You are using an outdated browser. For a faster, safer browsing experience, upgrade for free today.

Modules

Details

Release Info

RedHat Enterprise Linux (RHEL) is a mature, and, stable Linux distribution. As its name (Enterprise) implies, its emphasis surrounds slow-and-steady updates, allowing your organization to plan accordingly. In this release, we explore some of the salient 'talking-points' surrounding RHEL.

Release Syllabus

RedHat® Enterprise Linux Version 4x
  • Installations and Usage on Dell PowerEdge Hardware
    • Discuss features of RedHat® Enterprise Linux 4
    • Prepare images for network installation
    • Install RedHat Enterprise 4 Workstation on Dell Power Edge Server
    • Explore GNOME graphical environment
    • Introduction to Bourne Again Shell (BASH) - Globes/environment
    • Input (STDIN), output (STDOUT) and standard error (STDERR) redirection
    • Pipes
    • Command chaining
    • BASH for loops
  •  
  • Common BASH Shell commands - Command Line Interface (CLI)
    • pwd, touch, stat, ls - explore useful Linux system commands
    • echo, cat - expose ASCII text and integrate with files
    • cp - copy files
    • mv - move files throughout the file system
    • tar - explore features and advantages of tarballs
    • gzip, bzip2 - intetgrate with tar and examine Internet archive
    • diff - compare and contrast between 2 or 3 files - diff3
    • file - discuss logic used to ascertain file type
    • find - single and multiple expressions and criteria
    • slocate - Compare and contrast with find and create system-wide DB
    • w, wall, watch, whereis, which, who - Important w commands
    • ps & pstree- explore process lists
    • free & top - explore process management with top
    • seq, top, jobs, fg, kill, killall, bg - Manage processes using standard tools
    • Use grep to process lines
    • Use awk to process fields - 30
  •  
  • Common Network Clients & Utilities
    • nano editor
    • Convert Unix text files to Windows format using unix2dos
    • Convert Windows text files to Unix format using dos2unix
    • Retrieve local and remote mail with mutt Mail User Agent (MUA)
    • mount - Mount CDs and ISO images - create ISOs with mkisofs
    • FTP - explore the standard File Transfer Protocol (FTP) client
    • gFTP - Usge GNOME FTP to interact with remote FTP server
    • LFTP - basic usage, job control
    • LFTP - mirror and reverse mirror content - resume transmission
    • LFTP - batch, non-interactive, scripted mode
    • Introduction to SSH concepts, implementation, etc.
    • Use SSH Client to connect to remote Linux Systems using password authentication
    • Identify key SSH-client files (.known_hosts, public/private key pairs,etc.)
    • Authenticate to remote Linux systems using alternate credentials
    • Use Secure Copy Protocol (SCP) to move data between systems non-interactively
    • Use Secure File Transfer Protocol (SFTP) to move data between systems interactively
    • Demonstrate how to generate Public/Private key (RSA/DSA) pairs using SSH-Keygen
    • Demonstrate using SSH to authenticate to remote Linux hosts without passwords
    • Install RedHat Enterprise Workstation on Dell Laptop using HTTP
    • Generate Public Key/Private Key pairs for use with file and E-mail encryption
    • Demonstrate using E-mail client with GNU Privacy Guard (GPG) Open PGP for E-Mail encryption
    • Use Remote Desktop to connect to RDP & VNC remote Linux and Windows hosts
  • Installation on Dell Poweredge Server
    • Prepare Sources on Apache HTTP server
    • Burn bootable CD with network drivers for network-based installation
    • Remove hardware-based RAID 0 configuration
    • Configure hardware-based RAID 5 logical storage
    • Commence software installation
    • Create custom partitions and mount points during installation
    • Configure X11 and confirm installation
  •  
  • System Initialization
    • Explore GRUB
    • Explore system recovery mode
    • Explore INIT
  •  
  • System V Linux Runlevel implementation
    • Identify key startup files, including scripts (inittab,Sscripts,Kscripts,etc.)
    • Explain GNU/Linux System V Init Runlevel (0 - 6) concepts & applications
    • chkconfig & ntsysv
    • Identify startup log files & entries using DMESG & exploration
  •  
  • Manage Users and Groups & Permissions
    • User and group creation & management concepts - passwd, shadow, group, gshadow files
    • Use system-config-users to create and manage users and groups
    • chmod/chown/chgrp
    • SETGID - Group collaboration
    • Explore Hard and Symbolic links including across disparate file systems
  •  
  • File System Management
    • FDISK
    • Create Standard Linux Partition
    • Make EXT2 File System & mount for general usage
    • Use tune2fs to upgrade EXT2 to EXT3 File System
    • Remove EXT2 partition and create EXT3-based parition
    • FSTAB - explore File System Table
    • Use FDISK to create a swap partition
    • Create Swap partition using MKSWAP & SWAPON
    • Provision additional swap space using swapon & swapoff
    • Explore GNU Parted as a partition and file-system management tool
    • Use Parted to create EXT?-based and Swap partitions
    •  
    • Logical Volume Management (LVM) - Discuss concepts and applications
    • Allocate partitions for usage with LVM
    • Create Physical Volumes
    • Create Volume Groups based on Physical Volumes
    • Create Logical Volumes based on Volume Groups
    • Prepare EXT3-based file systems on LVM-managed storage
    • Mount and use LVM Volumes
    • Resize LVM Volumes
  •  
  • Kickstart-based RAID Installation
    • Use Kickstart tool to configure automated kickstart process
