CG数据库 >> LinuxCBT SLES-10 Edition

LinuxCBT SLES-10 Edition的图片1

LinuxCBT SLES-10 Edition

English | .MOV | aac, 44100 Hz, stereo | h264, yuv420p, 750x334, 5.00 fps | 3.94GB

Genre: E-learning

Network-based (HTTP & SSH) Installations

Enable Apache HTTPD on Installation server

Configure SUSE Ent. 10 Server as an HTTP Installation source with Apache

Discuss system requirements

Install SUSE Ent. 10 Server via HTTP

Confirm resultsGrand Unified Boot Loader (GRUB) & System V Linux Runlevel implementation

Explore GRUB configuration

Explain SUSE Linux System V Init Runlevel (0 - 6) concepts & applications

Identify key startup files, including scripts (inittab,Sscripts,Kscripts,etc.)GNOME & YaST

Explore the GNOME Desktop Interface

Explore YaST, centralized management tool

Install packages using Yast package managerBasic GNU/Linux Skills - Command Line Interface (CLI) - BASH

Introduction to GNOME Terminal

Demonstrate usage of the following useful commands & concepts

ls, pwd, cd, cp, mv, rm, mkdir, rmdir, whoami, man, info

alias, cat, file, chmod, chown, history

Standard in/out, UNIX Pipes, Redirection, Command Chaining

ps, df, free, vmstat, top, kill

less & more, head & tail, diff

which & whereis, w, who

Use grep and cut to process delimited log files

find, locate

tar, gzip/gunzip, bzip2, zcat

Explore Pico text editor

Install and explore Nano text editor

Convert Windows text files to Unix format using dos2unix

Convert Unix text files to Windows format using unix2dosCommon Network Clients

File Transfer Protocol (FTP) client

Install and use LFTP - Sophisticated FTP Client to connect to FTP/HTTP servers

Mirror and reverse mirror using LFTP to synchronize data

Wget - HTTP/HTTPS/FTP connectivity

Explain SSH concepts, implementation, etc.

Use SSH Client to connect to remote Linux Systems using password authentication

Identify key SSH-client files (.known_hosts, public/private key pairs,etc.)

Authenticate to remote Linux systems using alternate credentials

Use Secure Copy Protocol (SCP) to move data between systems non-interactively

Use Secure File Transfer Protocol (SFTP) to move data between systems interactively

Demonstrate how to generate Public/Private key (RSA/DSA) pairs using SSH-Keygen

Demonstrate using SSH to authenticate to remote Linux hosts without passwords

Generate Public Key/Private Key pairs for use with file and E-mail encryption

Demonstrate using E-mail client with GNU Privacy Guard (GPG) Open PGP for E-Mail encryption

Use Remote Desktop to connect to RDP & VNC remote Linux and Windows hosts

Use ping, mtr & arp

Use dig, host, nslookup name resolution clients

NETSTAT

IFCONFIG

top

RPM Package Management Tool Concepts & Usage

Explain classes of SUSE Linux Packages

Query existing packages

Identify offline and online package repositories

Install packages

Upgrade packages

Freshen packages

Remove packages

Identify package membership of files on the SUSE system

Manage Users and Groups & Permissions

User profile implementation logic and concepts - (Bash profile/etc/skel/aliases/PATH/etc.)

User and group creation & management concepts - passwd, shadow, group, gshadow files

Use YaST to create and manage users and groups

SETUID

SETGID - Group collaboration

Sticky Bit

Explore Hard and Symbolic links including across disparate file systems

Paritions, File Systems & Volumes (RAID|LVM)

Provision new paritions with FDISK/Parted/YaST & ReiserFS

Configure RAID 0/1/5/ Volumes

Implement Logical Volume Management (LVM)

Provision additional Swap storage paritions and files

Use MKSWAP & SWAPON to enable additional Swap storage

Identify allocated swap space to the kernel

Committ changes for persistence

Explore System Logging via SYSLOG-NG and Logrotate

Explore Boot log & System Log

Explanation of syslog facilities & levels

Discuss SYSLOG-NG features & enhancements

Demonstrate syslog administration

Enable SYSLOG network listener

Demonstrate Cisco PIX Firewall to SUSE Linux SYSLOG-NG functionality

Explore automatic log rotation and customization via Logrotate

Configure Logrotate to rotate & compress sample log files

Network - Physical & Logical Configuration

Identify key directories & files for static & dynamic communications

Configure Linux client with static TCP/IP parameters for network communication

Explore hotplug -> hwup -> ifup logic

Use ifconfig to ascertain logical TCP/IP configuration

Use hwinfo to ascertain installed hardware

Configure Aliased Ethernet Interfaces to faciliate multiple IP addresses

Implement Network Time Protocol (NTP) Client/Server

Configure Network Time Protocol (NTP) to perform client/server time synchronization

