LinuxCBT.com

Syllabus

Focus: Debian® Linux Version 6x

Duration: 40-Hours

    • Installation of Debian GNU/Linux
      • Peruse network topology
      • Identify Debian GNU/Linux distribution sites
      • Explain various methods of obtaining Debian GNU/Linux
      • Explain the various branches
      • Discuss features and benefits of the distribution
      • Perform distribution upgrade
      • Prep the Intel-based system for a PXE network installation
      • Installon in VMWare virtualized environment
      • Peruse Rescue Mode
      • Explore Linux boot sequence
      • Evaluate results
    •  
    • Basic Debian GNU/Linux Skills
    • Demonstrate usage of the following useful commands & concepts
      • ls, pwd, cd, cp, mv, rm, mkdir, rmdir, whoami, man, info
      • alias, cat, file, chmod, chown, history
      • Standard in/out, UNIX Pipes, Redirection, Command Chaining
      • ps, df, free, vmstat, top, kill
      • less & more, head & tail, find
      • which & whereis, w, who
      • PING (Packet Internet Groper)
      • dig (Domain Information Groper) - used to query DNS servers
      • Tarball Archiving & compression of files & directories with tar|gzip|bzip2|unzip
      • Explain UNIX/Linux file security & permissions
      • Use checksum programs to confirm content integrity
      • Explore PCREGREP to search using Perl-Compatible Regular Expressions
      • Tweak run-time kernel parameters with 'sysctl'
      • Use 'screen' to maintain persistent TTYs
    •  
    • Advanced Package Management Tool (APT) Concepts
      • Explain classes of Debian GNU/Linux Packages
      • Identify Debian GNU/Linux Package Management Tools
      • Inventory currently installed DEB packages
      • Identify key Advanced Package Tool (APT) configuration files
      • Search for Debian GNU/Linux packages using Advanced Package Tool (APT)
      • Install/Update/Remove software using APT
      • Configure APT to query multiple sources for packages
      • Peruse package repository using 'dpkg'
      • Configure APT to install packages from varying versions of Debian GNU/Linux
      • Use Aptitude to manage Debian GNU/Linux packages
    •  
    • Disk & Volume Management
      • Provision additional Storage partitions using FDISK
      • Use MKE2FS to provision multiple EXT4 File Systems
      • Provision additional Storage partitions using Parted
      • Provision additional Swap storage
      • Use MKSWAP & SWAPON to enable additional Swap storage
      • Update File System Table (FSTAB) to reflect system changes
      • Explore Logical Volume Management (LVM) Configuration
      • Create volume sets using: Logical Volume Management (LVM)
    •  
    • Package Management
      • Discuss various package management options
      • Explore package management repositories
      • Use DPKG to install a .deb package
      • Install packages using 'apt-get'
      • Manage packages using 'aptitude'
    •  
    • INIT
      • Explain Debian GNU/Linux System V Init Runlevel (0 - 6) concepts & applications
      • Explore INIT configuration
      • Identify key startup files, including scripts (inittab,Sscripts,Kscripts,etc.)
      • Switch between run levels and evaluate
      • Demonstrate using SSH to authenticate to remote Linux hosts without passwords
    •  
    • Explore the CRON scheduling daemon & configuration
      • Identify key Cron configuration scopes (Global & User)
      • Explain Crontab file format and applicable options
      • Define custom cron jobs system-wide
      • Define custom cron jobs user-wide
      • Evaluate results of cron jobs
    •  
    •  
    • Core Network Services
      • System Logging via RSyslog and Logrotate
        • Explanation of syslog facilities & levels
        • Administration of Syslog
        • Archive Cisco trap data via RSyslog
        • Explore log rotation and customization via Logrotate
        • Configure Logrotate to rotate sample log files
        • Evaluate results
      • IPv4 & IPv6  Configuration
        • Identify key files for the transition from DHCP to Static addressing
        • Configure Linux client with static TCP/IP parameters for network communication
        • Configure Virtual (Sub) Ethernet Interfaces to faciliate multiple IP addresses
        • Explain IPv6 addresses (prefixes)
