EL-6x Edition
Details
Release Info
RedHat Enterprise Linux (RHEL) is a mature, and, stable Linux distribution. As its name (Enterprise) implies, its emphasis surrounds slow-and-steady updates, allowing your organization to plan accordingly. In this release, we explore some of the salient 'talking-points' surrounding RHEL.Release Syllabus
RedHat® Enterprise Linux Version 6x
- Installations -Network - VNC - Kickstart
- Discuss features of RedHat® Enterprise Linux 6
- Create HTTP installation source tree
- Explore installation options
- Install via HTTP - Text Mode
- Perform VNC Install
- Graphical installation
- Kickstart, automated installation
- Use Rescue Mode
- Explore Single-User Mode
- Discuss INIT - Upstart facilities
- Explore Requisite Shell Utilities
- 'pwd', 'touch', 'stat', 'ls', 'id'
- 'echo', 'cat'
- 'cp' - copy files
- 'mv' - move files throughout the file system
- 'tty' - Discuss terminals
- 'tar' - explore features and advantages of tarballs
- 'gzip', 'bzip2', 'zip' - Compress content
- 'md5sum', 'sha1sum', 'sha256sum', 'sha512sum' - checksums
- 'file' - discuss logic used to ascertain file type
- 'find' - single and multiple expressions and criteria
- Use 'w' commands
- 'ps' - explore process lists
- free & top - explore process management with top
- Process lines with: 'grep'
- Process fields with: 'awk'
- Explore 'sed' - streams processing
- Basics of: 'perl'
- User and group management concepts
- Permissions - Symlinks - Quotas - File System
Management
- Explain Discretionary Access Controls (DAC) file system permissions
- Manipulate DAC permissions
- Create Symbolic links
- Implement file system quotas
- Use 'parted' and 'fdisk' to manipulate partitions
- FSTAB - explore File System Table
- Allocate swap storage
- Logical Volume Management (LVM) - Discuss concepts and applications
- Allocate partitions for usage with LVM
- Create Physical Volumes
- Create Volume Groups based on Physical Volumes
- Create Logical Volumes based on Volume Groups
- Mount and use LVM Volumes
- Resize LVM Volumes
- Generate RAID volumes
- Evaluate results
- RPM | YUM Package Management
- Query existing packages & file-based packages
- Identify offline and online package repositories
- Install packages
- Upgrade packages
- Remove packages
- Create YUM repositories
- Manage packages using YUM
- Configure redundant YUM repositories
- Explore Package Kit - GUI
- CRON - System Scheduler
- Explore Cron Implementation
- Explain scheduler
- Global and scope-based Cron options
- Schedule jobs to run & examine the output
- Configure individual Crontab entries
- Explore 'at' & 'batch' usage
- RSYSLOG and Logrotate
- Discuss rsyslog facilities & levels
- Configure TCP listener
- Log Cisco router events to rsyslog server
- Explore log rotation
- Discuss rsyslog facilities & levels
- Network Utilities
- PING
- Use Telnet to test TCP ports
- Explore Netstat socket listings
- Use arp to enumerate layer-2 neighbors
- LFTP - basic usage, job control
- LFTP - mirror and reverse mirror content
- LFTP - batch, non-interactive, scripted mode
- Explore: 'wget', 'curl' & 'ssh'
- Network Interface Configuration
- Discuss concepts
- Identify key files & scripts
- Explore: IPv4 & IPv6 configuration
- Configure aliased interfaces
- Provision additional NIC
- Evaluate results
- Discuss concepts
- Very Secure File Transfer Protocol Daemon (VSFTPD)
- Concepts & Applications
- Explore configuration directives
- Disable anonymous access
- Source connections to VSFTPD
- RSYNC
- Discuss features
- Synchronize inter-server content
- Evaluate
- Trivial File Transfer Protocol Daemon (TFTPD)
- Concepts & Applications
- Install and configure
- Archive Cisco router configuration
- Use 'tftp' client to move data
- Discuss caveats
- TELNETD
- Concepts & Applications
- Enable via XINETD
- Source connections to TELNETD
- NTPD
- Explain NTP hierarchy
- Configure time sources
- Synchronize internal resources via NTP
- Evaluate results
