You are using an outdated browser. For a faster, safer browsing experience, upgrade for free today.

Modules

Details

Release Info

Among Debian, RedHat and others, SuSE Linux has long provided an Enterprise Linux Distro offering centered on slow, predictable release cycles, and, timely ysoftware updates. It's YaST administrative tool is apt and has been a 'beacon-of-administrative-hope' where other Distros have failed miserably. If you are in the traditional Enterprise, pay attention to this Distro, as it surfaces more often than not.

Release Syllabus

SuSE® Enterprise Linux Version 10x
  • Network-based (HTTP & SSH) Installations
    • Enable Apache HTTPD on Installation server
    • Configure SUSE Ent. 10 Server as an HTTP Installation source with Apache
    • Discuss system requirements
    • Install SUSE Ent. 10 Server via HTTP
    • Confirm results
  •  
  • Grand Unified Boot Loader (GRUB) & System V Linux Runlevel implementation
    • Explore GRUB configuration
    • Explain SUSE Linux System V Init Runlevel (0 - 6) concepts & applications
    • Identify key startup files, including scripts (inittab,Sscripts,Kscripts,etc.)
  •  
  • GNOME & YaST
    • Explore the GNOME Desktop Interface
    • Explore YaST, centralized management tool
    • Install packages using Yast package manager
  •  
  • Basic GNU/Linux Skills - Command Line Interface (CLI) - BASH
    • Introduction to GNOME Terminal
    • Demonstrate usage of the following useful commands & concepts
    • ls, pwd, cd, cp, mv, rm, mkdir, rmdir, whoami, man, info
    • alias, cat, file, chmod, chown, history
    • Standard in/out, UNIX Pipes, Redirection, Command Chaining
    • ps, df, free, vmstat, top, kill
    • less & more, head & tail, diff
    • which & whereis, w, who
    • Use grep and cut to process delimited log files
    • find, locate
    • tar, gzip/gunzip, bzip2, zcat
    • Explore Pico text editor
    • Install and explore Nano text editor
    • Convert Windows text files to Unix format using dos2unix
    • Convert Unix text files to Windows format using unix2dos
  •  
  • Common Network Clients
    • File Transfer Protocol (FTP) client
    • Install and use LFTP - Sophisticated FTP Client to connect to FTP/HTTP servers
    • Mirror and reverse mirror using LFTP to synchronize data
    • Wget - HTTP/HTTPS/FTP connectivity
    • Explain SSH concepts, implementation, etc.
    • Use SSH Client to connect to remote Linux Systems using password authentication
    • Identify key SSH-client files (.known_hosts, public/private key pairs,etc.)
    • Authenticate to remote Linux systems using alternate credentials
    • Use Secure Copy Protocol (SCP) to move data between systems non-interactively
    • Use Secure File Transfer Protocol (SFTP) to move data between systems interactively
    • Demonstrate how to generate Public/Private key (RSA/DSA) pairs using SSH-Keygen
    • Demonstrate using SSH to authenticate to remote Linux hosts without passwords
    • Generate Public Key/Private Key pairs for use with file and E-mail encryption
    • Demonstrate using E-mail client with GNU Privacy Guard (GPG) Open PGP for E-Mail encryption
    • Use Remote Desktop to connect to RDP & VNC remote Linux and Windows hosts
    • Use ping, mtr & arp
    • Use dig, host, nslookup name resolution clients
    • NETSTAT
    • IFCONFIG
  •  
  • RPM Package Management Tool Concepts & Usage
    • Explain classes of SUSE Linux Packages
    • Query existing packages
    • Identify offline and online package repositories
    • Install packages
    • Upgrade packages
    • Freshen packages
    • Remove packages
    • Identify package membership of files on the SUSE system
  •  
  • Manage Users and Groups & Permissions
    • User profile implementation logic and concepts - (Bash profile/etc/skel/aliases/PATH/etc.)
    • User and group creation & management concepts - passwd, shadow, group, gshadow files
    • Use YaST to create and manage users and groups
    • SETUID
    • SETGID - Group collaboration
    • Sticky Bit
    • Explore Hard and Symbolic links including across disparate file systems
  •  
  • Paritions, File Systems & Volumes (RAID|LVM)
    • Provision new paritions with FDISK/Parted/YaST & ReiserFS
    • Configure RAID 0/1/5/ Volumes
    • Implement Logical Volume Management (LVM)
    • Provision additional Swap storage paritions and files
    • Use MKSWAP & SWAPON to enable additional Swap storage
    • Identify allocated swap space to the kernel
    • Committ changes for persistence
  •  
  • Explore System Logging via SYSLOG-NG and Logrotate
    • Explore Boot log & System Log
    • Explanation of syslog facilities & levels
    • Discuss SYSLOG-NG features & enhancements
    • Demonstrate syslog administration
