Home Classes Facility Classroom Rental Directions Employment Contact Us

Classes > RH253: Red Hat Linux Networking and Security Administration

Goal:
To become a system administrator who can setup a Red Hat Enterprise Linux server and configure common network services and security at a basic level.

Audience:
Linux or UNIX system administrators who already have some real world experience with Red Hat Linux systems administration and want a first course in networking services and security.

Prerequisites:

  • RH133 Red Hat Linux System Administration or equivalent experience with Red Hat Linux
  • LAN/WAN fundamentals or equivalent
  • Internetworking with TCP/IP or equivalent

Price: $2498

Duration: 4 days

Training Units (TUs): 9 TUs

Class Times:

  • Training Start Time: 9:00 a.m.
  • Training End Time: 4:30-5:00PM (depending on class progress)

Prepares for: RH300 RHCE Training and Certification Course (5-day)

Includes:

  • 4 days intensive training on Red Hat Enterprise Linux 5
  • Hands-on labs and exercises
  • One workstation per student!
  • Student materials, pre-assessment questionnaire, study aids, handouts
  • Red Hat promotional items!

All other expenses of travel and per diem are the student's responsibility.
Upcoming RH253 Classes
08/09: Halifax, NS
08/09: San Francisco, CA
08/09: Minneapolis, MN
08/09: New York (Red Hat Facility), NY
08/09: Orlando, FL
08/16: Austin, TX
08/16: Raleigh, NC
08/16: Phoenix, AZ
08/16: Norfolk, VA
08/16: Kirkland (Seattle), WA
08/23: McLean- Tysons Corner DC, VA
10/18: Bountiful (Salt Lake City), UT
Sign up soon; class space is limited.
To enroll call 1-888-708-1112, use the links above, or send us an email.

What you will learn:

UNIT 1 - System Performance and Security

  • System Resources as Services
  • Security in Principle
  • Security in Practice
  • Security Policy: the People
  • Secuirty Policy: the System
  • Response Strategies
  • System Faults and Breaches
  • Method of Fault Analysis
  • Fault Analysis: Hypothesis
  • Falut Analysis: Gathering Data
  • Benefits of System Monitoring
  • Network Monitoring Utilities
  • Networking, a Local View
  • Networking, a Remove View
  • File System Analysis
  • Typical Problematic permissions
  • Monitoring Processes
  • Process Monitoring Utilities
  • System Activity Reporting
  • Managing Processes by Account
  • System Log files
  • syslogd and klogd Configuration
  • Log File Analysis
  • Virtualization with Xen
  • Xen Domains
  • Xen Configuration
  • Domain Management with xm
  • Hands-On Lab: Inspecting Your System
  • Hands-On Lab: Introduction to Xen Tools
  • Hands-On Lab: Monitoring TCP/IP Ports
  • Hands-On Lab: Logging to a Centralized Host

UNIT 2 - System Service Access Controls

  • System Resources Managed by init
  • System Initialization and Service Management
  • chkconfig
  • Initialization Script Management
  • The /etc/sysconfig/ Files
  • xinetd Managed Services
  • xinetd Default Controls
  • xinetd Access Controls
  • Host Pattern Access Controls
  • Service and Application Access Controls
  • tcp_wrappers Configuration
  • Daemon Specification
  • Client Specification
  • Macro Definitions
  • Extended Options
  • tcp_wrappers Example
  • xinetd and tcp_wrappers
  • SELinux
  • SELinux Security Context
  • SELinux Targeted Policy
  • SELinux Management
  • SELinux semanage
  • SELinux File Types
  • Hands-On Lab: Controlling Access with TCP Wrappers

UNIT 3 - Securing Data

  • The Need for Encryption
  • Cryptographic Building Blocks
  • Random Number Generator
  • One-Way Hashes
  • Symmetric Encryption
  • Asymmetic Encrpytion
  • Public Key Infrastructures
  • Digital Certificates
  • Generating Digital Certificates
  • OpenSSH Overview
  • OpenSSH Authentication
  • The OpenSSH Server
  • Service Profile: SSH
  • OpenSSH Server Configuration
  • The OpenSSH Client
  • Port Forwarding
  • Managing Keys
  • Applications: RPM
  • Hands-On Lab: Using SSH Keys with no Passphrase
  • Hands-On Lab: Using SSH Keys with a Passphrase
  • Hands-On Lab: Using an SSH Tunnel

UNIT 4 - Network Resource Access Controls

  • Routing
  • Why IPv6?
  • IPv6 on Red Hat Enterprise Linux
  • tcp_wrappers and IPv6
  • Netfilter Overview
  • Netfilter Tables and Chains
  • Netfilter Packet Flow
  • Rule Matching
  • Rule Targets
  • Basic Chain Operations
  • Common Match Criteria
  • Additional Chain Operations
  • Rules: General Considerations
  • Connection Tracking
  • Network Address Translation (NAT)
  • DNAT Examples
  • SNAT Examples
  • Rules Persistence
  • Sample /etc/sysconfig/iptables
  • Managing iptables Remotely
  • IPv6 and ip6tables
  • Hands-On Lab: Configuring a Basic IPv4 Firewall