- Dynamic Host Configuration Protocol (DHCPD)
- Configure exclusive broadcast domain
- Install and configure DHCPD
- Implement reservations
- Examine client configuration
- Evaluate results
- Domain Name System (DNS)
- BIND
- Configure BIND as a caching-only DNS server
- Implement Master DNS Zones
- Configure Master/Slave Zones with peer
- Evaluate results of BIND configuration
- Configure IPv4 reverse support
- Configure IPv6 forward & reverse support
- Resolve queries - compare & contrast client resolvers
- Network File System (NFS) Implementation
- Implement NFS Server
- Export shares and discuss options
- Mount NFS exports on remote Linux Host
- Implement AutoFS
- Samba Implementation
- Implement Linux & Windows Integration via Samba
- Use key Samba clients
- Explore Samba Configuration files
- Install Samba Server support
- Configure Samba file sharing
- Configure Samba-Active Directory Integration with Winbind
- Evaluate results
- Apache Web Server Implementation
- Explore Apache configuration tree
- Peruse log configuration variables
- Configure IP-based Virtual Hosts
- Configure Name-based Virtual Hosts
- Implement Apache logging system per virtual host
- Explore Apache configuration tree
- MySQL® Relational Database Management System
- Install MySQL® Relational Database Management System
- Secure access to MySQL®
- Explore MySQL® monitor shell-based interface
- Create sample MySQL® database
- Populate with data and execute queries
- Discuss key SQL DML Commands
- Evaluate results
- Install MySQL® Relational Database Management System
- PHP
- Discuss features and benefits
- Install Apache | MySQL Support
- Write data-retrieval script
- Execute & debug
- Evaluate results
- SELinux Intro
- Discuss Concepts & Applications
- Explore default configuration
- Identify key tools
- Expose SELinux subject | object labels
- Enable SELinux-restricted functions on key services
- Auto-relabel the file system
- Copy & Move data & evaluate ramifications
- Evaluate results
- NMAP - Reconnaisance and Risk Assessment Tool
- Discuss features & benefits
- Install via YUM
- Identifiy key NMAP configuration files
- Identify commonly used NMAP options/switches/parameters
- Perform service identification
- Perform local & remote service risk exposure scans
- IPTABLES - Firewall
- Concepts & Applications
- Explore default tables and chains
- Define and test INPUT chain rules
- Define and test OUTPUT chain rules
- Explain IPTABLES default chains/filters and policies
- Filter traffic based on Layers 3|4
- Test connectivity
- Evaluate IPTables6 (IPv6) support
- Write IPv6 rules
- Archive | Restore firewall rules
- TCPDump
- Concepts & Applications
- Capture broad-based traffic
- Narrow scope with Berkeley Packet Filters (BPFs)
- Parse captured traffic
- Evaluate results
- Apache SSL
- Features & Benefits
- Explore default configuration
- Generate usage keys for virtual hosts
- Apply usage keys to virtual hosts & test configuration
- Use 'tcpdump' to intercept clear-text & encrypted traffic
- Compare and contrast capture results
- VSFTPD - SSL
- Features & Benefits
- Reference SSL|TLS usage keys
- Configure VSFTPD to support SSL|TLS exclusively
- Evaluate connectivity with: LFTP & FileZilla
- Liberate server configuration with hybrid approach
- Capture FTP clear-text & encrypted traffic with: 'tcpdump'
- Compare & contrast packet dumps
- Evaluate results
- Enhance Security Posture
- Rationalize consequences (pros|cons) of lean presence
- Discuss compliance benefits
- Use 'nmap' to identify superfluous services: local & remote perspectives
- Mitigate risk by reducing exposure
- Loopback candidate daemons
- Perform post-mitigation reconnaisance with 'nmap'
- Document baseline configuration
- Evaluate Results
Tokyo Time
16:9Rate
1.25xWatched
1Completed
1 of 5Cent9x-Stream Edition
Details
Release Info