    • Installation via HTTP using Kickstart
    • Discuss RAID concepts and configuration
    • Configure RAID disk partitions
  •  
  • RPM Package Management Tool Concepts & Usage
    • Query existing packages & file-based packages
    • Identify offline and online package repositories
    • Install packages
    • Upgrade packages
    • Freshen packages
    • Remove packages
  •  
  • Kernel Concepts and Management
    • Identify and discuss kernel implementation
    • Use kernel utils to identify modules and supported hardware
    • Discuss proper kernel update procedures
    • Download and Install the latest SMP-based kernel
    • Confirm results
    • Remove outdated kernel and confirm results
    • Download and Install the latest Uniprocessor-based kernel
    • Examine changes to GRUB and other key directory trees
    • SYSCTL - use to view and modify run-time variables
  •  
  • Network - Physical & Logical Configuration
    • Identify key directories & files for static & dynamic communications
    • Configure Linux client with static TCP/IP parameters for network communication
    • Explore hotplug -> hwup -> ifup logic
    • Use ifconfig to ascertain logical TCP/IP configuration
    • Use hwinfo to ascertain installed hardware
    • Configure Aliased Ethernet Interfaces to faciliate multiple IP addresses
  •  
  • Explore System Logging via SYSLOG and Logrotate
    • Explore Boot log & System Log
    • Explore dmesg
    • Explanation of syslog facilities & levels
    • Demonstrate syslog administration
    • Enable SYSLOG network listener
    • Demonstrate Cisco PIX Firewall to Linux SYSLOG functionality
    • Explore automatic log rotation and customization via Logrotate
    • Configure Logrotate to rotate & compress sample log files
  •  
  • Implement Network Time Protocol (NTP) Client/Server
    • Configure Network Time Protocol (NTP) to perform client/server time synchronization
    • Synchronize SUSE Enterprise Linux NTP with additional Linux Stratum 2 NTP server
    • Synchronize against Stratum 1 NTP servers
  •  
  • Dynamic Host Configuration Protocol (DHCP)
    • Explain DHCP Concepts & Applications
    • Explore DHCP confiuration files
    • Configure DHCP subnet with applicable options
    • Configure DHCP Reservation based on layer-2 address
  •  
  • Domain Name System (DNS)
    • Configure BIND as a caching-only DNS server
    • Implement Master DNS Zone
    • Configure Reverse Zone for local subnet
    • Implement Dynamic Domain Name System (DDNS) Zones (Forward/Reverse)
    • Explain DHCP and DNS update integration options
    • Integrate DHCP with DNS via Encypted Transaction Signatures (TSigs)
    • Configure Windows 2003 Active Directory to publish DNS Records to Linux Server
    • Examine Windows 2003 SRV Records
    • Configure Master/Slave Zones with Linux Server
    • Evaluate results of BIND configuration using DIG & host
    • Implement DNS sub-domains (Third-level domains)
  •  
  • CRON - System Scheduler
    • Explore Cron Implementation
    • Explain scheduling options
    • Global and scope-based Cron options
    • Schedules jobs to run & examine the output
    • Configure individual Crontab entries
  •  
  • Samba Implementation
    • Implement Linux & Windows Integration via Samba
    • Explore Samba Configuration files
    • Implement SMBFS integration with SUSE Enterprise Linux File System
    • Mount Windows shares seamlessly using Samba File System (SMBFS)
    • Configure FSTAB to support repetitive mounts
    • Implement secure SMBFS credentials for mounting
    • Install Samba Server support
    • Install Samba Web-based Administration Tool (SWAT)
    • Configure Samba file sharing
    • Configure Samba with multiple NETBIOS aliases
    • Install Active Directory (AD) on Windows 2003 Host
    • Configure Samba-Active Directory Integration
  •  
  • Very Secure VSFTPD File Transfer Protocol (FTP) services
    • Implement anonymous FTPD
    • Implement user-level FTPD access
    • Implement FTPD banners
    • Disable anonymous access
    • Configure VSFTPD to chroot jail users into their home directories
    • Implement bandwidth rate-limiting to control bandwidth usage
  •  
  • Network File System (NFS) Implementation
    • Implement NFS Server
    • Export shares and discuss options
    • Mount NFS exports on remote Linux Host
    • Implement AutoFS
  •  
  • Trivial File Transfer Protocol (TFTP) Implementation
    • Install TFTP server
    • Backup Cisco PIX firewall configuration using TFTP
    • Update Cisco PIX firewall configuration using TFTP
  •  
  • Apache Web Server Implementation
    • Discuss Apache server's features and concepts
    • Examine Apache-RedHat HTTPD CONF hierarchy
    • Examine various configuration files
    • Implement Apache Mod Alias and ScriptAlias
    • Follow SYMLINKS
    • Discuss and implement the Directory directive
    • Restrict access to content based on IPs and subnets
    • Implement user home (public_html) directories for personal web-publishing
    • Configure .htacess file with directives
    • Configure IP-based Virtual Hosts
    • Configure Name-based Virtual Hosts
    • Implement Basic and digest authentication schemes
    • Explore Apache logging semantics
    • Implement Apache logging system per virtual host
    • Webalizer Log Analysis software Implementation
    • Generate web reports using Webalizer
    • Perl CGI - Implementation
  •  
  • MySQL® Relational Database Management System
    • Install MySQL® Relational Database Management System
    • Secure access to MySQL®
    • Explore MySQL® monitor shell-based interface
    • Create sample MySQL® databases
    • Load external data-set from Linux
    • Load external data-set from Windows

