LinuxComputerBasedTraining – LinuxCBT Security Edition
Genre: E-Learning
Overview: LinuxCBT feat. SUSE 10 Enterprise Edition focuses exclusively on enterprise SUSE 10 Linux operating system. LinuxCBT feat. SUSE 10 Enterprise Edition, is unparalleled in content, depth and expertise. LinuxCBT feat. SUSE 10 Enterprise Edition prepares you or your organization to successfully deploy and manage business-critical SUSE Enterprise Server 10 based solutions. Let LinuxCBT feat. SUSE 10 Enterprise Edition teach you SUSE Linux Enterprise 10 skills!
Recommended prerequisites:
open mind and determination to master Linux and open source applications
Basic MS Windows skills
Basic knowledge of networking concepts
Access to a spare Pc to perform all the installations and exercises
Installation and general use – Module 1
Network-based (HTTP and SSH) Installations
Enable Apache HTTPD server installation
Configure SUSE Ent. Server 1910 as installation source Apache HTTP
Discuss system requirements
Install SUSE Ent. 1910 Server via HTTP
Confirm the results
Grand Unified Boot Loader (GRUB) and System V Linux Runlevel implementation
Discover GRUB configuration
Explain SUSE Linux System V init runlevels (0-6) Concepts and Applications
Identify key startup files, including scripts (inittab, Sscripts, Kscripts, etc.)
GNOME & YaST
Discover the GNOME desktop interface
Discover YaST, the centralized management tool
Install packages using Yast package manager
Basic GNU / Linux skills – the command line interface (CLI) – BASH
Introduction to GNOME Terminal
Demonstrate the use of commands and concepts useful
ls, pwd, cd, cp, mv, rm, mkdir, rmdir, whoami, man, info
alias, cat, file, chmod, chown, history
Standard in / out, UNIX Pipes, Redirection, Command Chaining
ps, df, free, vmstat, top, kill
head less and more, and tail, diff
who & whereis, w, which
Use grep and cut to process delimited log files
find, locate
tar, gzip / gunzip, bzip2, zcat
Explore Pico text editor
Install and explore Nano text editor
Convert text files to Unix format using dos2unix Windows
Convert text files to Unix format using Windows unix2dos
Customers of the joint network
File Transfer Protocol (FTP)
Install and use lftp – Sophisticated FTP Client to Connect to FTP / HTTP servers
Mirror and reverse mirror using LFTP to synchronize data
Wget – HTTP / HTTPS / FTP connectivity
Explain SSH concepts, implementation, etc.
Use SSH client to connect to remote Linux systems using password authentication
Identify key SSH-client files (. Known_hosts, public / private key pairs, etc.)
Remote authentication on Linux systems using other references
Use Secure Copy Protocol (SCP) to move data between systems non-interactive
Use Secure File Transfer Protocol (SFTP) to move data between systems interactively
Demonstrate how to generate public / private key (RSA / DSA) pairs using ssh-keygen
Demonstrate using SSH to authenticate to remote Linux hosts without passwords
Generate public key / private key pairs for use with files and email encryption
Demonstrate customer using E-mail with GNU Privacy Guard (GPG) Open PGP for encryption E-Mail
Use Remote Desktop to connect to remote VNC and RDP Linux and Windows hosts
Use ping, arp mtr &
Use dig, host, nslookup client name resolution
NETSTAT
IFCONFIG
top
Systems Managment & Configuration - Module 2
Management concepts RPMs & Tool use
Explain classes SUSE Linux Packages
Application packages
Identify the package repositories online and offline
Install packages
Upgrade
Refresh Packages
Remove all packages
Identify members pack files on the SUSE system
Manage Users and Groups and Permissions
User profile implementation logic and concepts – (Bash profile / etc / skel / aliases / PATH / etc)
concepts of creating user and group management – passwd, shadow, group, gshadow
Use YaST to create and manage users and groups
SUID
SETGID – Collaboration Group
Sticky Bit
Explore Boot log & System Log
Explanation of syslog facilities and levels
Discuss features and enhancements SYSLOG-NG
Explore the symbolic and physical links, including in disparate file systems
Filesystem partitions, and volumes (RAID | LVM)
paritions new arrangements with FDISK / Parted / YaST and ReiserFS
Configure RAID 0/1/5 / Volumes
Implement Logical Volume Management (LVM)
Demonstrate syslog administration
Enable SYSLOG network listener
Additional provision apparitions of storing and exchanging files
Use mkswap and swapon to enable additional Swap storage
Identify the swap space allocated to the kernel
Committ changes to the persistence
Discover system via syslog-ng and logrotate
Demonstrate Cisco PIX Firewall to SUSE Linux SYSLOG-NG feature
Explore automatic log rotation and customization via Logrotate
Configure logrotate rotate and compress sample log files
top
Core Networking Services - Module 3
Network – Physical and Logical Configuration
Identify NTP bounded UDP interfaces
Synchronize SUSE Linux Enterprise NTP with RedHat Linux Stratum 2 NTP server
Synchronize against Stratum 1 NTP servers
Dynamic Host Configuration Protocol (DHCP)