Identify NTP bounded UDP interfaces

Synchronize SUSE Enterprise Linux NTP with RedHat Linux Stratum 2 NTP server

Synchronize against Stratum 1 NTP servers

Dynamic Host Configuration Protocol (DHCP)

Explain DHCP Concepts & Applications

Explore DHCP confiuration files

Configure DHCP subnet with applicable options

Configure DHCP Reservation based on layer-2 address

Enable DHCP with DDNS

Configure DHCP Failover between SUSE and RedHat Linux Servers

Test DHCP Failover with Windows 2003 Host

Domain Name System (DNS)

Explore SUSE DNS configuration via YaST

Configure BIND as a caching-only DNS server

Implement Master DNS Zone

Configure Reverse Zone for local subnet

Implement Dynamic Domain Name System (DDNS) Zones (Forward/Reverse)

Explain DHCP and DNS update integration options

Integrate DHCP with DNS via Encypted Transaction Signatures (TSigs)

Configure Windows 2003 Active Directory to publish DNS Records to SUSE Server

Examine Windows 2003 SRV Records

Configure Master/Slave Zones with RedHat Linux Server

Evaluate results of BIND configuration using DIG & host

Implement DNS sub-domains (Third-level domains)

CRON - System Scheduler

Explore Cron Implementation

Explain scheduling options

Global and scope-based Cron options

Schedules jobs to run & examine the output

Configure individual Crontab entries

Samba Implementation

Implement Linux & Windows Integration via Samba

Explore Samba Configuration files

Implement SMBFS integration with SUSE Enterprise Linux File System

Mount Windows shares seamlessly using Samba File System (SMBFS)

Configure FSTAB to support repetitive mounts

Implement secure SMBFS credentials for mounting

Install Samba Server support

Install Samba Web-based Administration Tool (SWAT)

Configure Samba file sharing

Configure Samba with multiple NETBIOS aliases

Install Active Directory on Windows 2003 Server

Integrate SUSE Ent. 10 Server with Windows Active Directory (AD)

Test Samba-to-Windows integration using 'getent' and authentication

Very Secure VSFTPD File Transfer Protocol (FTP) services

Implement anonymous FTPD

Implement user-level FTPD access

Implement FTPD banners

Disable anonymous access

Configure VSFTPD to chroot jail users into their home directories

Implement bandwidth rate-limiting to control bandwidth usage

Implement & test banning of unwelcomed anonymous e-mail addresses

Implement VSFTPD user with redirect to a Samba share

Network File System (NFS) Implementation

Identify key services/daemons

Configure NFS Client & Server

Evaluate NFS connectivity to other Linux hosts

RSYNC Implementation

Discuss features and benefits

Implement rsync

Confirm results

Apache Web Server Implementation

Discuss Apache server's features and concepts

Examine Apache-SUSE HTTPD CONF hierarchy

Examine various configuration files

Implement Apache Mod Alias and ScriptAlias

Examine user home directories

Discuss the Directory directive

Explore redirects

Configure .htacess file with directives

Implement Basic and digest authentication schemes

Configure IP-based Virtual Hosts

Configure Name-based Virtual Hosts

Explore Apache logging

Implement Apache logging system per virtual host

Webalizer Log Analysis software Implementation

Generate web reports using Webalizer

Implementation of PHP Dynamic Web Access Scripting Engine

Evaluate PHP Dynamic Web Access Scripting Engine installation results

Test basic PHP script-processing using sample scripts

Create and test PHP-form with Apache

MySQL Relational Database Management System

Install MySQL Relational Database Management System

Secure access to MySQL

Explore MySQL monitor shell-based interface

Create sample MySQL databases

Load external data-set from Linux

Load external data-set from Windows

Integrate PHP with MySQL

PHPMyAdmin - MySQL Web-based Management Interface

Install PHPMyAdmin for web-based management of MySQL instances

Explain & Secure access to PHPMyAdmin

Explore PHPMyAdmin's interface

Postfix Message Transfer Agent (MTA)

Introduction to Postfix Message Transfer Agent (MTA)

Explore the directives in the Postfix configuration files

Define default values for the FQDN

Alter myorigin and examine results

Configure Postfix to route messages using a Smarthost

Examine how Postfix delivers mail locally

Configure SMTP Relaying in Postfix

Use Mutt to demonstrate outbound mail handling using Postfix

Define SMTP Virtual domains for hosting multiple DNS domains

Configure Postfix with a production LinuxCBT DNS domain

Examine Virtual domain routing with production and non-production DNS domains

Post Office Protocol Version 3 (POP3)

