You are using an outdated browser. For a faster, safer browsing experience, upgrade for free today.

Modules

Details

Release Info

Among the longstanding and well-maintained Distros is Debian. Its 'apt' package management framework is legendary; as is its commitment to supply por gratis, recurring security updates over a long horizon. Indeed, this distinguishes Debian and its relatives as the leading Linux Distros available.

Release Syllabus

Debian® Linux Version 4x
  • Install Debian Linux Using Various Methods
    • Explore network layout
    • Identify Debian GNU/Linux distribution sites
    • Explain various methods of obtaining Debian GNU/Linux
    • Explain the various branches
    • Prep the Intel-based system for a minimal installation
    • Install Debian Linux on x86 machine using local media and the Internet
    • Install Debian Linux on Intel-based x86 machine using CD-ROMs
    • Configure the installation process with Server-oriented packages
    • Prep the Intel-based system for a PXE network installation
    • Identify Network Installation ISO Image repositories
    • Configure the installation process with Server-oriented packages
    • Prepare VMWare host server
    • Install Debian GNU/Linux on VMWare Server
  • Explore Linux boot sequence
  • Explore Debian GNU/Linux GNOME Desktop Interface & Default Applications
  •  
  • Basic Debian GNU/Linux Skills
  • Demonstrate usage of the following useful commands & concepts
    • ls, pwd, cd, cp, mv, rm, mkdir, rmdir, whoami, man, info
    • alias, cat, file, chmod, chown, history
    • Standard in/out, UNIX Pipes, Redirection, Command Chaining
    • ps, df, free, vmstat, top, kill
    • less & more, head & tail, find
    • which & whereis, w, who
    • PING (Packet Internet Groper)
    • dig (Domain Information Groper) - used to query DNS servers
    • Demonstrate typical usage of the vi text editor
    • Demonstrate typical usage the nano text editor
    • Tarball Archiving & compression of files & directories with tar|gzip|bzip2|unzip
    • Explain UNIX/Linux file security & permissions (-rwxrwxrwx)
    • Use mount/umount to access CD-ROM and floppy devices
    • Explore /etc/fstab (File system Table file)
    • Explore TCP/IP Configuration
    • Explore Wget and demonstrate its typical usage to interface to HTTP/FTP servers
    • Explore GNU: GREP | Awk | Sed
  •  
  • Advanced Package Management Tool (APT) Concepts
    • Explain classes of Debian GNU/Linux Packages
    • Identify Debian GNU/Linux Package Management Tools
    • Inventory currently installed DEB packages
    • Identify key Advanced Package Tool (APT) configuration files
    • Search for Debian GNU/Linux packages using Advanced Package Tool (APT)
    • Install/Update/Remove software using APT
    • Configure APT to query multiple sources for packages
    • Use DPKG to install a DEB package located on an EXT3 File System
    • Configure APT to install packages from varying versions of Debian GNU/Linux
    • Use Aptitude to manage Debian GNU/Linux packages
    • Install Apt-Spy using APT to identify optimal mirrors
  •  
  • Disk & Volume Management
    • Provision additional Storage partitions using FDISK
    • Use MKE2FS to provision multiple EXT2 & EXT3 File Systems
    • Provision additional Storage partitions using Parted
    • Provision additional Swap storage
    • Use MKSWAP & SWAPON to enable additional Swap storage
    • Update File System Table (FSTAB) to reflect system changes
    • Explore Logical Volume Management (LVM) Configuration
    • Create volume sets using: Logical Volume Management (LVM)
  •  
  • Package Management
    • Discuss various package management options
    • Explore package management repositories
    • Use DPKG to install a .deb package
    • Install packages using 'apt-get'
    • Manage packages using 'aptitude'
  •  
  • INIT
    • Explain Debian GNU/Linux System V Init Runlevel (0 - 6) concepts & applications
    • Explore INIT configuration
    • Identify key startup files, including scripts (inittab,Sscripts,Kscripts,etc.)
    • Switch between run levels and evaluate
