LinuxCBT.com

Syllabus

Focus: Debian® Linux Version 5x

Duration: 45-Hours

    • Introduction to & Installation of Debian GNU/Linux
      • Install Debian Linux Using Various Methods
        • Explore network layout
        • Identify Debian GNU/Linux distribution sites
        • Explain various methods of obtaining Debian GNU/Linux
        • Explain the various branches
        • Prep the Intel-based system for a minimal installation
        • Install Debian Linux on x86 machine using local media and the Internet
        • Install Debian Linux on Intel-based x86 machine using CD-ROMs
        • Configure the installation process with Server-oriented packages
        • Prep the Intel-based system for a PXE network installation
        • Identify Network Installation ISO Image repositories
        • Configure the installation process with Server-oriented packages
        • Prepare VMWare host server
        • Install Debian GNU/Linux on VMWare Server
      •  
    • Debian GNU/Linux Fundamentals
      • Explore Linux boot sequence
      • Explore Debian GNU/Linux GNOME Desktop Interface & Default Applications
      • Basic Debian GNU/Linux Skills
      • Demonstrate usage of the following useful commands & concepts
        • ls, pwd, cd, cp, mv, rm, mkdir, rmdir, whoami, man, info
        • alias, cat, file, chmod, chown, history
        • Standard in/out, UNIX Pipes, Redirection, Command Chaining
        • ps, df, free, vmstat, top, kill
        • less & more, head & tail, find
        • which & whereis, w, who
        • PING (Packet Internet Groper)
        • dig (Domain Information Groper) - used to query DNS servers
        • Demonstrate typical usage of the vi text editor
        • Demonstrate typical usage the nano text editor
        • Tarball Archiving & compression of files & directories with tar|gzip|bzip2|unzip
        • Explain UNIX/Linux file security & permissions (-rwxrwxrwx)
        • Use mount/umount to access CD-ROM and floppy devices
        • Explore /etc/fstab (File system Table file)
        • Explore TCP/IP Configuration
        • Explore Wget and demonstrate its typical usage to interface to HTTP/FTP servers
        • Explore GNU: GREP | Awk | Sed
      •  
      • Advanced Package Management Tool (APT) Concepts
        • Explain classes of Debian GNU/Linux Packages
        • Identify Debian GNU/Linux Package Management Tools
        • Inventory currently installed DEB packages
        • Identify key Advanced Package Tool (APT) configuration files
        • Search for Debian GNU/Linux packages using Advanced Package Tool (APT)
        • Install/Update/Remove software using APT
        • Configure APT to query multiple sources for packages
        • Use DPKG to install a DEB package located on an EXT3 File System
        • Configure APT to install packages from varying versions of Debian GNU/Linux
        • Use Aptitude to manage Debian GNU/Linux packages
        • Install Apt-Spy using APT to identify optimal mirrors
      •  
      • Disk & Volume Management
        • Provision additional Storage partitions using FDISK
        • Use MKE2FS to provision multiple EXT2 & EXT3 File Systems
        • Provision additional Storage partitions using Parted
        • Provision additional Swap storage
        • Use MKSWAP & SWAPON to enable additional Swap storage
        • Update File System Table (FSTAB) to reflect system changes
        • Explore Logical Volume Management (LVM) Configuration
        • Create volume sets using: Logical Volume Management (LVM)
      •  
      • Package Management
        • Discuss various package management options
        • Explore package management repositories
        • Use DPKG to install a .deb package
        • Install packages using 'apt-get'
        • Manage packages using 'aptitude'
      •  
      • INIT
        • Explain Debian GNU/Linux System V Init Runlevel (0 - 6) concepts & applications
        • Explore INIT configuration
        • Identify key startup files, including scripts (inittab,Sscripts,Kscripts,etc.)
        • Switch between run levels and evaluate
        • Demonstrate using SSH to authenticate to remote Linux hosts without passwords
      •  
      • Explore the CRON scheduling daemon & configuration
        • Identify key Cron configuration scopes (Global & User)
        • Explain Crontab file format and applicable options
        • Define custom cron jobs system-wide
        • Define custom cron jobs user-wide
        • Evaluate results of cron jobs
    • Core Network Services
      • System Logging via Syslog, Syslog-NG and Logrotate
        • Explanation of syslog facilities & levels