  • PHPMyAdmin - MySQL® Web-based Management Interface
    • Install PHPMyAdmin for web-based management of MySQL instances
    • Explain & Secure access to PHPMyAdmin
    • Explore PHPMyAdmin's interface
  •  
  • Postfix Message Transfer Agent (MTA)
    • Introduction to Sendmail Implementation
    • Configure Postfix as default MTA
    • Introduction to Postfix Message Transfer Agent (MTA)
    • Explore the directives in the Postfix configuration files
    • Define default values for the FQDN
    • Alter myorigin and examine results
    • Configure Postfix to route messages using a Smarthost
    • Examine how Postfix delivers mail locally
    • Configure SMTP Relaying in Postfix
    • Use Mutt to demonstrate outbound mail handling using Postfix
    • Define SMTP Virtual domains for hosting multiple DNS domains
    • Configure Postfix with a production LinuxCBT DNS domain
    • Examine Virtual domain routing with production and non-production DNS domains
  •  
  • Internet Messaging Access Protocol (IMAP) - Dovecot
    • Explain IMAP concepts and applications in comparison to POP3
    • Implement IMAP services
    • Connect to IMAP services from remote Windows Outlook Express client
    • Implement IMAPS
    • Generate new self-signed SSL certificate for use with IMAPS
  •  
  • Squirrel-mail Web-based Mail Interface Implementation
    • Describe required squirrel mail components for web-mail integration
    • Install squirrel mail on SUSE Enterprise Linux system
    • Configure Apache virtual directory for squirrel mail integration
    • Configure Apache Virtual Host for squirrel mail integration
    • Configure BIND DNS services for squirrel mail integration
    • Explore squirrel mail's web-based interface
  •  
  • XMPP - Enterprise Instant Messenger - Jive Messenger
    • Download and Install Jive Messenger
    • Configure Jive Messenger for usage
    • Evaluate IM-connectivity from Linux Jabber-compliant client
    • Evaluate IM-connectivity from Windows Jabber-compliant client
  •  
  • System Audit & Lockdown
    • Identify tools to perform system audit
    • Ascertain and document current system state
    • Close all superflous services
    • Bind necessary services (daemons) to necessary interfaces and logical addresses
    • Establish security configuration baseline
  •  
  • NMAP - Port Scanner and Vulnerability Assessment Tool
    • Obtain, and install current version of NMAP
    • Identify commonly used NMAPoptions/switches/parameters
    • Explain typical TCPhandshake protocol while using NMAP
    • Identifiy key NMAP configuration files
    • Use NMAP to perform operating system fingerprinting
    • Peform subnet-wide ethical scans
    • Perform default TCPSYN-based ethical scans of local and remote resources
    • Examine the results of scans on remote Cisco firewall with debugging mode enabled
    • Perform default TCPConnect-based ethical scans of local and remote resources
    • Examine the results of scans on remote Cisco PIXFirewall with debugging mode enabled
    • Use NMAPto scan using aliased and spoofed IP addresses
    • Peform local ethical scans
    • Explore NMAP Front-End Graphical User Interface (GUI)
    • Discuss NMAP's features and applications
    • Perform Connect/Syn/Fin and various ethical port-scans
    • Perform service exposure scans
  •  
  • XINETD (Enhanced & Secure INETD Super Server Implementation)
    • Identify key XINETD configuration files
    • Explain the contents and structure of xinetd.conf
    • Restrict access to various daemons/services based on hosts & subnets
    • Lockdown XINETD-controlled services