    • Demonstrate using SSH to authenticate to remote Linux hosts without passwords
  •  
  • Explore the CRON scheduling daemon & configuration
    • Identify key Cron configuration scopes (Global & User)
    • Explain Crontab file format and applicable options
    • Define custom cron jobs system-wide
    • Define custom cron jobs user-wide
    • Evaluate results of cron jobs
  •  
  •  
  • Core Network Services
    • System Logging via Syslog, Syslog-NG and Logrotate
      • Explanation of syslog facilities & levels
      • Demonstrate syslog administration
      • Demonstrate Cisco to Linux SYSLOG functionality
      • Migrate system to Syslog-NG
      • Discuss Syslog-NG features and benefits
      • Explore automatic log rotation and customization via Logrotate
      • Configure Logrotate to rotate & compress sample log files
    •  
    • IPv4 & IPv6  Configuration
      • Identify key files for the transition from DHCP to Static addressing
      • Configure Linux client with static TCP/IP parameters for network communication
      • Configure Virtual (Sub) Ethernet Interfaces to faciliate multiple IP addresses
      • Explain IPv6 addresses (prefixes)
      • Explore IPv6 configuration on Linux and Cisco router
    •  
    • Implement Network Time Protocol (NTP) Client/Server
      • Configure Network Time Protocol (NTP) to perform client/server time synchronization
      • Identify NTP bounded UDP interfaces
      • Synchronize Debian GNU/Linux NTP with RedHat Linux Stratum 2 NTP server
      • Configure RedHat Linux NTP server to synchronize with Debian GNU/Linux server
    •  
    • Trivial File Transfer Protocol Daemon (TFTPD)
      • Discuss features and benefits
      • Explore TFTPD configuration
      • Backup Cisco router and firewall configuration using TFTPD
      • Evaluate results
    •  
    • Very Secure File Transfer Protocol Daemon (VSFTPD) & LFTP Client
      • Discuss features and benefits
      • Explore configuration
      • Test FTP connectivity
      • Explore LFTP client features
      • Evaluate results
    •  
    • Telnet Daemon (TELNETD) for temporary clear-text shell communications
      • Discuss features and benefits
      • Install TELNETD using Aptitude
      • Explore configuration and usage
      • Examine Message of the day banners (MOTD), /etc/issue file (pre-login banner/display info.)
    •  
    • Commonly-used Network Utilities
      • NETSTAT
      • Traceroute & MTR (PING & Traceroute functionality)
      • ARP
      • IFCONFIG
      • Route
      • DIG & NSLOOKUP
      • Whois
    •  
    • Dynamic Host Configuration Protocol (DHCP) services
      • Explain the various steps of the DHCP process
      • Configure global & scope-level DHCP options
      • Configure IP reservations based on layer 2 MAC addresses
      • Enable Linux DHCP services
      • Configure Windows/Linux clients to receive dynamic addresses from Linux
      • Examine evidence of clients requesting addresses from DHCPD
    •  
    • Implement the Berkeley Internet Naming Daemon (BIND) Domain Name Server (DNS)
      • Implement BIND 9.x
      • Configure BIND as a caching-only DNS server
      • Test caching-only name resolution from Linux hosts
      • Configure Linux/Windows 2003 clients to use Linux BIND DNS server
      • Configure BIND as an Authoritative DNS server
      • Test primary name resolution from Windows & Linux hosts
      • Configure BIND as a secondary(slave) DNS server
      • Evaluate results of BIND configuration using DIG
      • Configure DNS zones
      • Configure zone transfers
      • Evaluate BIND's configuration files
      • Implement IPv6 DNS AAAA records & evaluate forward IPv6 name resolution
      • Implement IPv6 DNS reverse records & evaluate reverse IPv6 name resolution
    •  
    • Network File System (NFS)
      • Discuss features and benefits
      • Explore NFS configuration
      • Test NFS on clients and servers
    •  
    • Implement Linux & Windows Integration via Samba
      • Implement SMBFS integration with Debian GNU/Linux File System
      • Mount Windows shares seamlessly using Samba File System (SMBFS)