Use ifconfig to ascertain logical TCP / IP
Identify key directories and files for static and dynamic communications
Configure Linux client static TCP / IP for network communication
Explore hotplug – hwup] – ifup logic]
Implement Network Time Protocol (NTP) Client / Server
Configure Network Time Protocol (NTP) to perform client / server time synchronization
Use hwinfo checking equipment installed
Configure an alias Ethernet Interfaces to facilitate multiple IP addresses
Explain DHCP Concepts & Applications
Explore files confiuration DHCP
Configure DHCP subnet with applicable options
Configure BIND as a caching-only DNS server
Implement Master DNS Zone
Configure DHCP Reservation based on layer-2 address
Domain Name System (DNS)
Discover SUSE DNS configuration via YaST
Enable DHCP with DDNS
Configure DHCP Failover between SUSE and RedHat Linux Servers
Test DHCP Failover with Windows 2003 Host
Explain scheduling options
Configure zones Master / Slave with RedHat Linux Server
Integrate DHCP with DNS via Encypted Transaction Signatures (TSIG)
Configure Reverse zone for local subnet
Implement Dynamic Domain Name System (DDNS) Zones (front / rear)
Explain DHCP and DNS integration options updated
CRON – System Scheduler
Implementation Cron Explorer
Configure Windows 2003 Active Directory to publish DNS Records to SUSE Server
Examine Windows 2003 SRV
Implement DNS sub-domains (third-level domains)
Evaluate results of BIND configuration using DIG & Hospitality
Configure fstab to support repetitive mounts
Implement secure credentials for mounting SMBFS
Configure individual Crontab entries
And global-based Cron options
Schedules jobs to run and examine the output
Implement SMBFS integration with SUSE Enterprise Linux File System
Mount Windows shares seamlessly using Samba File System (smbfs)
Samba Implementation
Linux Integration Implement and Windows via Samba
Explore Samba Configuration files
Integrate SUSE Ent. Windows Server 1910 Active Directory (AD)
Test Samba to integrate Windows using ‘‘getent and authentication
Install Samba Server support
Install Samba Web Administration Tool (SWAT)
Configure Samba file sharing
Implement and test ban unwelcome e-mail anonymously
Implement anonymous FTPD
Implement vsftpd user redirect to a Samba share
Vsftpd Very Secure File Transfer Protocol (FTP) services
Disable Anonymous Access
Configure vsftpd chroot jail users into their directories
Implement bandwidth limiting to control bandwidth usage
Network File System (NFS) Implementation
Configure Samba with multiple NETBIOS aliases
Install Active Directory on Windows 2003 Server
Implement user-level FTPD access
Implement FTPD banners
Identify key services / daemons
Configure NFS Client and Server
Evaluate NFS connectivity to other Linux hosts
RSYNC Implementation
Discuss the features and benefits
Implement rsync
Confirm the results
top
Linux Apache MySQL PHP (LAMP) - Messaging - PureFTPD - Module 4
Examine Apache-SUSE HTTPD CONF hierarchy
Examine various configuration files
Implement Apache Mod Alias And ScriptAlias
The implementation of the Apache Web server
Discuss Apache server features and concepts
Test basic PHP script-processing sample scripts to help
Create and test PHP-form with Apache
Discuss Directive Directory
Webalizer Log Analysis software Implementation
Generate web reports using Webalizer
MySQL relational database
Examine user home directories
Discover redirects
Configure. htacess file with instructions
Implement Basic and digest authentication schemes
Configure virtual server IP
Configure the virtual server name
Implementation of PHP Dynamic Web Access Scripting Engine
Evaluate PHP Dynamic Web Access Scripting Engine installation results
Installing MySQL relational database
Secure access to MySQL
Explore Apache logging
Implement Apache logging system virtual host
Discover the MySQL monitor interface based on the shell
Create sample MySQL databases
Load external data-set from Linux
Load external data-set from Windows
Integrating PHP with MySQL
PHPMyAdmin – MySQL Web-based Management Interface
Install PHPMyAdmin for web-based management of MySQL instances
Explain and secure access to PHPMyAdmin
Explore PHPMyAdmin’s interface
Message Transfer Agent Postfix (MTA)
Introduction to Postfix Message Transfer Agent (MTA)
Explore the directives in the Postfix configuration files
Set the default values For the FQDN
myorigin Alter and examine the results
Configure Postfix to route messages using a smarthost
Examine how Postfix delivers mail locally
Configure SMTP Relay in Postfix
Use Mutt to demonstrate outbound mail handling with Postfix
Define SMTP Virtual domains for hosting multiple DNS domains
Configure Postfix with a production LinuxCBT DNS domain
Examine Virtual domain routing with DNS non-production areas of production and
Post Office Protocol version 3 (POP3)
Explain the concepts and applications POP3
Implement POP3 daemon
Connect to POP3 daemon using Windows 2003 Outlook Express client
Reroute inbound messages using Sendmail to POP3 account for retrieval
Use mutt to send mail SMTP POP3 account