    • Configure XINETD to restrict number of spawned instances of daemons/services
    • Configure XINETD to bind daemons/services to specific sub-interfaces (Virtual IP addresses)
    • XINETD logging
    • Explore additional XINETD features
  •  
  • TCP Wrappers concepts & applications
    • Identify primary package and key TCP Wrappers configuration files
    • Demonstrate disabled TCP Wrappers configurations by attempting connectivity
    • Examine pre and post TCP Wrappers configuration effects
    • Implement TCP Wrappers for common services
    • Test local & remote access to TCP Wrappers-protected host & services
  •  
  • IPTABLES (Netfilter Linux Kernel-based Firewall)
    • Discuss IPTABLES/Netfilter Concepts
    • Explore default tables and chains
    • Define and test INPUT chains
    • Define and test OUTPUT chains
    • Create user-defined chain and evaluate results
    • Explain IPTABLES default chains/filters and policies
    • Examine TCP/ICMP communications pre-IPTABLES chains
    • Implement ICMP inbound filtration based on various hosts
    • Use Cisco PIX Firewall to verify ICMP debugging
    • Filter traffic based on Layer-4 TCP/UDP (Source/Destination Ports) information
    • Restrict access to various daemons (SSH/FTP/HTTP/etc.)
    • Test connectivity locally and remotely (RedHat/Windows/etc.)
    • Implement IP Forwarding between disparate subnets
    • Implement Network Address Translation (NAT)
  •  
  • Nessus Vulnerability Scanner
    • Download and Install Nessus Vulnerability Scanner
    • Install missing system dependencies
    • Generate self-signed SSL certificates
    • Perform basic Nessus system configuration and start the daemon
    • Use Nessus Linux client to connect to Nessus Server and perform scans
    • Examine resuls of scanning Windows 2003 Host
    • Examine resuls of scanning Cisco PIX Firewall Appliance
  •  
  • Secure Shell Daemon - Secure Communications Implementation
    • Explore SSHD key configuration files
    • Restrict access to SSHD
    • Explore SSHD logging
    • Configure PVPNs with local port forwarding
    • Configure PVPNs with remote port forwarding
    • Execute remote commands in non-interactive mode using SSH
    • Discuss forced-commands framework
    • Configure SUSE Enterprise to accomodate forced-commands
    • Test forced-commands for pre-configured accounts for push/pull secure transactions
    • Integrate SSHD with Windows 2003 Server and PuTTY SSH client
    • Implement PKI with PuTTY SSH
    • Use PSCP and PSFTP to communicate securely from Windows® 2003 to SUSE® Linux
  •  
  • Snort® 2.x Network Intrusion Detection System (NIDS)
    • Obtain, and install pre-requisites (libpcap/libpcre/etc.)
    • Obtain, compile and install the Snort® Network Intrusion Detection System (NIDS)
    • Identify and explain key operating modes (Sniffer/Logger/NIDS)
    • Explore in network sniffer mode
    • Explain OSI Model and relevant sniffing options
    • Explore Snort® in ASCII and Binary (TCPDUMP) logging modes
    • Output logs to ASCII text format and examine the results
    • Output logs to binary format and examine the results
    • Implement Snort® with BPF to filter traffic
    • Generate traffic from remote Windows 2003 and Linux hosts
    • Use Snort® with Berkeley Packet Filter (BPF) to parse logs
    • Implement Snort® in NIDS modes
    • Explore the snort.conf file and discuss rules
    • Explain Logging and Alerting output options
    • Perform port-scans from remote Linux systems and analyze Alerts
    • Configure Snort® to log to SYSLOG
  •  

Tokyo Time

16:9

Rate

1.25x

Watched

1

Completed

1 of 5

Recent