CentOS offers a visage into the world of Red Hat Enterprise Linux (RHEL). It is a fork. Unlike its Enterprise counterpart, there are fewer encumbrances, especially vis-à-vis the all-too-important frequently required software updates. Use CentOS to align your Applications and Services with RHEL.Release Syllabus
CentOS9x Stream Administration
- Initial Environment
- ls, pwd, cd, cp, mv, rm, mkdir, rmdir, whoami
- alias, cat, file, chmod, chown, history
- STD(IN|OUT), Pipes, Redirection, Command Chaining
- ps, df, top, free
- Pagers, W-Commands
- Checksums
- Awk | Sed | Grep Usage
- BASH SHELL Environment
- Compression | Archival Tools
- SSH Equivalence
- SHELL Quoting
- Propagate Environment
- Secure Clients
- Identify Standard File Types
- Standard File Permissions
- Symbolic Links
- Transfer Permissions
- Identify SWAP environment
- Provision dedicated SWAP partitions
- Add | Remove SWAP from pool as needed
- Provision File System-based SWAP
- SWAP Share
- SWAP Persistence
- Identify default storage configuration
- Provision new storage as needed
- XFS - File System
- XFS - Grow File System
- Identify LVM defaults
- Add new partitions to LVM management
- Allocate storage to LVM Volume Groups
- Create Logical Volumes (LVs) as needed
- Overlay File System and mount where applicables
- LVM - Resize
- LVM - Mixed FS
- LVM - SWAP
- Features
- Install
- Defaults
- General Usage
- Update Accounts
- Defaults
- Shared PASS Gen
- Unique PASS Gen
- Encrypted PASS Gen
- Update Accounts
- Groups
- Discuss features | limitations
- Identify default system-wide schedule
- Peruse various default Cron Jobs
- Schedule simple job and monitor recurrence
- Evaluate results
- Peruse Default CONF
- Discuss Syslog Rules
- Explore Log Rotate defaults
- Ensure rotated logs are compressed
- Extend default retention scheme
- Force Log Rotation as needed
- Explore Default environment
- Install PKGs
- Dump important metadata from packages
- Apply Updates
- Default CONF
- Add | Confirm IPs as needed
- Install
- Copy Configuration
- SELinux - Confirm
- TLS | SSL Services
- cURL Client Tests
- Virtual Hosts
- ENC Sites Only
- SFTP Only USER
- SFTP Only USER - NOLOGIN
- SFTP Only Group - Control
- NMap Intro
Tokyo Time
16:9Rate
1.25xWatched
1Completed
1 of 5SysLogD Edition
Details
Release Info
Traditional visibility into daemon | service | program communications, activities, errors, etc., relies upon SysLOG. SysLog has migrated over the years towards JournalD via SystemD services, however, SysLOG remains intrical to many services within and without Nix Instances. In this edition, explore some of the key features of rSysLogD, the defacto SysLOG engine.Release Syllabus
SysLOG with rSysLogD
- Discuss Features
- Default Environment
- Kernel Firewall LOG
- Split LOGs by Priorities
- UDP | TCP Logging
- Dual L4 Logging
- Multiple Hosts
- Basic Queueing
- Reliable Event Logging Protocol (RELP)
- RELP - Remote Only
- RELP Only
- Traditional to RELP
- SysLOG Clear-Text - Confirm
- Property Filters
- Expression Filters
- Relay Chain
Tokyo Time
16:9Rate
1.25xWatched
1Completed
1 of 5NFTables Edition
Details
Release Info
NFTables (nft) provides a streamlined packet classification environment.Release Syllabus
Netfilter Tables
- Features
- SSHGuard
- Ruleset Basics
- Persistence
- Sample Rules
- Inbound Filtering
- Dormant Table
- Manage Tables | Chains | Rules
- Counters
- Sets
- LOG Basics
- LOG with Sets
- Closed-Port LOGs
- LOG Options
- Re-Route LOGs
- Jump Targets
- Chain Jumping
- GoTo Chains
- Meta Selectors
Tokyo Time
16:9Rate
1.25xWatched
1Completed
1 of 5Deb12x Edition
Details
Release Info
Among the longstanding and well-maintained Distros is Debian. Its 'apt' package management framework is legendary; as is its commitment to supply por gratis, recurring security updates over a long horizon. Indeed, this distinguishes Debian and its relatives as the leading Linux Distros available.Release Syllabus
Debian 12x Administration
- Features
- Download
- Graphical Install
- Text Install
- Post-Install Tweaks
- Explore usage of the following useful commands