Explain POP3 concepts and applications

Implement POP3 daemon

Connect to POP3 daemon using Windows 2003 Outlook Express client

Reroute inbound messages using Sendmail to POP3 account for retrieval

Use Mutt to send SMTP-based messages to POP3 account

Internet Messaging Access Protocol (IMAP)

Explain IMAP concepts and applications in comparison to POP3

Implement IMAP services

Connect to IMAP services from remote Windows Outlook Express client

Squirrel-mail Web-based Mail Interface Implementation

Describe required squirrel mail components for web-mail integration

Install squirrel mail on SUSE Enterprise Linux system

Configure Apache virtual directory for squirrel mail integration

Configure Apache Virtual Host for squirrel mail integration

Configure BIND DNS services for squirrel mail integration

Explore squirrel mail's web-based interface

PureFTPD Implementation

Explore configuration & enable service

Test various modes of operation

Xen Virtualization

Discuss features & benefits

Implement Xen with instance of SUSE Ent. 10 Edition

System Audit & Lockdown

Identify tools to perform system audit

Ascertain and document current system state

Close all superflous services

Bind necessary services (daemons) to necessary interfaces and logical addresses

Establish security configuration baseline

XINETD (Enhanced & Secure INETD Super Server Implementation)

Identify key XINETD configuration files

Explain the contents and structure of xinetd.conf

Restrict access to various daemons/services based on hosts & subnets

Lockdown XINETD-controlled services

Configure XINETD to restrict number of spawned instances of daemons/services

Configure XINETD to bind daemons/services to specific sub-interfaces (Virtual IP addresses)

XINETD logging

Explore additional XINETD features

TCP Wrappers concepts & applications

Identify primary package and key TCP Wrappers configuration files

Demonstrate disabled TCP Wrappers configurations by attempting connectivity

Examine pre and post TCP Wrappers configuration effects

Implement TCP Wrappers for common services

Test local & remote access to TCP Wrappers-protected host & services

IPTABLES (Netfilter Linux Kernel-based Firewall)

Discuss IPTABLES/Netfilter Concepts

Explain IPTABLES default chains/filters and policies

Examine TCP/ICMP communications pre-IPTABLES chains

Implement ICMP inbound filtration based on various hosts

Use Cisco PIX Firewall to verify ICMP debugging

Filter traffic based on Layer-4 TCP/UDP (Source/Destination Ports) information

Restrict access to various daemons (SSH/FTP/HTTP/etc.)

Test connectivity locally and remotely (RedHat/Windows/etc.)

Network Mapper (NMAP)

Obtain, compile and install current version of NMAP

Identify commonly used NMAP options/switches/parameters

Perform default TCP SYN-based ethical scans of local and remote resources

Explain typical TCP handshake protocol while using NMAP

Examine the results of scans on remote Cisco firewall with debugging mode enabled

Perform default TCP Connect-based ethical scans of local and remote resources

Examine the results of scans on remote Cisco PIX Firewall with debugging mode enabled

Use NMAP to scan using aliased and spoofed IP addresses

Peform local ethical scans

Identifiy key NMAP configuration files

Use NMAP to perform operating system fingerprinting

Peform subnet-wide ethical scans

Nessus Vulnerability Scanner Implementation

Download & Install Nessus Client & Server

Configure & test credentials

Discuss plug-ins and scopes

Perform vulnerability scans & evaluate results

TCPDump Traffic Capture

Discuss features

Capture data in ASCII & Binary formats

Implement Berkeley Packet Filters (BPFs)

Analyze results

Ethereal Traffic Analysis

Discuss features

Install using YaST

Analyze TCPDump binary file

Rebuild interesting TCP sessions

Snort 2.x Network Intrusion Detection System (NIDS)

Obtain, and install Snort pre-requisites (libpcap/libpcre/etc.)

Obtain, compile and install the Snort Intrusion Detection System (NIDS)

Identify and explain key operating modes (Sniffer/Logger/NIDS)

Explore Snort in network sniffer mode

Explain OSI Model and relevant Snort sniffing options

Explore Snort in ASCII and Binary (TCPDUMP) logging modes

Output Snort logs to ASCII text format and examine the results

Output Snort logs to binary format and examine the results

Implement Snort with BPF to filter traffic

Generate traffic from remote Windows 2003 and Linux hosts

Use Snort with Berkeley Packet Filter (BPF) to parse logs

Implement Snort in NIDS modes

Explore the snort.conf file and discuss rules

Explain Logging and Alerting output options

Perform port-scans from remote Linux systems and analyze Alerts

Configure MySQL with Snort-compliant schema

Configure Snort to log to MySQL

Download & Install BASE web analysis application

Configure BASE to read alerts from MySQL

Evaluate results

HomePage

LinuxCBT SLES-10 Edition的图片2

发布日期: 2015-06-02