Internet Protocol (IMAP)
Explain the concepts and applications in relation to POP3 IMAP
Implement IMAP services
Connect to IMAP services from remote Windows Outlook Express client
Squirrel-mail Web-based Mail Interface Implementation
Describe the components required for integration squirrel mail web mail
Install squirrel mail on SUSE Linux Enterprise
Configure Apache virtual directory for squirrel mail integration
Configure Apache Virtual Host for squirrel mail integration
Configure BIND DNS services for squirrel mail integration
Explore squirrel mail web interface
PureFTPd implementation
Discover configuration and activate the service
Different test modes
Xen Virtualization
Discuss features and benefits
Implement Xen instance with SUSE Ent. Edition 1910
top
Security Implementation Techniques - Module 5
System Audit and Lockdown
Identify tools to perform system verification
Check system status and the current document
Close all unnecessary services
Configures xinetd to bind daemons / services to sub-interfaces (Virtual IP)
XINETD logging
Discover more features XINETD
TCP Wrappers concepts and applications
Identify primary package and key configuration files for TCP Wrappers
Demonstrate disabled TCP Wrappers configurations by attempting connectivity
Examine before and after the effects of configuring TCP Wrappers
Implement TCP Wrappers for common services
Test the local and remote access to host-protected TCP Wrappers and services
bind the necessary services (daemons) for the necessary interfaces and logical addresses
Establish baseline security configuration
XINETD (Enhanced & Secure Application Server INETD Super)
Identify key configuration files xinetd
Explain the content and structure of xinetd.conf
Restrict access to various daemons / services based on hosts and subnets
Lockdown services controlled by xinetd
Configure xinetd to restrict number of cases has led to demons / services
IPTABLES (Netfilter Linux Kernel-based Firewall)
Discuss IPTABLES / Netfilter Concepts
Explain the default iptables chains / filters and policies
Examine TCP / ICMP pre-IPTABLES chains
Implement ICMP inbound filtration based on various hosts
Use Cisco PIX Firewall to verify ICMP debugging
Filter traffic based on layer-4 TCP / UDP (Source / Destination Ports) information
Restrict access to various daemons (SSH / FTP / HTTP / etc)
Test connectivity locally and remotely (RedHat / Windows / etc)
Obtain, compile and install the current version of NMAP
Identify commonly used NMAP options / switches / parameters
Perform default TCP SYN-based ethical analysis of local and remote resources
Explain typical TCP protocol using NMAP
Consider the results of analysis on the Cisco firewall with remote debug mode is activated
Perform default TCP Connect-based ethical analysis of local and remote resources
Review test results remotely Cisco PIX Firewall with debugging enabled
Use NMAP to scan using spoofed IP addresses and aliases
Peform local ethical analysis
Identifies key NMAP configuration files
Use NMAP to perform operating system fingerprinting
Peform subnet-wide ethical analysis
Implementing Nessus Vulnerability Scanner
Network Mapper (NMAP)
Download and install the Nessus Client & Server
Perform vulnerability scans and evaluate the results
Traffic TCPDump Capture
Discuss the characteristics
Capturing data in ASCII and binary formats
Install using YaST
TCPDump analyze binary
Reconstruct TCP sessions interesting
System Snort 2.x Network Intrusion Detection (NIDS)
Obtain and install Snort pre-requisites (libpcap / libpcre / etc)
Obtain, compile and install the Snort Intrusion Detection (NIDS)
Configure credentials and test
Talk plug-ins and fields
Identify and explain key operating modes (Sniffer / recorder / NIDS)
Implement packet filters Berkeley (GMP)
Analyze results
Ethereal traffic analysis
Discuss the characteristics
Explore Snort in sniffer mode network
Explain OSI Model and relevant Snort sniffing options
Explore Snort in ASCII and binary (tcpdump) logging modes
Output Snort logs to ASCII text format and examine the results
Output Snort logs to binary format and examine the results
Implement Snort with BPF to filter traffic
Drive traffic away Windows 2003 and Linux hosts
Use Snort with Berkeley Packet Filter (BPF) to parse logs
Implement Snort in NIDS modes
Explore the snort.conf file and discuss rules
Explain logging and output options alert
Perform port-scans from remote Linux systems and analyze Alerts
Configure MySQL with Snort-compliant schema
Configure Snort to log to MySQL
Download and install the software web analytics BASE
Configure BASE to read alerts MySQL
Evaluate results
download here
http://www.filesonic.com/file/886250604/sus310.part1.rar
http://www.filesonic.com/file/886252374/sus310.part2.rar
http://www.filesonic.com/file/886252454/sus310.part3.rar
http://www.filesonic.com/file/886253874/sus310.part5.rar
http://www.filesonic.com/file/886256534/sus310.part6.rar
http://www.filesonic.com/file/886259464/sus310.part7.rar
http://www.filesonic.com/file/886261124/sus310.part8.rar