- tty | /dev/pts | w | whoami | who
- set | env | export | unset
- cat | echo | touch | rm
- pwd | ls | cd | mkdir | alias | umask
- head | tail
- dd
- find
- history
- STDIN, STDOUT, STDERR, UNIX Pipes, Redirection, Command Chaining
- ps, df, free, top, dd
- stat, which, w, who
- tar | gzip | bzip2 | xz
- ZSH Setup
- Explore SSH defaults
- Use SSH to connect to targets
- Transfer data with: scp | sftp | rsync
- Explain common Linux file permissions
- chmod | chgrp | chown
- Discuss various Linux file attributes | features
- SETUID | SETGID | STICKY Bit
- SymLinks: Hard | Soft
- Features
- useradd | adduser | usermod | userdel
- groupadd | groupmod | groupdel
- Create $USERs in Parallel
- $USER Passwords | mkpasswd | python3
- Generate Random Passwords
- Store Randomly-generated Passwords for Reference
- Encrypted Pass - Unique Users
- Default SHELL
- NO TTY Access
- Disable SSH Access
- Features
- Installation Defaults: File System Table
- Provision Storage
- GPT Label | Create Partition(s) | File System | Mount | Persistence
- Duplicate Drives
- Duplicate Varied Sizes
- Online Resizing (Up-Sizing)
- Provision SWAP
- Logical Volume Management (LVM)
- LVM Features
- Allocate Storage to LVM
- LVM | VG Resizing
- Fix sudo PATH
- Point-Release Upgrade
- Cron Features
- Cron Job Execution
- Journal Control Features
- Booted Kernels
- SystemD Features
- Explore default APT configuration
- Identify commonly-used package management tools
- Enumerate installed packages
- Identify package owners based on system binaries
- Discuss 'apt' and 'dpkg' options
- Install | Remove various packages
- Network Tools | IP Configuration
- Examine default IP configuration
- Extend IP configuration to facilitate additional addresses
- Static IP Config
- Dual: Dynamic | Static Config
- Multiple Interfaces
- Dual Network Services
- Confirm communications
- Features
- Restrict $USER to SFTP Access
- Confirm limited $SHELL
- SFTP-Only Group
- SFTP-Only Password AUTH
- Identifiy key NMAP configuration files
- Identify commonly used NMAP options/switches/parameters
- Scan Server resource
- Perform default TCP Connect-based ethical scans of local and remote resources
Tokyo Time
16:9Rate
1.25xWatched
1Completed
1 of 5PHP-One-Liners Edition
Details
Release Info
PHP is more commonly known as a CGI processor; for Web-Applications. Perhaps you could call it a Middle-Tier. However, PHP also offers simple, but powerful CLI processing for common needs often provided via a hodgepodge of well-known $SHELL utilities. Either way, PHP makes it facile to achieve accounting where necessary, and simply via One-Liners.Release Syllabus
PHP One-Liners
- General Usage
- Count Lines
- Word Count
- Count Chars
- Split Lines into ARRAY
- Count Instances of Fields
- Transform Delimiters
- Anonymize LOGs
- Extract Unique SRCs
- Lines by Error Code
- LOG By Code
- Summarize Error Codes
- Pre-Seed Error Codes
- Random Strings
- Varied Passwords
- Expose Undefined Passwords
- Outdated Passwords
- Hash | Un-Hash
Tokyo Time
16:9Rate
1.25xWatched
1Completed
1 of 5GlusterFS Edition
Details
Release Info
GlusterFS provides simple, cost-effective, scalable and reliable network-distributed volume | disk aggregation services. Quickly and effectively allocate storage for your applications with GlusterFS.Release Syllabus
Cloud Storage with GlusterFS
- Discuss Features:
- Default Volume Type
- Common Volume Types
- Transport Types
- File System Support
- Storage Model
- Features
- Provision Storage
- Allocate GlusterFS Brick
- Persistence
- Generate IO
- Multiple File Systems
- Various Sizes
- Stop | Remove Volume
- Reconstitute Volume
- Server Mount
- Evaluate
- Features
- Provision Storage
- Partition | FS | Mount | Brick
- Extend Volume
- Monitor IO Distribution
- Shrink Volume
- Confirm Reallocation
- Remove Bricks
- Add | Replace Bricks
- Confirm Data Transfer
- UUID Mounts
- Migrate Mounts
- Features
- Probe Storage Instances
- Provision Storage