      • Configure FSTAB to support repetitive mounts
      • Implement secure SMBFS credentials for mounting
      • Install Samba Server support
      • Install Samba Web-based Administration Tool (SWAT)
      • Configure Samba file sharing
      • Configure Samba with multiple NETBIOS aliases
      • Configure Samba Windows Internet Name Server (WINS) support
      • Evaluate Windows XP client access to Debian GNU/Linux Samba server
    •  
  •  
  • Application Services - Linux|Apache|MySQL|PHP (LAMP)
    • Web Application Services
      • Implement Apache Web Server
      • Examine httpd.conf file directives
      • Implement virtual directories using Apache and symbollic links
      • Implement Redirects using Locate and various Apache directives
      • Configure virtual hosts bound to the primary IP address and port
      • Configure virtual hosts bound to alternate virtual IP addresses and ports
      • Implement Apache logging system per virtual host
      • Configure basic authentication to virtual hosts containers via Directory directives
      • Configure digest authentication
      • Implementation of Webalizer Log Analysis software
      • Generate web reports using Webalizer
      • Implementation of PHP Dynamic Web Access Scripting Engine
        • Evaluate PHP Dynamic Web Access Scripting Engine installation results
        • Test basic PHP script-processing using sample scripts
    •  
    • MySQL Relational Database Management System
      • Install MySQL Relational Database Management System
      • Secure access to MySQL
      • Create sample MySQL databases
      • Install PHPMyAdmin for web-based management of MySQL instances
      • Explain & Secure access to PHPMyAdmin
      • Explore PHPMyAdmin's interface
    •  
    • Postfix MTA
      • Install Postfix MTA
      • Introduction to Postfix Message Transfer Agent (MTA)
      • Use Mutt to demonstrate outbound mail handling using Postfix
      • Explore Postfix Configuration
    •  
    • Post Office Protocol Version 3 (POP3)
      • Explain POP3 concepts and applications
      • Implement POP3 daemon
      • Connect to POP3 daemon using Windows Outlook Express client
      • Use Mutt to send SMTP-based messages to POP3 account
    •  
    • Internet Messaging Access Protocol (IMAP)
      • Explain IMAP concepts and applications in comparison to POP3
      • Implement IMAP services
      • Connect to IMAP services from remote Windows Outlook Express client
    •  
    • Web-based Mail Implementation using Squirrel-mail
      • Describe required squirrel mail components for web-mail integration
      • Install squirrel mail on Debian GNU/Linux system
      • Configure Apache virtual directory for squirrel mail integration
      • Configure Apache Virtual Host for squirrel mail integration
      • Configure BIND DNS services for squirrel mail integration
      • Explore squirrel mail's web-based interface
  •  
  • Security Implementation Techniques
    • TCP Wrappers (hosts.allow/hosts.deny)
      • Discuss TCP Wrappers concepts & applications
      • Identify primary package and key TCP Wrappers configuration files
      • Demonstrate disabled TCP Wrappers configurations by attempting connectivity
      • Examine pre and post TCP Wrappers configuration effects
      • Implement TCP Wrappers for common services
      • Test local & remote access to TCP Wrappers-protected host & services
    •  
    • XINETD (Enhanced & Secure INETD Super Server Implementation)
      • Upgrade Debian GNU/Linux system from INETD to XINETD
      • Identify key XINETD configuration files
      • Explain the contents and structure of xinetd.conf
      • Restrict access to various daemons/services based on hosts & subnets
      • Compare & contrast TCP Wrappers and XINETD
      • Secure services with XINETD
      • Insert common global xinetd.conf daemon/service defaults
      • Configure XINETD to log via SYSLOG
      • Configure XINETD to restrict number of spawned instances of daemons/services
      • Configure port forwarding of daemons/services