        • Explore IPv6 configuration on Linux and Cisco router
      •  
      • Client Resolvers
        • Identify key client resolvers
        • Peruse configuration
        • Use: dig, host, nslookup to identify hosts
        • Evaluate results
      •  
      • Trivial File Transfer Protocol Daemon (TFTPD)
        • Discuss features and benefits
        • Explore TFTPD configuration
        • Backup Cisco router and firewall configuration using TFTPD
        • Evaluate results
      •  
      • Commonly-used Network Utilities
        • NETSTAT
        • ARP
        • IFCONFIG
        • LFTP
        • RSYNC
      •  
      • Very Secure File Transfer Protocol Daemon (VSFTPD) & LFTP Client
        • Discuss features and benefits
        • Explore configuration
        • Test FTP connectivity
        • Explore LFTP client features
        • Evaluate results
      •  
      • Telnet Daemon (TELNETD) for temporary clear-text shell communications
        • Discuss features and benefits
        • Install TELNETD using Aptitude
        • Explore configuration and usage
        • Examine Message of the day banners (MOTD), /etc/issue file (pre-login banner/display info.)
      •  
      • Network Time Protocol (NTP) Client/Server
        • Configure Network Time Protocol (NTP) to perform client/server time synchronization
        • Identify NTP bounded UDP interfaces
        • Synchronize Debian GNU/Linux NTP with RedHat Linux Stratum 2 NTP server
        • Configure RedHat Linux NTP server to synchronize with Debian GNU/Linux server
      •  
      • Dynamic Host Configuration Protocol (DHCP) services
        • Explain the various steps of the DHCP process
        • Configure global & scope-level DHCP options
        • Configure IP reservations based on layer 2 MAC addresses
        • Enable Linux DHCP services
        • Configure Windows/Linux clients to receive dynamic addresses from Linux
        • Examine evidence of clients requesting addresses from DHCPD
      •  
      • Implement the Berkeley Internet Naming Daemon (BIND) Domain Name Server (DNS)
        • Implement BIND 9x
        • Configure BIND as a caching-only DNS server
        • Test caching-only name resolution from Linux hosts
        • Test primary name resolution from various hosts
        • Configure BIND as a secondary(slave) DNS server
        • Evaluate results of BIND configuration using DIG
        • Configure DNS zones
        • Configure zone transfers
        • Evaluate BIND's configuration files
        • Implement IPv6 DNS AAAA records & evaluate forward IPv6 name resolution
        • Implement IPv6 DNS reverse records & evaluate reverse IPv6 name resolution
      •  
      • Network File System (NFS)
        • Discuss features and benefits
        • Explore NFS configuration
        • Test NFS on clients and servers
      •  
      • File System in User Space (FUSE)
        • Discuss features and benefits
        • Explore FUSE configuration
        • Implement FUSE mounts
        • Evaluate results
      •  
      • Implement Linux & Windows Integration via Samba
        • Implement SMBFS integration with Debian GNU/Linux File System
        • Mount Windows shares seamlessly using Samba File System (SMBFS)
        • Install Samba Server support
        • Install Samba Web-based Administration Tool (SWAT)
        • Configure Samba file sharing
        • Configure Samba with multiple NETBIOS aliases
        • Evaluate results
      •  
    •  
      • Web Application Services
        • Implement Apache Web Server
        • Examine httpd.conf file directives
        • Implement virtual directories using Apache and symbollic links
        • Implement Redirects using Locate and various Apache directives
        • Configure virtual hosts bound to the primary IP address and port
        • Configure virtual hosts bound to alternate virtual IP addresses and ports
        • Implement Apache logging system per virtual host
      •  
      • MySQL Relational Database Management System
        • Install MySQL Relational Database Management System
        • Secure access to MySQL
        • Explore MySQL Terminal Monitor Client
        • Create sample MySQL database
        • Install PHPMyAdmin for web-based management of MySQL instances