        • Demonstrate syslog administration
        • Demonstrate Cisco to Linux SYSLOG functionality
        • Migrate system to Syslog-NG
        • Discuss Syslog-NG features and benefits
        • Explore automatic log rotation and customization via Logrotate
        • Configure Logrotate to rotate & compress sample log files
      • IPv4 & IPv6  Configuration
        • Identify key files for the transition from DHCP to Static addressing
        • Configure Linux client with static TCP/IP parameters for network communication
        • Configure Virtual (Sub) Ethernet Interfaces to faciliate multiple IP addresses
        • Explain IPv6 addresses (prefixes)
        • Explore IPv6 configuration on Linux and Cisco router
      •  
      • Implement Network Time Protocol (NTP) Client/Server
        • Configure Network Time Protocol (NTP) to perform client/server time synchronization
        • Identify NTP bounded UDP interfaces
        • Synchronize Debian GNU/Linux NTP with RedHat Linux Stratum 2 NTP server
        • Configure RedHat Linux NTP server to synchronize with Debian GNU/Linux server
      •  
      • Trivial File Transfer Protocol Daemon (TFTPD)
        • Discuss features and benefits
        • Explore TFTPD configuration
        • Backup Cisco router and firewall configuration using TFTPD
        • Evaluate results
      •  
      • Very Secure File Transfer Protocol Daemon (VSFTPD) & LFTP Client
        • Discuss features and benefits
        • Explore configuration
        • Test FTP connectivity
        • Explore LFTP client features
        • Evaluate results
      •  
      • Telnet Daemon (TELNETD) for temporary clear-text shell communications
        • Discuss features and benefits
        • Install TELNETD using Aptitude
        • Explore configuration and usage
        • Examine Message of the day banners (MOTD), /etc/issue file (pre-login banner/display info.)
      •  
      • Commonly-used Network Utilities
        • NETSTAT
        • Traceroute & MTR (PING & Traceroute functionality)
        • ARP
        • IFCONFIG
        • Route
        • DIG & NSLOOKUP
        • Whois
      •  
      • Dynamic Host Configuration Protocol (DHCP) services
        • Explain the various steps of the DHCP process
        • Configure global & scope-level DHCP options
        • Configure IP reservations based on layer 2 MAC addresses
        • Enable Linux DHCP services
        • Configure Windows/Linux clients to receive dynamic addresses from Linux
        • Examine evidence of clients requesting addresses from DHCPD
      •  
      • Implement the Berkeley Internet Naming Daemon (BIND) Domain Name Server (DNS)
        • Implement BIND 9.x
        • Configure BIND as a caching-only DNS server
        • Test caching-only name resolution from Linux hosts
        • Configure Linux/Windows 2003 clients to use Linux BIND DNS server
        • Configure BIND as an Authoritative DNS server
        • Test primary name resolution from Windows & Linux hosts
        • Configure BIND as a secondary(slave) DNS server
        • Evaluate results of BIND configuration using DIG
        • Configure DNS zones
        • Configure zone transfers
        • Evaluate BIND's configuration files
        • Implement IPv6 DNS AAAA records & evaluate forward IPv6 name resolution
        • Implement IPv6 DNS reverse records & evaluate reverse IPv6 name resolution
      •  
      • Network File System (NFS)
        • Discuss features and benefits
        • Explore NFS configuration
        • Test NFS on clients and servers
      •  
      • Implement Linux & Windows Integration via Samba
        • Implement SMBFS integration with Debian GNU/Linux File System
        • Mount Windows shares seamlessly using Samba File System (SMBFS)
        • Configure FSTAB to support repetitive mounts
        • Implement secure SMBFS credentials for mounting
        • Install Samba Server support
        • Install Samba Web-based Administration Tool (SWAT)
        • Configure Samba file sharing
        • Configure Samba with multiple NETBIOS aliases
        • Configure Samba Windows Internet Name Server (WINS) support
        • Evaluate Windows XP client access to Debian GNU/Linux Samba server
      •  
    •  
    • Application Services - Linux|Apache|MySQL|PHP (LAMP)
      • Web Application Services
        • Implement Apache Web Server
        • Examine httpd.conf file directives
        • Implement virtual directories using Apache and symbollic links
        • Implement Redirects using Locate and various Apache directives
        • Configure virtual hosts bound to the primary IP address and port
