Red Hat Linux Networking & Security Administration Course
Course Description
This course is intended for Network Administrators or other personnel, who are responsible for the configuration, use and support of network services on a Red Hat Linux system. On this course delegates will learn how to utilise TCP/IP network services such as DNS, NIS and DHCP and also how to configure network security on a Red Hat Linux system.
For students studying towards Red Hat Certified Engineer (RHCE) certification this course along with RH133GB (Red Hat Linux System Administration I, II) provide the core knowledge for exam RH302GB (Red Hat Certified Engineer).
For students studying towards Red Hat Certified Engineer (RHCE) certification this course along with RH133GB (Red Hat Linux System Administration I, II) provide the core knowledge for exam RH302GB (Red Hat Certified Engineer).
Course pre-requisites:
Delegates should have solid UNIX or Linux systems administration experience. This knowledge can be gained by attending course RH133GB (Red Hat Linux System Administration I, II).
Topics covered on the 4 day Red Hat Linux Networking & Security Administration course
Domain Name Service
- DNS Features
- Internet DNS Hierarchy
- Zone Authoritative Name Server Hierarchy
- Client-side DNS Operation
- Server-side DNS Operation
- Berkeley Internet Name Domain
- Configuring BIND 8
- Configuration File Basics
- Global Options
- Master Zones
- Slave Zones
- Reverse Lookup Zones
- Special Zones
- BIND 8 Database Files
- Resource Records (RR)
- The Start of Authority (SOA) Record
- The Name Server (NS) Record
- The A, CNAME and PTR Records
- The MX and HINFO Records
- Dividing Up Domains
- Cache Only Name Service
- Round Robin Load Sharing through DNS
- BIND Utilities
Samba
- Overview of Samba
- History
- Services and Servers
- Configuring Samba
- Overview of smb.conf Sections
- Configuring File and Directory Sharing
- Enabling WINS Support
- Printing to the Samba Server
- Authentication Methods
- Configuration Test Tool
- Samba Client Tools: smbclient and nmblookup
- Linux-Exclusive Features: smbmount
- Linux-Exclusive Features: Samba mounts in /etc/fstab
- Encrypted Passwords
Network Information Service
- NIS Overview
- NIS History
- NIS Servers
- NIS Clients
- The /etc/nsswitch.conf File
- Server-side NIS Configuration
- Configuring a Master Server
- Configuring a Slave Server
- Debugging NIS with rpcinfo
- NIS Client-side Basics
- Client-side NIS Configuration
- Client Configuration using authconfig
- Client Tools
- Lightweight Directory Access Protocol (LDAP)
- LDAP Support/Configuration
Mail Delivery with Sendmail
- Sendmail Overview
- Sendmail Features
- Security and "Anti-Spam"
- Email Overview
- Simple Operational Overview
- Configuration Files
- Client Configuration
- Configuration with the m4 Macro Language
- Sendmail m4 Macro File: Introduction
- Sendmail m4 Macro File: Features
- Other Valuable m4 Directives
- Advanced /etc/mail Files
- /etc/mail/virtusertable
- /etc/mail/access
- Blacklisting Recipients
- Debugging sendmail
- Procmail Local Delivery
- Procmail Simple Configuration
Apache
- Apache Overview
- Apache Features
- Apache Server Configuration
- Virtual Hosts
- Namespace Configuration
- Apache Access Configuration
- Using the .htaccess Files
- CGI
- Apache Modules
- Apache Encrypted Web Server
Network Services - FTP, NFS, DHCP and PPP
- File Transfer Protocol (FTP)
- Network File System (NFS)
- File Sharing
- NFS Server
- Client-side NFS
- Red Hat Linux Network Installation Server
- Dynamic Host Configuration Protocol (DHCP)
- Setting-up a DHCP Server
- DHCP Configuration
- Client-side DHCP
- Point-to-Point Protocol (PPP)
- Dialup Servers
- PPP Server Configuration
- Specifying pppd Options
- Restricting PPP Users
Introduction to Security
- Basic Security Implementation
- Definitions of Common Terms
- Common Security Breaches
- Physical Security
- Single User Mode with LILO
- Boot Loader Security with LILO
- Network Security
- Security Policies
- Backup Policies
- Responding to a Break-in
Local User Security
- Securing User Accounts
- Authentication with PAM
- PAM Configuration Files
- PAM Application Configuration
- PAM Central Configuration
- Restricting Root Logins
- Restricting User Login
- Allowing Console Users to Control the System
- Allowing Users Root Privileges
- Monitoring the Local System
Files and File System Security
- SUID and SGID Permissions
- Additional File Modes
- Typical Problematic Permissions
- Cleaning Files and Directories
- Data Integrity with tripwire
Password Security and Encrypted Communications
- The Need for Encryption
- Cryptographic Building Blocks
- Random Numbers
- One-way Hashes
- Symmetric Encryption
- Asymmetric Encryption
- Public Key Infrastructures
- Digital Certificates
- Generating Digital Certificates
- Applications: openssh
- Applications: stunnel
- Display Security
Process Security and System Monitoring
- Monitoring/Limiting Processes
- Monitoring Processes with top
- Monitoring Processes Graphically
- Limiting Processes
- Process Accounting Tools
- Logs to Monitor Processes
Service-Based Security/Firewalls
- Type of Firewalls
- The xinetd Daemon
- TCP Wrappers
- Linux as a Router and Masquerader
- Static and Dynamic Routes
- Firewalls
- Packet Filtering Firewall Tasks
- Compiling the Linux Kernel for Packet Firewalling
- What is ipchains?
- Path of Packets Through the Kernel
- Basic Chain Handling
- Sample ipchains Commands
- Building a Firewall with ipchains
- IP Masquerading
- Enabling Masquerading
Security Tools
- Host Auditing Tools
- Packet Sniffers
- Using tcpdump to Monitor Traffic
- Options for tcpdump
- Network Monitoring Tools
Course Classification:
Technical Training Course
This is an instructor led training course taught in a classroom based environment.
Scheduled course dates
| September 2010 | October 2010 | November 2010 | December 2010 | January 2011 |
| - | - | - | - | - |
View full schedule of RedHat Linux courses
Print / Download PDF Version of full course schedule
If you would prefer to run this course at your premises as you have several employees to place on the course perhaps, then we are also able to offer onsite Linux Training and bespoke Linux courses