Linux Courses:
Red Hat Linux Networking & Security Administration Training Course

This course is intended for Network Administrators or other personnel, who are responsible for the configuration, use and support of network services on a Red Hat Linux system. On this course delegates will learn how to utilise TCP/IP network services such as DNS, NIS and DHCP and also how to configure network security on a Red Hat Linux system.

For students studying towards Red Hat Certified Engineer (RHCE) certification this course along with RH133GB (Red Hat Linux System Administration I, II) provide the core knowledge for exam RH302GB (Red Hat Certified Engineer).

Delegates should have solid UNIX or Linux systems administration experience. This knowledge can be gained by attending course RH133GB (Red Hat Linux System Administration I, II).

Topics covered on the 4 day Red Hat Linux Networking & Security Administration course

Domain Name Service

• DNS Features
• Internet DNS Hierarchy
• Zone Authoritative Name Server Hierarchy
• Client-side DNS Operation
• Server-side DNS Operation
• Berkeley Internet Name Domain
• Configuring BIND 8
• Configuration File Basics
• Global Options
• Master Zones
• Slave Zones
• Reverse Lookup Zones
• Special Zones
• BIND 8 Database Files
• Resource Records (RR)
• The Start of Authority (SOA) Record
• The Name Server (NS) Record
• The A, CNAME and PTR Records
• The MX and HINFO Records
• Dividing Up Domains
• Cache Only Name Service
• Round Robin Load Sharing through DNS
• BIND Utilities

Samba

• Overview of Samba
• History
• Services and Servers
• Configuring Samba
• Overview of smb.conf Sections
• Configuring File and Directory Sharing
• Enabling WINS Support
• Printing to the Samba Server
• Authentication Methods
• Configuration Test Tool
• Samba Client Tools: smbclient and nmblookup
• Linux-Exclusive Features: smbmount
• Linux-Exclusive Features: Samba mounts in /etc/fstab
• Encrypted Passwords

Network Information Service

• NIS Overview
• NIS History
• NIS Servers
• NIS Clients
• The /etc/nsswitch.conf File
• Server-side NIS Configuration
• Configuring a Master Server
• Configuring a Slave Server
• Debugging NIS with rpcinfo
• NIS Client-side Basics
• Client-side NIS Configuration
• Client Configuration using authconfig
• Client Tools
• Lightweight Directory Access Protocol (LDAP)
• LDAP Support/Configuration

Mail Delivery with Sendmail

• Sendmail Overview
• Sendmail Features
• Security and "Anti-Spam"
• Email Overview
• Simple Operational Overview
• Configuration Files
• Client Configuration
• Configuration with the m4 Macro Language
• Sendmail m4 Macro File: Introduction
• Sendmail m4 Macro File: Features
• Other Valuable m4 Directives
• Advanced /etc/mail Files
• /etc/mail/virtusertable
• /etc/mail/access
• Blacklisting Recipients
• Debugging sendmail
• Procmail Local Delivery
• Procmail Simple Configuration

Apache

• Apache Overview
• Apache Features
• Apache Server Configuration
• Virtual Hosts
• Namespace Configuration
• Apache Access Configuration
• Using the .htaccess Files
• CGI
• Apache Modules
• Apache Encrypted Web Server

Network Services - FTP, NFS, DHCP and PPP

• File Transfer Protocol (FTP)
• Network File System (NFS)
• File Sharing
• NFS Server
• Client-side NFS
• Red Hat Linux Network Installation Server
• Dynamic Host Configuration Protocol (DHCP)
• Setting-up a DHCP Server
• DHCP Configuration
• Client-side DHCP
• Point-to-Point Protocol (PPP)
• Dialup Servers
• PPP Server Configuration
• Specifying pppd Options
• Restricting PPP Users

Introduction to Security

• Basic Security Implementation
• Definitions of Common Terms
• Common Security Breaches
• Physical Security
• Single User Mode with LILO
• Boot Loader Security with LILO
• Network Security
• Security Policies
• Backup Policies
• Responding to a Break-in

Local User Security

• Securing User Accounts
• Authentication with PAM
• PAM Configuration Files
• PAM Application Configuration
• PAM Central Configuration
• Restricting Root Logins
• Restricting User Login
• Allowing Console Users to Control the System
• Allowing Users Root Privileges
• Monitoring the Local System

Files and File System Security

• SUID and SGID Permissions
• Additional File Modes
• Typical Problematic Permissions
• Cleaning Files and Directories
• Data Integrity with tripwire

Password Security and Encrypted Communications

• The Need for Encryption
• Cryptographic Building Blocks
• Random Numbers
• One-way Hashes
• Symmetric Encryption
• Asymmetric Encryption
• Public Key Infrastructures
• Digital Certificates
• Generating Digital Certificates
• Applications: openssh
• Applications: stunnel
• Display Security

Process Security and System Monitoring

• Monitoring/Limiting Processes
• Monitoring Processes with top
• Monitoring Processes Graphically
• Limiting Processes
• Process Accounting Tools
• Logs to Monitor Processes

Service-Based Security/Firewalls

• Type of Firewalls
• The xinetd Daemon
• TCP Wrappers
• Linux as a Router and Masquerader
• Static and Dynamic Routes
• Firewalls
• Packet Filtering Firewall Tasks
• Compiling the Linux Kernel for Packet Firewalling
• What is ipchains?
• Path of Packets Through the Kernel
• Basic Chain Handling
• Sample ipchains Commands
• Building a Firewall with ipchains
• IP Masquerading
• Enabling Masquerading

Security Tools

• Host Auditing Tools
• Packet Sniffers
• Using tcpdump to Monitor Traffic
• Options for tcpdump
• Network Monitoring Tools

   (excl.VAT)

PTR Associates Limited

21A Peach Street, Wokingham, Berkshire, RG40 1XJ, United Kingdom
Tel: 0118 979 4000 Fax: 0118 979 4035
Email: training@ptr.co.uk