You are using an outdated browser. For a faster, safer browsing experience, upgrade for free today.

Modules

Details

Release Info

Among the longstanding and well-maintained Distros is Debian. Its 'apt' package management framework is legendary; as is its commitment to supply por gratis, recurring security updates over a long horizon. Indeed, this distinguishes Debian and its relatives as the leading Linux Distros available.

Release Syllabus

Debian® Linux Version 3x
  • Introduction to & Installation of Debian GNU/Linux
    • Identify Debian GNU/Linux distribution sites
    • Explain various methods of obtaining Debian GNU/Linux
    • Explain the various Debian GNU/Linux strains (Woody/Sarge/Sid)
    • Explain how the efficient Jigsaw Download (jigdo) process operates
    • Install Jigsaw Download tool on RedHat system to obtain Debian ISO images
    • Demonstrate how to obtain Debian GNU/Linux using the efficient Jigsaw Download (Jigdo) process from RedHat Linux and Windows 2003 systems
    • Prepare (Burn) Debian GNU/Linux media based on Jigdo for installation
    • Demonstrate how to obtain Debian GNU/Linux using the traditional ISO images from RedHat Linux & Windows 2003 Systems
    • Prepare (Burn) Debian GNU/Linux media based on ISO downloads for installation
    • Demonstrate how to obtain Debian GNU/Linux using a minimal CD for network installation
    • Prepare Debian GNU/Linux media based on the minimal CD ISO download for installation
    • Prep the Intel-based system for a Workstation installation of Debian GNU/Linux
    • Install Debian Linux on Intel-based x86 machine using CD-ROMs
    • Use CFDISK to create user-partitions on the Debian Workstation system
    • Use CFDISK to create a system-Swap partition
    • Configure the installation process with Workstation-oriented packages
    • Prepare the Intel-based system for a Server installation of Debian GNU/Linux
    • Install Debian Linux on Intel-based x86 machine using CD-ROMs
    • Use Fdisk to create server-oriented partitions on the Debian Server system
    • Use Fdisk to create a system-Swap partition
    • Configure the installation process with Server-oriented packages
    • Prep the Intel-based system for a Network installation of Debian GNU/Linux
    • Identify Network Installation ISO Image repositories
    • Download Network Installation ISO Image & burn to CDRW
    • Use Fdisk to create server-oriented partitions on the Debian Server system
    • Use Fdisk to create a system-Swap partition
    • Identify and specify Debian mirrors to obtain installation packages from
    • Install Debian Linux on Intel-based x86 machine using HTTP
    • Configure the installation process with Server-oriented packages
    • Prepare the Sun Fire SPARC-based headless system for a Remote Network installation of Debian GNU/Linux using SSH, CKermit & serial connectivity
    • Install Debian GNU/Linux SPARC edition using the Module -1 Binary
    • Configure server-oriented drive partitions using Fdisk
    • Configure optimal server-oriented Swap partition using Fdisk
    • Configure the Sun Fire SPARC system with network connectivity
    • Update Debian SPARC system with latest security patches using APT
  •  
  • Explore the Debian GNU/Linux KDE Desktop Interface & Default Applications
  • Identify Documentation - Man Pages & Graphical
  • Explore Debian GNU/Linux GNOME Desktop Interface & Default Applications
  • Upgrade Mozilla web browser software
  • Implement Macromedia Flash plug-in and configure support in Mozilla and evaluate results
  • Implement the current Java Runtime Environment (JRE/J2SE) for system-wide access to Java applets/etc.
  •  
  • Basic Debian GNU/Linux Skills
  • Demonstrate usage of the following useful commands & concepts
    • ls, pwd, cd, cp, mv, rm, mkdir, rmdir, whoami, man, info
    • alias, cat, file, chmod, chown, history
    • Standard in/out, UNIX Pipes, Redirection, Command Chaining