        • Configure virtual hosts bound to alternate virtual IP addresses and ports
        • Implement Apache logging system per virtual host
        • Configure basic authentication to virtual hosts containers via Directory directives
        • Configure digest authentication
        • Implementation of Webalizer Log Analysis software
        • Generate web reports using Webalizer
        • Implementation of PHP Dynamic Web Access Scripting Engine
          • Evaluate PHP Dynamic Web Access Scripting Engine installation results
          • Test basic PHP script-processing using sample scripts
      •  
      • MySQL Relational Database Management System
        • Install MySQL Relational Database Management System
        • Secure access to MySQL
        • Create sample MySQL databases
        • Install PHPMyAdmin for web-based management of MySQL instances
        • Explain & Secure access to PHPMyAdmin
        • Explore PHPMyAdmin's interface
      •  
      • Postfix MTA
        • Install Postfix MTA
        • Introduction to Postfix Message Transfer Agent (MTA)
        • Use Mutt to demonstrate outbound mail handling using Postfix
        • Explore Postfix Configuration
      • Post Office Protocol Version 3 (POP3)
        • Explain POP3 concepts and applications
        • Implement POP3 daemon
        • Connect to POP3 daemon using Windows Outlook Express client
        • Use Mutt to send SMTP-based messages to POP3 account
      • Internet Messaging Access Protocol (IMAP)
        • Explain IMAP concepts and applications in comparison to POP3
        • Implement IMAP services
        • Connect to IMAP services from remote Windows Outlook Express client
      • Web-based Mail Implementation using Squirrel-mail
        • Describe required squirrel mail components for web-mail integration
        • Install squirrel mail on Debian GNU/Linux system
        • Configure Apache virtual directory for squirrel mail integration
        • Configure Apache Virtual Host for squirrel mail integration
        • Configure BIND DNS services for squirrel mail integration
        • Explore squirrel mail's web-based interface
    •  
    • Security Implementation Techniques
      • IPTABLES (Netfilter Linux Kernel-based Firewall)
        • Discuss IPTABLES/Netfilter Concepts
        • Explain IPTABLES default chains/filters and policies
        • Examine TCP/ICMP communications pre-IPTABLES chains
        • Implement ICMP inbound filtration based on various hosts
        • Use Cisco PIX Firewall to verify ICMP debugging
        • Filter traffic based on Layer-4 TCP/UDP (Source/Destination Ports) information
        • Restrict access to various daemons (SSH/FTP/HTTP/etc.)
        • Test connectivity locally and remotely (RedHat/Windows/etc.)
      •  
      • Network Mapper (NMAP)
        • Obtain, compile and install current version of NMAP
        • Identify commonly used NMAP options/switches/parameters
        • Perform default TCP SYN-based ethical scans of local and remote resources
        • Explain typical TCP handshake protocol while using NMAP
        • Examine the results of scans on remote Cisco firewall with debugging mode enabled
        • Perform default TCP Connect-based ethical scans of local and remote resources
        • Examine the results of scans on remote Cisco PIX Firewall with debugging mode enabled
        • Use NMAP to scan using aliased and spoofed IP addresses
        • Peform local ethical scans
        • Identifiy key NMAP configuration files
        • Use NMAP to perform operating system fingerprinting
        • Peform subnet-wide ethical scans
      •  
      • Lockdown (Debian GNU/Linux System Lockdown)
        • Explain potential network-based entry points to the system
        • Identify superfluous daemons/services using NETSTAT & NMAP
        • Disable superfluous daemons/services using update-rc.d and proper scripts
        • Identify changes in the system as a result of performing the lockdown
        • Disable superfluous daemons/services using XINETD
        • Restrict source address access to daemons/services using XINETD
        • Restrict bind address for daemons/services using XINETD
        • Discuss application-layer security for added protection (MySQL/Apache/SSH)
        • Force SSHD to bind to desired layer-3 IP address for controlled security
        • Secure the system using IPTABLE for added security
      •  
      • TCPDump & Wireshark
        • Discuss features and benefits
        • Explore TCPDump usage
        • Capture interesting traffic
        • Analyze with Wireshark
      •  

LinuxCBT Deb5x Edition

  •  
DEMO