Securing and Networking Red Hat Linux — A 4-Day Course

 Open Public Course Closed In-House Course

Synopsis

This highly practical instructor led course is designed to give delegates practical experience in the network, security and performance administration of a Red Hat Linux system. With a strong emphasis on practical hands-on training, this course will teach the essential network, security and performance administrative tasks required on a Red Hat Linux system.

Targeted to closely follow the official Red Hat certification curriculum, this course together with the Using Red Hat Linux and the Administering Red Hat Linux course will enable the delegate to work towards achieving the Red Hat Certified Engineer (RHCE) qualification.

The delegate will have knowledge in all, and practise in some, of the following:

• Configure network interfaces
• Configure the system to be a DHCP server
• Configuring network services
• Use TCP Wrappers to limit service access
• Configure virtual hosting using the Apache web server
• Configure a DNS server
• Share data using the Samba and NFS file sharing systems
• Configure a caching proxy server
• Configure a centralised administrative system using NIS
• Handle mail using the sendmail and postfix programs
• Secure systems using authentication services
• Configure a secure firewall configuration
• Understand and be able to implement data security
• Configure advanced system logging
• Monitor and tune for system performance and activity

Course Objectives

On completion of this course the delegate will have gained practical experience of networking and securing Red Hat Linux systems.

The delegate will also gain the essential knowledge required to study towards the official Red Hat Certified Engineer (RHCE) certification.

Suitable for

• System Administrators and Programmers and other technical IT staff who need to acquire knowledge of the key networking and security tasks required to administer a Linux system.
• Delegates looking to prepare for Red Hat certification status

Prerequisites

• Administration knowledge of the Red Hat Linux operating system to the level covered in the Administering Red Hat Linux course

Publicly scheduled dates, locations, and prices

Contents:

Network Configuration

• Configuring network interfaces
• Controlling network devices:ifup/ifdown/mii-tool/ethtool
• Creating virtual interfaces
• Using DHCP to assign interface parameters
• Routing IP traffic under RedHat Linux
• The RedHat Network (rhn)
• Network diagnosis tools : tcpdump, netstat etc.

Network Services

• Ports and Socket connections
• The xinetd daemon operation
• Controlling xinetd services and access
• Controlling services using chkconfig
• Limiting access to services using TCP wrappers
• The FTP service using vsftpd
• The DHCP service
• Logging and troubleshooting services

The Domain Name System

• The DNS/BIND system under Red Hat Linux
• Name Server hierarchy
• Master/Slave zones
• Reverse lookup zones
• Record types and their syntax
• Name Daemon control utility (rndc)
• Address match lists (acl)
• Sub-domains
• BIND checking utilities

Network File System (NFS)

• NFS operation : daemons, portmapper etc.
• Configuring an NFS server
• NFS share options : /etc/exports
• UID re-mapping
• NFS client operation
• Using the automounter to access NFS mounts

Samba Configuration

• The Samba system
• The Samba services provided
• Samba Daemons and operation
• Configuring Samba : various tools available
• Samba authentication methods
• Samba client tools
• Using smbmount to access Windows shares

HTTP services : Apache/Tux and Squid

• The Apache and Tux web servers
• Apache Server configuration files
• Apache configuration directives
• Virtual host management : name and IP based access
• CGI programs and Apache modules
• Apache Encrypted Web server
• The squid web proxy cache
• Configuring squid
• Configuring client access to squid

Network Integration Service (NIS)

• The NIS System : centralised administration
• NIS Topology
• Master, Slave and client configuration
• Rebuilding NIS Maps
• Password management under NIS
• Troubleshooting your NIS configuration

Electronic Mail

• Sendmail and Postfix
• Mail User, Mail Transport and Mail User Agents
• Sendmail configuration files
• Sendmail configuration with the m4 Macro language
• m4 Macro file
• Debugging sendmail
• Switching to postfix, a sendmail replacement
• Postfix configuration
• Procmail configuration

Security and Authentication Services

• Types of attack usually experienced
• Packet sniffing/attacks : the tools
• System and user security policies
• Authentication services : PAM
• PAM operation
• The core PAM configuration files
• Configuring resource limits & access control through PAM
• Privileged access : sudo
• Authentication troubleshooting

Securing Networks : Firewalls

• Netfilter overview
• Tables and chains
• Packet filtering using iptables
• Rule targets
• Basic chain rules and their operation
• Connection tracking
• Network address translation
• Source and Destination NAT configuration
• RedHat supplied tools for iptables configuration

Data Security

• Encryption methods
• Single key encryption (symmetric)
• Public/private key encryption (asymmetric)
• Certificate encryption and digital signatures
• OpenSSH Overview
• Client and server side configuration of OpenSSH
• Kerberos security

System Monitoring/Performance Management

• System Log files
• Syslogd & klogd configuration
• Advanced syslogd configuration
• Analysing logfiles
• System performance monitoring
• System activity reporting
• Simple process accounting

Customising and Using X Windows

• Windowing System available
• The X windowing system managers
• Configuring using redhat-config and Xfree86
• Customising X start-up
• The X window protocol and X security
• xauth and ssh operation
• The font server