      • Configure XINETD to bind daemons/services to specific sub-interfaces (Virtual IP addresses)
      • Explore additional XINETD features
    •  
    • IPTABLES (Netfilter Linux Kernel-based Firewall)
      • Discuss IPTABLES/Netfilter Concepts
      • Explain IPTABLES default chains/filters and policies
      • Examine TCP/ICMP communications pre-IPTABLES chains
      • Implement ICMP inbound filtration based on various hosts
      • Use Cisco PIX Firewall to verify ICMP debugging
      • Filter traffic based on Layer-4 TCP/UDP (Source/Destination Ports) information
      • Restrict access to various daemons (SSH/FTP/HTTP/etc.)
      • Test connectivity locally and remotely (RedHat/Windows/etc.)
    •  
    • Network Mapper (NMAP)
      • Obtain, compile and install current version of NMAP
      • Identify commonly used NMAP options/switches/parameters
      • Perform default TCP SYN-based ethical scans of local and remote resources
      • Explain typical TCP handshake protocol while using NMAP
      • Examine the results of scans on remote Cisco firewall with debugging mode enabled
      • Perform default TCP Connect-based ethical scans of local and remote resources
      • Examine the results of scans on remote Cisco PIX Firewall with debugging mode enabled
      • Use NMAP to scan using aliased and spoofed IP addresses
      • Peform local ethical scans
      • Identifiy key NMAP configuration files
      • Use NMAP to perform operating system fingerprinting
      • Peform subnet-wide ethical scans
    •  
    • Nessus Vulnerability Scanner
      • Download, compile, and prepare Nessus vulnerability scanner for deployment
      • Implement Nessus client/server Security vulnerability scanner in SSL-mode
      • Identify Nessus's key features and explore its graphical interface
      • Ethical scan of the local system for vulnerabilities
      • Examine scan results via the reporting engine
      • Discuss mitigation techniques for suggested vulnerabilities
      • Ethical scan of a fraction of the class C subnet by using CIDR
      • Examine the scan results and discuss
      • Ethical scan of the entire class C subnet
      • Examine Nessus process utilization while vulnerability scans are in progress
    •  
    • Lockdown (Debian GNU/Linux System Lockdown)
      • Explain potential network-based entry points to the system
      • Identify superfluous daemons/services using NETSTAT & NMAP
      • Disable superfluous daemons/services using update-rc.d and proper scripts
      • Identify changes in the system as a result of performing the lockdown
      • Disable superfluous daemons/services using XINETD
      • Restrict source address access to daemons/services using XINETD
      • Restrict bind address for daemons/services using XINETD
      • Discuss application-layer security for added protection (MySQL/Apache/Sendmail/SSH/Nessus)
      • Force SSHD to bind to desired layer-3 IP address for controlled security
      • Secure the system using IPTABLES & TCP Wrappers for added security
    •  
    • TCPDump & Wireshark
      • Discuss features and benefits
      • Explore TCPDump usage
      • Capture interesting traffic
      • Analyze with Wireshark
    •  
    • Snort 2.8x Intrusion Detection System (IDS)
      • Obtain, and install Snort pre-requisites (libpcap/libpcre/etc.)
      • Obtain, compile and install the Snort Intrusion Detection System (IDS)
      • Identify and explain key operating modes (Sniffer/Logger/IDS)
      • Run Snort in all three modes and examine the results
      • Output Snort logs to ASCII text format and examine the results
      • Output Snort logs to binary format and examine the results
      • Use Snort with Berkeley Packet Filter (BPF) to parse logs
      • Implement Snort with BPF to filter real-time traffic
      • Obtain and install requisite MySQL libraries for Snort
      • Recompile Snort IDS with MySQL support
      • Implement Snort IDS with MySQL integration for real-time reporting
      • Implement ACID web-based front-end for examining Snort logs

Tokyo Time

16:9

Rate

1.25x

Watched

1

Completed

1 of 5

Recent