 6) concepts & applications
Identify key startup files, including scripts (inittab,Sscripts,Kscripts,etc.)GNOME & YaST
Explore the GNOME Desktop Interface
Explore YaST, centralized management tool
Install packages using Yast package managerBasic GNU/Linux Skills - Command Line Interface (CLI) - BASH
Introduction to GNOME Terminal
Demonstrate usage of the following useful commands & concepts
ls, pwd, cd, cp, mv, rm, mkdir, rmdir, whoami, man, info
alias, cat, file, chmod, chown, history
Standard in/out, UNIX Pipes, Redirection, Command Chaining
ps, df, free, vmstat, top, kill
less & more, head & tail, diff
which & whereis, w, who
Use grep and cut to process delimited log files
find, locate
tar, gzip/gunzip, bzip2, zcat
Explore Pico text editor
Install and explore Nano text editor
Convert Windows text files to Unix format using dos2unix
Convert Unix text files to Windows format using unix2dosCommon Network Clients
File Transfer Protocol (FTP) client
Install and use LFTP - Sophisticated FTP Client to connect to FTP/HTTP servers
Mirror and reverse mirror using LFTP to synchronize data
Wget - HTTP/HTTPS/FTP connectivity
Explain SSH concepts, implementation, etc.
Use SSH Client to connect to remote Linux Systems using password authentication
Identify key SSH-client files (.known_hosts, public/private key pairs,etc.)
Authenticate to remote Linux systems using alternate credentials
Use Secure Copy Protocol (SCP) to move data between systems non-interactively
Use Secure File Transfer Protocol (SFTP) to move data between systems interactively
Demonstrate how to generate Public/Private key (RSA/DSA) pairs using SSH-Keygen
Demonstrate using SSH to authenticate to remote Linux hosts without passwords
Generate Public Key/Private Key pairs for use with file and E-mail encryption
Demonstrate using E-mail client with GNU Privacy Guard (GPG) Open PGP for E-Mail encryption
Use Remote Desktop to connect to RDP & VNC remote Linux and Windows hosts
Use ping, mtr & arp
Use dig, host, nslookup name resolution clients
NETSTAT
IFCONFIG
top
RPM Package Management Tool Concepts & Usage
Explain classes of SUSE Linux Packages
Query existing packages
Identify offline and online package repositories
Install packages
Upgrade packages
Freshen packages
Remove packages
Identify package membership of files on the SUSE system
Manage Users and Groups & Permissions
User profile implementation logic and concepts - (Bash profile/etc/skel/aliases/PATH/etc.)
User and group creation & management concepts - passwd, shadow, group, gshadow files
Use YaST to create and manage users and groups
SETUID
SETGID - Group collaboration
Sticky Bit
Explore Hard and Symbolic links including across disparate file systems
Paritions, File Systems & Volumes (RAID|LVM)
Provision new paritions with FDISK/Parted/YaST & ReiserFS
Configure RAID 0/1/5/ Volumes
Implement Logical Volume Management (LVM)
Provision additional Swap storage paritions and files
Use MKSWAP & SWAPON to enable additional Swap storage
Identify allocated swap space to the kernel
Committ changes for persistence
Explore System Logging via SYSLOG-NG and Logrotate
Explore Boot log & System Log
Explanation of syslog facilities & levels
Discuss SYSLOG-NG features & enhancements
Demonstrate syslog administration
Enable SYSLOG network listener
Demonstrate Cisco PIX Firewall to SUSE Linux SYSLOG-NG functionality
Explore automatic log rotation and customization via Logrotate
Configure Logrotate to rotate & compress sample log files
Network - Physical & Logical Configuration
Identify key directories & files for static & dynamic communications
Configure Linux client with static TCP/IP parameters for network communication
Explore hotplug -> hwup -> ifup logic
Use ifconfig to ascertain logical TCP/IP configuration
Use hwinfo to ascertain installed hardware
Configure Aliased Ethernet Interfaces to faciliate multiple IP addresses
Implement Network Time Protocol (NTP) Client/Server
Configure Network Time Protocol (NTP) to perform client/server time synchronization
Identify NTP bounded UDP interfaces
Synchronize SUSE Enterprise Linux NTP with RedHat Linux Stratum 2 NTP server
Synchronize against Stratum 1 NTP servers
Dynamic Host Configuration Protocol (DHCP)
Explain DHCP Concepts & Applications
Explore DHCP confiuration files
Configure DHCP subnet with applicable options
Configure DHCP Reservation based on layer-2 address
Enable DHCP with DDNS
Configure DHCP Failover between SUSE and RedHat Linux Servers