    • ps, df, free, vmstat, top, kill
    • less & more, head & tail, diff
    • which & whereis, w, who
    • find, grep, locate
    • tar, gzip/gunzip, bzip2, zcat
    • PING (Packet Internet Groper) - used to issue ICMP echo requests
    • dig (Domain Information Groper) - used to query DNS servers
    • Demonstrate typical usage of the vi text editor
    • Demonstrate typical usage the nano text editor
    • Tarball Archiving & compression of files & directories with TAR/GZIP/BZIP2
    • Explain UNIX/Linux file security & permissions (-rwxrwxrwx)
    • Use mount/umount to access CD-ROM and floppy devices
    • Explore /etc/fstab (File system Table file)
    • Explore TCP/IP Configuration
    • Install Wget and demonstrate its typical usage to interface to HTTP/FTP servers
  •  
  •  
  • Advanced Package Management Tool (APT) Concepts
    • Explain classes of Debian GNU/Linux Packages
    • Identify Debian GNU/Linux Package Management Tools
    • Inventory currently installed DEB packages
    • Demonstrate Packge Group Selection with tasksel
    • Discuss Package Refinement with dselect
    • Identify key Advanced Package Tool (APT) configuration files
    • Search for Debian GNU/Linux packages using Advanced Package Tool (APT)
    • Install/Update/Remove software using APT
    • Configure APT to query multiple sources for packages
    • Use DPKG to install a DEB package located on an EXT3 File System
    • Configure APT to install packages from varying versions of Debian GNU/Linux
    • Use Aptitude to manage Debian GNU/Linux packages
    • Install Apt-Spy using APT to identify optimal mirrors
  •  
  • Disk Management using CFDISK & FDISK
    • Provision additional Storage partitions using CFDISK
    • Partition using FDISK additional user space
    • Use MKE2FS to provision multiple 20GB EXT2 & EXT3 File Systems
    • Use TUNE2FS to convert existing EXT2 File Systems to EXT3 File Systems
    • Provision additional Swap storage
    • Use MKSWAP & SWAPON to enable additional Swap storage
    • Provision multiple Temp File System (TMPFS) using free memory
    • Demonstrate typical usage of Temp File Systems for fast I/O
    • Update File System Table (FSTAB) to reflect system changes
  •  
  • Remote Desktop (RDP) Client Implementation
    • Download and intall RDesktop prerequisites (dev packages, etc.)
    • Compile, implement & explore RDesktop Terminal Services desktop connectivity to Windows 2003/2000/XP servers running Remote Desktop Protocol (RDP)
  •  
  • Secure Shell (SSH) Client
    • Explain SSH concepts, implementation, etc.
    • Use SSH Client to connect to remote Linux Systems using password authentication
    • Identify key SSH-client files (.known_hosts, public/private key pairs,etc.)
    • Authenticate to remote Linux systems using alternate credentials
    • Use Secure Copy Protocol (SCP) to move data between systems non-interactively
    • Use Secure File Transfer Protocol (SFTP) to move data between systems interactively
    • Demonstrate how to generate Public/Private key (RSA/DSA) pairs using SSH-Keygen
    • Demonstrate using SSH to authenticate to remote Linux hosts without passwords
  •  
  • System V Debian GNU/Linux Runlevel implementation
    • Explain Debian GNU/Linux System V Init Runlevel (0 - 6) concepts & applications
    • Identify key startup files, including scripts (inittab,Sscripts,Kscripts,etc.)
    • Identify startup log files & entries using DMESG & exploration
  •  
  • TCP/IP Configuration
    • Identify key files for the transition from DHCP to Static addressing
    • Configure Linux client with static TCP/IP parameters for network communication
    • Configure Virtual (Sub) Ethernet Interfaces to faciliate multiple IP addresses
  •  
  • Implement Network Time Protocol (NTP) Client/Server
    • Configure Network Time Protocol (NTP) to perform client/server time synchronization
    • Identify NTP bounded UDP interfaces
