Securing and Networking Red Hat Linux

Course Code: RHLINSEC
Duration: 4 Days

Bookmark and Share

Overview

This highly practical instructor-led Securing & Networking Red Hat Linux course is designed to give delegates practical experience in the network, security and performance administration of a Red Hat Linux system.  With a strong emphasis on practical hands-on training, this course will teach the essential network, security and performance administrative tasks required on a Red Hat Linux system.

Skills Gained

The delegate will have knowledge in all, and practise in some, of the following:

  • Configure Network Interfaces
  • Configure the System to be a DHCP Server
  • Configuring Network Services
  • Use TCP Wrappers to Limit Service Access
  • Configure Virtual Hosting Using the Apache Web Server
  • Configure a DNS Server
  • Share Data using the Samba and NFS File Sharing Systems
  • Configure a Caching Proxy Server
  • Configure a Centralised Administrative System using NIS
  • Handle Mail Using the sendmail and postfix Programs
  • Secure Systems Using Authentication Services
  • Configure a Secure Firewall Configuration
  • Understand and be able to Implement Data Security including SELinux
  • Configure Advanced System Logging
  • Monitor and Tune for System Performance and Activity
  • Be able to build a Red Hat system using kickstart

Who will the Course Benefit?

The Securing & Networking Red Hat Linux course is designed for System Administrators and Programmers and other technical IT staff who need to acquire knowledge of the key networking and security tasks required to administer a Linux system.

This course will teach many of the necessary skills to enable the delegate to work towards achieving the Red Hat Certified Engineer (RHCE) certification.

The course assumes administration knowledge of the Red Hat Linux operating system to the level covered in the Administering Red Hat Linux course.

Course Objectives

On completion of this course the delegate will have gained practical experience of networking and securing Red Hat Linux systems.

The delegate will also gain the essential knowledge required to study towards the official Red Hat Certified Engineer (RHCE) certification.

Examinations

Targeted to closely follow the official Red Hat certification curriculum.  The Securing & Networking Red Hat Linux course together with the Using Red Hat Linux and the Administering Red Hat Linux course will enable the delegate to work towards achieving the Red Hat Certified Engineer (RHCE) qualification.

Before taking any exam, ensure you have the recommended experience.  The Red Hat website lists all exam requirements and these are updated regularly.

Exams are not included as part of the course.

Pre-Requisite Courses

Outline

Session 1: NETWORK CONFIGURATION

  • Configuring Network Interfaces
  • Controlling Network Devices: ifup/ifdown/mii-tool/ethtool
  • Resolution Order
  • Creating Virtual Interfaces
  • Using DHCP to Assign Interface Parameters
  • Routing IP Traffic Under RedHat Linux
  • Configuring the System as a Gateway
  • Network diagnosis tools : tcpdump, netstat etc.

Session 2: NETWORK SERVICES

  • Ports and Socket Connections
  • The xinetd Daemon Operation
  • Controlling xinetd Services and Access
  • Controlling Services using Chkconfig
  • Limiting Access to Services using TCP Wrappers
  • The FTP Service using vsftpd
  • Configuring the DHCP Server

Session 3: THE DOMAIN NAME SYSTEM

  • The DNS/BIND system under Red Hat Linux
  • Name Server Hierarchy
  • Master/Slave Zones
  • Reverse lookup Zones
  • Record types and their syntax
  • Name Daemon Control Utility (rndc)
  • Address Match Lists (acl)
  • BIND Checking Utilities

Session 4: NETWORK FILE SYSTEM (NFS)

  • NFS Operation: daemons, portmapper etc.
  • Configuring an NFS Server
  • NFS Share Options: /etc/exports
  • UID Re-mapping
  • NFS Client Operation
  • Using the Automounter to Access NFS Mounts

Session 5: SAMBA CONFIGURATION

  • The SAMBA System
  • The SAMBA Services Provided
  • SAMBA Daemons and Operation
  • Configuring SAMBA: Various Tools Available
  • SAMBA Authentication Methods
  • SAMBA Client Tools
  • USING smbmount to Access Windows Shares
  • Using Konqueror to access Windows shares

Session 6: HTTP SERVICES: APACHE/TUX AND SQUID

  • The Apache and Tux Web Servers
  • Apache Server Configuration Files
  • Apache Configuration Directives
  • Virtual Host Management: Name and IP Based Access
  • CGI Programs and Apache Modules
  • The squid Web Proxy Cache
  • Configuring squid
  • Configuring Client Access to squid

Session 7: NETWORK INFORMATION SYSTEM (NIS)

  • The NIS System: Centralised administration
  • NIS Topology
  • Master, Slave and Client Configuration
  • Rebuilding NIS Maps
  • Password Management Under NIS
  • Troubleshooting your NIS Configuration

Session 8: ELECTRONIC MAIL

  • Sendmail and Postfix
  • Mail User, Mail Transport and Mail User Agents
  • Sendmail Configuration Files
  • Sendmail Configuration with the m4 Macro Language
  • Macro Definitions
  • Switching to postfix, a sendmail Replacement
  • Postfix Configuration

Session 9: PLUGGABLE AUTHENICATION MODULE (PAM)

  • Authentication Services: PAM
  • PAM Operation
  • The Core PAM Configuration Files
  • Configuring Resource Limits and Access Control through PAM
  • PAM Examples

Session 10: SECURING NETWORKS: FIREWALLS

  • Netfilter Overview
  • Tables and Chains
  • Packet Filtering Using iptables
  • Rule Targets
  • Basic Chain Rules and Their Operation
  • Connection Tracking
  • Network Address Translation
  • Debugging Route Problems
  • Source and Destination NAT Configuration
  • RedHat Supplied Tools for iptables Configuration

Session 11: DATA SECURITY

  • SELinux
  • Management of SELinux
  • Easy Configuration and Customisation of SELinux
  • Context Types
  • Getsebool, setsebool and chcon commands
  • Dat Security and Encryption Methods
  • Single Key Encryption (Symmetric)
  • Public/Private Key Encryption (Asymmetric)
  • Certificate Encryption and Digital Signatures
  • OpenSSH Overview
  • Client and Server Side Configuration of OpenSSH

Session 12: SYSTEM MONITORING/PERFORMANCE MANAGEMENT

  • System Log Files
  • Syslogd and klogd Configuration
  • Advanced syslogd Configuration
  • Analysing logfiles
  • System Performance Monitoring
  • System Activity Reporting
  • Simple Process Accounting

Session 13: INSTALLING RED HAT LINUX USING KICKSTART

  • How Kickstart Works
  • Kickstart Configuration File Sections
  • Pre and Post Kickstart Processing
  • Creating a Kickstart File
  • Differing ways of starting a Kickstart Installation

Follow-On Courses

  • Apache Web Server
  • Perl Programming
  • Oracle SQL