- Extend Shared Volume
- Mount any Server
- List Storage Spread
- Dismantle Volume
- Confirm Data-Availability
- Volume Reconstruction
- Features
- Existing Bricks
- Re-Use Allocated Storage
- Define New Bricks
- Create Volume
- Generate | Monitor IO
- Fail NODEs
- Evaluate
- Features
- Explore Environment
- Create New Replica Volume
- Mount on Web Servers
- Ensure Persistence
- Update NginX Web Server Config
- Fetch Content
- Down Storage NODE | Test
- Restore NODE | Confirm Content
Tokyo Time
16:9Rate
1.25xWatched
1Completed
1 of 5OpenPGPII Edition
Details
Release Info
GPG - OpenPGP - Provides a standard PKI Framework, supporting common Algorithms, for securing your data at-rest and in-transit.Release Syllabus
OpenPGP with GPG
- Discuss Features:
- Primary Tool
- Private | Public Keys
- Public Key Cryptography Standards (PKCS)
- Encryption | Decryption
- Signing | Verification
- Features
- General Usage
- Create Content
- Encrypt
- PassPhrase Protect
- Binary | Text Encryption
- Share
- Decrypt
- Features
- Vary Algos
- Compare Results
- Caveats
- Random PassPhrases
- Store PassPhrases
- Encrypt | Decrypt | Confirm
- Use Case
- Generate Keypairs
- Export | Import
- Share
- Sign
- URI Import
- Features
- Identify Public Keys
- Encrypt to Recipients
- Vary Key Identifcation
- Share Content
- Confirm Decryption
- Confirm Invalid Recipient
- Features
- Encryption | Decryption Distinction
- Sign | Share Content
- Confirm Signatures
- Missing Public Key
- Sign | Encrypt | Decrypt | Verify
- Encrypt | Sign | Verify | Decrypt
Tokyo Time
16:9Rate
1.25xWatched
1Completed
1 of 5SSL-TLS Edition
Details
Release Info
Transport Layer Security (TLS) provides standards-based asymmetric and symmetric cryptographic solutions for your application needs.Release Syllabus
SSL-TLS with OpenSSL
- Discuss Features:
- Primary Tool
- Private | Public Keys
- Certificate Signing Requests (CSRs)
- Self-Signed Certificates
- Public Key Cryptography Standards (PKCS)
- Encryption | Decryption
- Random String Generation
- Message Digests
- SSL-TLS Client
- Features
- General Usage
- Retrieve Site Certificates
- Determine OCSP Configuration
- Probe supported TLS Versions
- Extract Certificate for local usage
- Retrieve Certificate with NMap
- Retrieve Certificate Chain
- Fetch Certificate
- x509 Query Fields
- Fingerprints
- One-Liner
- Export Public Key from Certificate
- Dump Public Key
- Generate Random Bytes
- Yield various Formats
- Create Random Files on Target
- Define Random $USERs
- Track defined $USERs
- Features
- Generate Digests
- Install SHA3-SUM
- Vary Content
- Compare Digests
- Remote Digests
- Store Digests
- Features
- Common Algorithms
- Generate Multiple Private Keys
- Export Public Keys
- Confirm Keys
- Remove and Re-Export Public Keys
- Generate Non-Default RSA Keys
- Password-Protected Keys
- Share PRIV_KEY and Confirm
- Features
- Base64 Encode | Decode
- AES-256 Encryption | Decryption
- Base64 Representation
- Decode | Decrypt
- Deterministic Examples
- Asymmetric Encrypts | Decrypts
- Features
- "pkeyutl" Sub-Command
- RSA Signatures
- ED(448|25519) Signatures
- RSA-PSS Signatures
- Eliptical Curve Signatures
- "-rawin" effect
- Encrypt | Sign | Verify | Decrypt
- Sign | Encrypt | Decrypt | Verify
- Discuss
- Generate Private Keys
- Generate Correlating CSRs
- Confirm Keys | CSRs
- Self-Signed Certificates
- Generate
- CA Store
- Root CA
- Various ALGOs
- Internal Domain
- SYMLINK Keys
- Password-Protected PRIV_KEY
Tokyo Time
16:9Rate
1.25xWatched
1Completed
1 of 5$SHELL-Vars Edition
Details
Release Info
The $SHELL (all incarnations), provide a plethora of useful mechanisms that facilitate smoother and more automated operations. Core to reduced computing friction is $SHELL-Mastery.Release Syllabus
SHELL Variables
- Discuss Features
- Terminal (TTY)
- CLI Arguments
- Process ID
- Backgrounded
- SHELL Local
- Environment
- Persistence
- Aliases
- Command Substitution
- Increment | Decrement
- Dynamism