UNIT 5 - Organizing Networked Systems

  • Host Name Resolution
  • The Stub Resolver
  • DNS-Specific Resolvers
  • Trace a DNS Query with dig
  • Other Observations
  • Forward Lookups
  • Reverse Lookups
  • Mail Exchange Lookups
  • SOA Lookups
  • SOA rdata
  • Being Authoritative
  • The Everything Lookup
  • Exploring DNS with host
  • Transitioning to the Server
  • Service Profile: DNS
  • Access Control Profile: BIND
  • Getting Started with BIND
  • Essential named Configuration
  • Configure the Stub Resolver
  • bind-chroot Package
  • caching-nameserver Package
  • Address Match List
  • Access Control List (ACL)
  • Built-In ACL's
  • Server Interfaces
  • Allowing Queries
  • Allowing Recursion
  • Allowing Transfers
  • Modifying BIND Behavior
  • Access Controls: Putting it Together
  • Slave Zone Declaration
  • Master Zone Declaration
  • Zone File Creation
  • Tips for Zone Files
  • Testing
  • BIND Syntax Utilities
  • Advanced BIND Topics
  • Remote Name Daemon Control (rndc)
  • Delegating Subdomains
  • Views and Split DNS
  • DHCP Overview
  • Service Profile: DHCP
  • Configuring an IPv4 DHCP Server
  • Hands-On Lab: Implementing a Minimal DNS Server
  • Hands-On Lab: Add Data to the Name Server
  • Hands-On Lab: Add Slave DNS Capabilities
  • Hands-On Lab: Cleaning Up

UNIT 6 - Network File Sharing Services

  • File Transfer Protocol (FTP)
  • Service Profile: FTP
  • Network File Service (NFS)
  • Service Profile: NFS
  • Port Options for the Firewall
  • NFS Server
  • NFS Utilities
  • Client-Side NFS
  • Samba Services
  • Service Profile: SMB
  • Configuring Samba
  • Overview of smb.conf Sections
  • Configuring File and Directory Sharing
  • Printing to the Samba Server
  • Authentication Methods
  • Passwords
  • Samba Syntax Utility
  • Samba Client Tools: smbclient
  • Samba Client Tools: nmblookup
  • Samba Client Tools: mounts
  • Samba Mounts in /etc/fstab
  • Hands-On Lab: Implementing File Transfer Protocol (FTP) Services
  • Hands-On Lab: Implementing Network File Sharing (NFS) Services
  • Hands-On Lab: Implementing a Samba (CIFS) Server
  • Hands-On Lab: Providing Access to a Group Directory

UNIT 7 - Web Services

  • Apache Overview
  • Service Profile: HTTPD
  • Apache Configuration
  • Apached Server Configuration
  • Apache Namespace Configuration
  • Virtual Hosts
  • <directory> Statements
  • Apache Access Configuration
  • Apache Syntax Utilities
  • Using .htaccess Files
  • .htaccess Advanced Example
  • CGI
  • Notable Apache Modules
  • Apache Encrypted Web Server
  • Squid Web Proxy Cache
  • Service Profile: Squid
  • Useful Parameters in /etc/squi/squid.conf
  • Hands-On Lab: Web Server Installation and Basic Configuration
  • Hands-On Lab: Using CGI
  • Hands-On Challenge Lab: Securing Access to Your Web Site Documents
  • Hands-On Lab: Basic Squid (ICP) Implementation

UNIT 8 - Electronic Mail Services

  • Essential Email Operation
  • Simple Mail Transport Protocol (SMTP)
  • Mail Transport Agents (MTAs)
  • Service Profile: Sendmail
  • Intro to Sendmail Configuration
  • Incomign Sendmail Configuration
  • Outgoing Sendmail Configuration
  • Inbound Sendmail Aliases
  • Outbound Address Rewriting
  • Sendmail SMTP Restrictions
  • Sendmail Operation
  • Using alternatives to Switch MTAs
  • Service Profile: Postfix
  • Intro to Postfix Configuration
  • Incoming Postfix Configuration
  • Outgoing Postfix Configuration
  • Inbound Postfix Aliases
  • Outbound Address Rewriting
  • Postfix SMTP Restrictions
  • Postfix Operation
  • Procmail, A Mail Delivery Agent (MDA)
  • Procmail and Access Controls
  • Intro to Procmail Configuration
  • Sample Procmail Recipe
  • Mail Retrieval Protocols
  • Service Profile: Dovecot
  • Dovecot Configuration
  • Verifying POP Operation
  • Verifying IMAP Operation
  • Hands-On Lab: Dovecot Setup
  • Hands-On Lab: Initial MTA Setup
  • Hands-On Lab: Configuring the MTA to Receive Mail
  • Hands-On Challenge Lab: Allowing Mail Relays
  • Hands-On Lab: User-Based Settings
  • Hands-On Lab: Procmail

UNIT 9 - Account Management

  • User Accounts
  • Account Information (Name Service)
  • Name Service Switch (NSS)
  • getent
  • Authentication
  • Pluggable Authentication Modules (PAM)
  • PAM Operation
  • /etc/pam.d/ Files: Tests
  • /etc/pam.d/ Files: Control Values
  • Example: /etc/pam.d/login File
  • The system-auth File
  • pam_unix.so
  • Network Authentication
  • auth Modules
  • Password Security
  • Password Policy
  • session Modules
  • Utilities and Authentication
  • PAM Troubleshooting
  • Hands-On Lab: Restrict Authentication by Group
  • Hands-On Lab: Track Failed Login Attempts


HOME  |  CLASSES  |  FACILITY  |  CLASSROOM RENTAL  |  DIRECTIONS  |  EMPLOYMENT  |  CONTACT US

© Technical Training Resources - All Rights Reserved