        • Explain & Secure access to PHPMyAdmin
        • Explore PHPMyAdmin's interface
      •  
      • PHP Implementaiton
        • Discuss features and benefits
        • Write scripts to enumerate useful PHP | Apache data
        • Integrate PHP with MySQL
        • Evaluate results
      •  
      • Postfix MTA
        • Install Postfix MTA
        • Introduction to Postfix Message Transfer Agent (MTA)
        • Use Mutt to demonstrate outbound mail handling using Postfix
        • Explore Postfix Configuration
      •  
      • Post Office Protocol Version 3 (POP3)
        • Explain POP3 concepts and applications
        • Implement POP3 daemon
        • Connect to POP3 daemon using Windows Outlook Express client
        • Use Mutt to send SMTP-based messages to POP3 account
      •  
      • Internet Messaging Access Protocol (IMAP)
        • Explain IMAP concepts and applications in comparison to POP3
        • Implement IMAP services
        • Connect to IMAP services from remote Windows Outlook Express client
      • Web-based Mail Implementation using Squirrel-mail
        • Describe required squirrel mail components for web-mail integration
        • Install squirrel mail on Debian GNU/Linux system
        • Configure Apache virtual directory for squirrel mail integration
        • Configure Apache Virtual Host for squirrel mail integration
        • Configure BIND DNS services for squirrel mail integration
        • Explore squirrel mail's web-based interface
      •  
    •  
      • Improve Security Posture
        • Identify and Apply Patches
        • Use GPG to secure communications
        • Use SSH to secure TTYs and File Transfers
        • Reduce exposure by removing superfluous services
        • Tighten System Policy
        • Secure SSH Server Service
        • Evaluate Results
      •  
      • Packet Captures and Analyses
        • Identify key tools
        • Use TCPDump to capture traffic
        • Apply Berkeley Packet Filters accordingly
        • Capture and analyze traffic with Wireshark
        • Evaluate Results
      •  
      • Network Mapper (NMAP)
        • Obtain, compile and install current version of NMAP
        • Identify commonly used NMAP options/switches/parameters
        • Perform default TCP SYN-based ethical scans of local and remote resources
        • Explain typical TCP handshake protocol while using NMAP
        • Examine the results of scans on remote Cisco firewall with debugging mode enabled
        • Perform default TCP Connect-based ethical scans of local and remote resources
        • Peform local ethical scans
        • Identifiy key NMAP configuration files
        • Use NMAP to perform operating system fingerprinting and versioning
        • Peform subnet-wide ethical scans
      •  
      • IPTABLES (Netfilter Linux Kernel-based Firewall)
        • Discuss IPTABLES/Netfilter Concepts
        • Explain IPTABLES default chains/filters and policies
        • Examine TCP/ICMP communications pre-IPTABLES chains
        • Implement ICMP inbound filtration based on various hosts
        • Use Cisco PIX Firewall to verify ICMP debugging
        • Filter traffic based on Layer-4 TCP/UDP (Source/Destination Ports) information
        • Restrict access to various daemons (SSH/FTP/HTTP/etc.)
        • Test connectivity locally and remotely (RedHat/Windows/etc.)
      •  
      • Secure Key Services
        • Identify remaining services
        • Generate SSL | TLS Usage Keys
        • Configure Apache SSL | TLS
        • Appropriate SSL-protected Virtual Hosts
        • Configure FTP Server with SSL | TLS
        • Test secure communications with LFTP and FileZilla
        • Use BandwidthD to baseline and monitor traffic
        • Configure DenyHosts to restrict abusive SSH sessions
        • Evaluate Results
      •  
      • OpenVAS Implementation
        • Discuss features and benefits
        • Install OpenVAS Vulnerability Assessment System
        • Conduct Intranet audits
        • Evaluate results
      •  
      • Snort® NIDS Implementation
        • Discuss features and benefits
        • Install Snort Network Intrusion Detection System
        • Use Snort to intercept interesting traffic
        • Evaluate results
      •  

LinuxCBT Deb6x Edition

  •  
DEMO