    • Synchronize Debian GNU/Linux NTP with RedHat Linux Stratum 2 NTP server
    • Configure RedHat Linux NTP server to synchronize with Debian GNU/Linux server
  •  
  • Manage Users and Groups
    • User profile implementation logic and concepts - (Bash profile/etc/skel/aliases/PATH/etc.)
    • User and group creation & management concepts - passwd, shadow, group, gshadow files
    • Use useradd/adduser, groupadd/addgroup, usermod, etc.
    • Examine adduser configuration file
  •  
  • Explore System Logging via SYSLOG and Logrotate
    • Explanation of syslog facilities & levels
    • Demonstrate syslog administration
    • Demonstrate Cisco to Linux SYSLOG functionality
    • Explore automatic log rotation and customization via Logrotate
    • Configure Logrotate to rotate & compress sample log files
  •  
  •  
  • Commonly-used Network Utilities
    • NETSTAT
    • Traceroute & MTR (PING & Traceroute functionality)
    • ARP
    • IFCONFIG
    • Route
    • DIG & NSLOOKUP
    • Whois
    • Implement Telnet Daemon for temporary clear-text shell communications
    • Examine Message of the day banners (MOTD), /etc/issue file (pre-login banner/display info.)
  •  
  • Dynamic Host Configuration Protocol (DHCP) services
    • Explain the various steps of the DHCP process
    • Configure global & scope-level DHCP options
    • Configure IP reservations based on layer 2 MAC addresses
    • Enable Linux DHCP services
    • Configure Windows/Linux clients to receive dynamic addresses from Linux
    • Examine evidence of clients requesting addresses from DHCPD
  •  
  • Very Secure VSFTPD File Transfer Protocol (FTP) services
    • Implement anonymous FTPD
    • Implement user-level FTPD access
    • Implement FTPD banners
    • Disable anonymous access
    • Configure VSFTPD to chroot jail users into their home directories
    • Implement bandwidth rate-limiting to control bandwidth usage
    • Implement & test banning of unwelcomed anonymous e-mail addresses
    • Implement VSFTPD user with redirect to a Samba share
  •  
  • Implement Linux & Windows Integration via Samba
    • Implement SMBFS integration with Debian GNU/Linux File System
    • Mount Windows shares seamlessly using Samba File System (SMBFS)
    • Configure FSTAB to support repetitive mounts
    • Implement secure SMBFS credentials for mounting
    • Install Samba Server support
    • Install Samba Web-based Administration Tool (SWAT)
    • Configure Samba file sharing
    • Configure Samba with multiple NETBIOS aliases
    • Configure Samba Windows Internet Name Server (WINS) support
    • Evaluate Windows XP client access to Debian GNU/Linux Samba server
  •  
  • Explore the CRON scheduling daemon & configuration
    • Identify key Cron configuration scopes (Global & User)
    • Explain Crontab file format and applicable options
    • Define custom cron jobs system-wide
    • Define custom cron jobs user-wide
    • Evaluate results of cron jobs
  •  
  • Implement the Berkeley Internet Daemon (BIND) Domain Name Server (DNS)
    • Implement BIND 9.x
    • Configure BIND as a caching-only DNS server
    • Test caching-only name resolution from Linux hosts
    • Configure Linux/Windows 2003 clients to use Linux BIND DNS server
    • Configure BIND as an Authoritative DNS server
    • Test primary name resolution from Windows & Linux hosts
    • Configure BIND as a secondary(slave) DNS server
    • Configure DNS zones on Linux BIND & Windows 2003 DNS - activate replication
    • Evaluate results of BIND configuration using DIG
    • Configure DNS zones
    • Configure zone transfers
    • Evaluate BIND's configuration files
  •  
  • Kernel Re-compilation & upgrade - Debian Style
    • Obtain latest Linux Kernel sources
    • Install requisite Debian GNU/Linux packages
    • Select hardware and software modules and support for new kernel
    • Compile new Linux kernel
    • Install new Linux kernel