Test DHCP Failover with Windows 2003 Host
Domain Name System (DNS)
Explore SUSE DNS configuration via YaST
Configure BIND as a caching-only DNS server
Implement Master DNS Zone
Configure Reverse Zone for local subnet
Implement Dynamic Domain Name System (DDNS) Zones (Forward/Reverse)
Explain DHCP and DNS update integration options
Integrate DHCP with DNS via Encypted Transaction Signatures (TSigs)
Configure Windows 2003 Active Directory to publish DNS Records to SUSE Server
Examine Windows 2003 SRV Records
Configure Master/Slave Zones with RedHat Linux Server
Evaluate results of BIND configuration using DIG & host
Implement DNS sub-domains (Third-level domains)
CRON - System Scheduler
Explore Cron Implementation
Explain scheduling options
Global and scope-based Cron options
Schedules jobs to run & examine the output
Configure individual Crontab entries
Samba Implementation
Implement Linux & Windows Integration via Samba
Explore Samba Configuration files
Implement SMBFS integration with SUSE Enterprise Linux File System
Mount Windows shares seamlessly using Samba File System (SMBFS)
Configure FSTAB to support repetitive mounts
Implement secure SMBFS credentials for mounting
Install Samba Server support
Install Samba Web-based Administration Tool (SWAT)
Configure Samba file sharing
Configure Samba with multiple NETBIOS aliases
Install Active Directory on Windows 2003 Server
Integrate SUSE Ent. 10 Server with Windows Active Directory (AD)
Test Samba-to-Windows integration using 'getent' and authentication
Very Secure VSFTPD File Transfer Protocol (FTP) services
Implement anonymous FTPD
Implement user-level FTPD access
Implement FTPD banners
Disable anonymous access
Configure VSFTPD to chroot jail users into their home directories
Implement bandwidth rate-limiting to control bandwidth usage
Implement & test banning of unwelcomed anonymous e-mail addresses
Implement VSFTPD user with redirect to a Samba share
Network File System (NFS) Implementation
Identify key services/daemons
Configure NFS Client & Server
Evaluate NFS connectivity to other Linux hosts
RSYNC Implementation
Discuss features and benefits
Implement rsync
Confirm results
Apache Web Server Implementation
Discuss Apache server's features and concepts
Examine Apache-SUSE HTTPD CONF hierarchy
Examine various configuration files
Implement Apache Mod Alias and ScriptAlias
Examine user home directories
Discuss the Directory directive
Explore redirects
Configure .htacess file with directives
Implement Basic and digest authentication schemes
Configure IP-based Virtual Hosts
Configure Name-based Virtual Hosts
Explore Apache logging
Implement Apache logging system per virtual host
Webalizer Log Analysis software Implementation
Generate web reports using Webalizer
Implementation of PHP Dynamic Web Access Scripting Engine
Evaluate PHP Dynamic Web Access Scripting Engine installation results
Test basic PHP script-processing using sample scripts
Create and test PHP-form with Apache
MySQL Relational Database Management System
Install MySQL Relational Database Management System
Secure access to MySQL
Explore MySQL monitor shell-based interface
Create sample MySQL databases
Load external data-set from Linux
Load external data-set from Windows
Integrate PHP with MySQL
PHPMyAdmin - MySQL Web-based Management Interface
Install PHPMyAdmin for web-based management of MySQL instances
Explain & Secure access to PHPMyAdmin
Explore PHPMyAdmin's interface
Postfix Message Transfer Agent (MTA)
Introduction to Postfix Message Transfer Agent (MTA)
Explore the directives in the Postfix configuration files
Define default values for the FQDN
Alter myorigin and examine results
Configure Postfix to route messages using a Smarthost
Examine how Postfix delivers mail locally
Configure SMTP Relaying in Postfix
Use Mutt to demonstrate outbound mail handling using Postfix
Define SMTP Virtual domains for hosting multiple DNS domains
Configure Postfix with a production LinuxCBT DNS domain
Examine Virtual domain routing with production and non-production DNS domains
Post Office Protocol Version 3 (POP3)
Explain POP3 concepts and applications
Implement POP3 daemon
Connect to POP3 daemon using Windows 2003 Outlook Express client
Reroute inbound messages using Sendmail to POP3 account for retrieval
Use Mutt to send SMTP-based messages to POP3 account
Internet Messaging Access Protocol (IMAP)
Explain IMAP concepts and applications in comparison to POP3
Implement IMAP services