    • Update boot loader
    • Reboot system and verify functionality
  •  
  •  
  • Web Application Services
    • Implement Apache Web Server
    • Examine httpd.conf file directives
    • Implement virtual directories using Apache and symbollic links
    • Implement Redirects using Locate and various Apache directives
    • Configure virtual hosts bound to the primary IP address and port
    • Configure virtual hosts bound to alternate virtual IP addresses and ports
    • Implement Apache logging system per virtual host
    • Configure basic authentication to virtual hosts containers via Directory directives
    • Configure digest authentication
    • Implementation of Webalizer Log Analysis software
    • Generate web reports using Webalizer
    • Implementation of PHP Dynamic Web Access Scripting Engine
    • Evaluate PHP Dynamic Web Access Scripting Engine installation results
    • Test basic PHP script-processing using sample scripts
  •  
  • MySQL Relational Database Management System
    • Install MySQL Relational Database Management System
    • Secure access to MySQL
    • Create sample MySQL databases
    • Install PHPMyAdmin for web-based management of MySQL instances
    • Explain & Secure access to PHPMyAdmin
    • Explore PHPMyAdmin's interface
  •  
  • Sendmail MTA Essentials
    • Introduction to Sendmail Message Transfer Agent (MTA)
    • Implementation of Sendmail
    • Identify default Debian GNU/Linux Sendmail logging
    • Use Mutt to demonstrate outbound mail handling using Sendmail
    • Attempt to relay messages from a remote Windows host
    • Identify failed relays fromt the remote Windows host
    • Configure Sendmail to relay messages for remote Windows host
    • Configure Sendmail to support virtual hosts/multiple domains
    • Evaluate results of routing messages to multiple domains using Sendmail
    • Redirect virtual SMTP addressess to Internet-based SMTP hosts
    • Verify message delivery using Mutt & SSH
  •  
  • Post Office Protocol Version 3 (POP3)
    • Explain POP3 concepts and applications
    • Implement POP3 daemon
    • Connect to POP3 daemon using Windows Outlook Express client
    • Reroute inbound messages using Sendmail to POP3 account for retrieval
    • Use Mutt to send SMTP-based messages to POP3 account
  •  
  • Internet Messaging Access Protocol (IMAP)
    • Explain IMAP concepts and applications in comparison to POP3
    • Implement IMAP services
    • Connect to IMAP services from remote Windows Outlook Express client
  •  
  • Web-based Mail Implementation using Squirrel-mail
    • Describe required squirrel mail components for web-mail integration
    • Install squirrel mail on Debian GNU/Linux system
    • Configure Apache virtual directory for squirrel mail integration
    • Configure Apache Virtual Host for squirrel mail integration
    • Configure BIND DNS services for squirrel mail integration
    • Explore squirrel mail's web-based interface
  •  
  • TCP Wrappers (hosts.allow/hosts.deny)
    • Discuss TCP Wrappers concepts & applications
    • Identify primary package and key TCP Wrappers configuration files
    • Demonstrate disabled TCP Wrappers configurations by attempting connectivity
    • Examine pre and post TCP Wrappers configuration effects
    • Implement TCP Wrappers for common services
    • Test local & remote access to TCP Wrappers-protected host & services
  •  
  • XINETD (Enhanced & Secure INETD Super Server Implementation)
    • Upgrade Debian GNU/Linux system from INETD to XINETD
    • Identify key XINETD configuration files
    • Explain the contents and structure of xinetd.conf
    • Restrict access to various daemons/services based on hosts & subnets
    • Compare & contrast TCP Wrappers and XINETD
    • Secure services with XINETD
    • Insert common global xinetd.conf daemon/service defaults
    • Configure XINETD to log via SYSLOG
    • Configure XINETD to restrict number of spawned instances of daemons/services
    • Configure port forwarding of daemons/services
    • Configure XINETD to bind daemons/services to specific sub-interfaces (Virtual IP addresses)
    • Explore additional XINETD features
  •  
  • IPTABLES (Netfilter Linux Kernel-based Firewall)
    • Discuss IPTABLES/Netfilter Concepts
    • Explain IPTABLES default chains/filters and policies
    • Examine TCP/ICMP communications pre-IPTABLES chains
    • Implement ICMP inbound filtration based on various hosts
    • Use Cisco PIX Firewall to verify ICMP debugging
    • Filter traffic based on Layer-4 TCP/UDP (Source/Destination Ports) information
    • Restrict access to various daemons (SSH/FTP/HTTP/etc.)
    • Test connectivity locally and remotely (RedHat/Windows/etc.)
  •  
  • Network Mapper (NMAP)
    • Obtain, compile and install current version of NMAP
    • Identify commonly used NMAP options/switches/parameters
    • Perform default TCP SYN-based ethical scans of local and remote resources
    • Explain typical TCP handshake protocol while using NMAP
    • Examine the results of scans on remote Cisco firewall with debugging mode enabled
    • Perform default TCP Connect-based ethical scans of local and remote resources
    • Examine the results of scans on remote Cisco PIX Firewall with debugging mode enabled
    • Use NMAP to scan using aliased and spoofed IP addresses
    • Peform local ethical scans
    • Identifiy key NMAP configuration files
    • Use NMAP to perform operating system fingerprinting
    • Peform subnet-wide ethical scans
  •  
  • Nessus Vulnerability Scanner
    • Download, compile, and prepare Nessus vulnerability scanner for deployment
    • Implement Nessus client/server Security vulnerability scanner in SSL-mode
    • Identify Nessus's key features and explore its graphical interface
    • Ethical scan of the local system for vulnerabilities
    • Examine scan results via the reporting engine
    • Discuss mitigation techniques for suggested vulnerabilities
    • Ethical scan of a fraction of the class C subnet by using CIDR
    • Examine the scan results and discuss
    • Ethical scan of the entire class C subnet
    • Examine Nessus process utilization while vulnerability scans are in progress
  •  
  • Lockdown (Debian GNU/Linux System Lockdown)
    • Explain potential network-based entry points to the system
    • Identify superfluous daemons/services using NETSTAT & NMAP
    • Disable superfluous daemons/services using update-rc.d and proper scripts
    • Identify changes in the system as a result of performing the lockdown
    • Disable superfluous daemons/services using XINETD
    • Restrict source address access to daemons/services using XINETD
    • Restrict bind address for daemons/services using XINETD
    • Discuss application-layer security for added protection (MySQL/Apache/Sendmail/SSH/Nessus)
    • Force SSHD to bind to desired layer-3 IP address for controlled security
    • Secure the system using IPTABLES & TCP Wrappers for added security
  •  
  • Snort 2.1x Intrusion Detection System (IDS)
    • Obtain, and install Snort pre-requisites (libpcap/libpcre/etc.)
    • Obtain, compile and install the Snort Intrusion Detection System (IDS)
    • Identify and explain key operating modes (Sniffer/Logger/IDS)
    • Run Snort in all three modes and examine the results
    • Output Snort logs to ASCII text format and examine the results
    • Output Snort logs to binary format and examine the results
    • Use Snort with Berkeley Packet Filter (BPF) to parse logs
    • Implement Snort with BPF to filter real-time traffic
    • Obtain and install requisite MySQL libraries for Snort
    • Recompile Snort IDS with MySQL support
    • Implement Snort IDS with MySQL integration for real-time reporting
    • Implement ACID web-based front-end for examining Snort logs
  •  

Tokyo Time

16:9

Rate

1.25x

Watched

1

Completed

1 of 5

Recent