Connect to IMAP services from remote Windows Outlook Express client
Squirrel-mail Web-based Mail Interface Implementation
Describe required squirrel mail components for web-mail integration
Install squirrel mail on SUSE Enterprise Linux system
Configure Apache virtual directory for squirrel mail integration
Configure Apache Virtual Host for squirrel mail integration
Configure BIND DNS services for squirrel mail integration
Explore squirrel mail's web-based interface
PureFTPD Implementation
Explore configuration & enable service
Test various modes of operation
Xen Virtualization
Discuss features & benefits
Implement Xen with instance of SUSE Ent. 10 Edition
System Audit & Lockdown
Identify tools to perform system audit
Ascertain and document current system state
Close all superflous services
Bind necessary services (daemons) to necessary interfaces and logical addresses
Establish security configuration baseline
XINETD (Enhanced & Secure INETD Super Server Implementation)
Identify key XINETD configuration files
Explain the contents and structure of xinetd.conf
Restrict access to various daemons/services based on hosts & subnets
Lockdown XINETD-controlled services
Configure XINETD to restrict number of spawned instances of daemons/services
Configure XINETD to bind daemons/services to specific sub-interfaces (Virtual IP addresses)
XINETD logging
Explore additional XINETD features
TCP Wrappers concepts & applications
Identify primary package and key TCP Wrappers configuration files
Demonstrate disabled TCP Wrappers configurations by attempting connectivity
Examine pre and post TCP Wrappers configuration effects
Implement TCP Wrappers for common services
Test local & remote access to TCP Wrappers-protected host & services
IPTABLES (Netfilter Linux Kernel-based Firewall)
Discuss IPTABLES/Netfilter Concepts
Explain IPTABLES default chains/filters and policies
Examine TCP/ICMP communications pre-IPTABLES chains
Implement ICMP inbound filtration based on various hosts
Use Cisco PIX Firewall to verify ICMP debugging
Filter traffic based on Layer-4 TCP/UDP (Source/Destination Ports) information
Restrict access to various daemons (SSH/FTP/HTTP/etc.)
Test connectivity locally and remotely (RedHat/Windows/etc.)
Network Mapper (NMAP)
Obtain, compile and install current version of NMAP
Identify commonly used NMAP options/switches/parameters
Perform default TCP SYN-based ethical scans of local and remote resources
Explain typical TCP handshake protocol while using NMAP
Examine the results of scans on remote Cisco firewall with debugging mode enabled
Perform default TCP Connect-based ethical scans of local and remote resources
Examine the results of scans on remote Cisco PIX Firewall with debugging mode enabled
Use NMAP to scan using aliased and spoofed IP addresses
Peform local ethical scans
Identifiy key NMAP configuration files
Use NMAP to perform operating system fingerprinting
Peform subnet-wide ethical scans
Nessus Vulnerability Scanner Implementation
Download & Install Nessus Client & Server
Configure & test credentials
Discuss plug-ins and scopes
Perform vulnerability scans & evaluate results
TCPDump Traffic Capture
Discuss features
Capture data in ASCII & Binary formats
Implement Berkeley Packet Filters (BPFs)
Analyze results
Ethereal Traffic Analysis
Discuss features
Install using YaST
Analyze TCPDump binary file
Rebuild interesting TCP sessions
Snort 2.x Network Intrusion Detection System (NIDS)
Obtain, and install Snort pre-requisites (libpcap/libpcre/etc.)
Obtain, compile and install the Snort Intrusion Detection System (NIDS)
Identify and explain key operating modes (Sniffer/Logger/NIDS)
Explore Snort in network sniffer mode
Explain OSI Model and relevant Snort sniffing options
Explore Snort in ASCII and Binary (TCPDUMP) logging modes
Output Snort logs to ASCII text format and examine the results
Output Snort logs to binary format and examine the results
Implement Snort with BPF to filter traffic
Generate traffic from remote Windows 2003 and Linux hosts
Use Snort with Berkeley Packet Filter (BPF) to parse logs
Implement Snort in NIDS modes
Explore the snort.conf file and discuss rules
Explain Logging and Alerting output options
Perform port-scans from remote Linux systems and analyze Alerts
Configure MySQL with Snort-compliant schema
Configure Snort to log to MySQL
Download & Install BASE web analysis application
Configure BASE to read alerts from MySQL
Evaluate results
HomePage
发布日期: 2015-06-02