    • Enable SYSLOG network listener
    • Demonstrate Cisco PIX Firewall to SUSE Linux SYSLOG-NG functionality
    • Explore automatic log rotation and customization via Logrotate
    • Configure Logrotate to rotate & compress sample log files
  •  
  • Network - Physical & Logical Configuration
    • Identify key directories & files for static & dynamic communications
    • Configure Linux client with static TCP/IP parameters for network communication
    • Explore hotplug -> hwup -> ifup logic
    • Use ifconfig to ascertain logical TCP/IP configuration
    • Use hwinfo to ascertain installed hardware
    • Configure Aliased Ethernet Interfaces to faciliate multiple IP addresses
  •  
  • Implement Network Time Protocol (NTP) Client/Server
    • Configure Network Time Protocol (NTP) to perform client/server time synchronization
    • Identify NTP bounded UDP interfaces
    • Synchronize SUSE Enterprise Linux NTP with RedHat Linux Stratum 2 NTP server
    • Synchronize against Stratum 1 NTP servers
  •  
  • Dynamic Host Configuration Protocol (DHCP)
    • Explain DHCP Concepts & Applications
    • Explore DHCP confiuration files
    • Configure DHCP subnet with applicable options
    • Configure DHCP Reservation based on layer-2 address
    • Enable DHCP with DDNS
    • Configure DHCP Failover between SUSE and RedHat Linux Servers
    • Test DHCP Failover with Windows 2003 Host
  •  
  • Domain Name System (DNS)
    • Explore SUSE DNS configuration via YaST
    • Configure BIND as a caching-only DNS server
    • Implement Master DNS Zone
    • Configure Reverse Zone for local subnet
    • Implement Dynamic Domain Name System (DDNS) Zones (Forward/Reverse)
    • Explain DHCP and DNS update integration options
    • Integrate DHCP with DNS via Encypted Transaction Signatures (TSigs)
    • Configure Windows 2003 Active Directory to publish DNS Records to SUSE Server
    • Examine Windows 2003 SRV Records
    • Configure Master/Slave Zones with RedHat Linux Server
    • Evaluate results of BIND configuration using DIG & host
    • Implement DNS sub-domains (Third-level domains)
  •  
  • CRON - System Scheduler
    • Explore Cron Implementation
    • Explain scheduling options
    • Global and scope-based Cron options
    • Schedules jobs to run & examine the output
    • Configure individual Crontab entries
  •  
  • Samba Implementation
    • Implement Linux & Windows Integration via Samba
    • Explore Samba Configuration files
    • Implement SMBFS integration with SUSE Enterprise Linux File System
    • Mount Windows shares seamlessly using Samba File System (SMBFS)
    • Configure FSTAB to support repetitive mounts
    • Implement secure SMBFS credentials for mounting
    • Install Samba Server support
    • Install Samba Web-based Administration Tool (SWAT)
    • Configure Samba file sharing
    • Configure Samba with multiple NETBIOS aliases
    • Install Active Directory on Windows 2003 Server
    • Integrate SUSE Ent. 10 Server with Windows Active Directory (AD)
    • Test Samba-to-Windows integration using 'getent' and authentication
  •  
  • Very Secure VSFTPD File Transfer Protocol (FTP) services
    • Implement anonymous FTPD
    • Implement user-level FTPD access
    • Implement FTPD banners
    • Disable anonymous access
    • Configure VSFTPD to chroot jail users into their home directories
    • Implement bandwidth rate-limiting to control bandwidth usage
    • Implement & test banning of unwelcomed anonymous e-mail addresses
    • Implement VSFTPD user with redirect to a Samba share
  •  
  • Network File System (NFS) Implementation
    • Identify key services/daemons
    • Configure NFS Client & Server
    • Evaluate NFS connectivity to other Linux hosts
  •  
  • RSYNC Implementation
    • Discuss features and benefits
    • Implement rsync
    • Confirm results
  •  
  • Apache Web Server Implementation
    • Discuss Apache server's features and concepts
    • Examine Apache-SUSE HTTPD CONF hierarchy
    • Examine various configuration files
    • Implement Apache Mod Alias and ScriptAlias
    • Examine user home directories
    • Discuss the Directory directive
    • Explore redirects
    • Configure .htacess file with directives
    • Implement Basic and digest authentication schemes
    • Configure IP-based Virtual Hosts
    • Configure Name-based Virtual Hosts
    • Explore Apache logging
    • Implement Apache logging system per virtual host
    • Webalizer Log Analysis software Implementation
    • Generate web reports using Webalizer
    • Implementation of PHP Dynamic Web Access Scripting Engine
    • Evaluate PHP Dynamic Web Access Scripting Engine installation results
    • Test basic PHP script-processing using sample scripts
    • Create and test PHP-form with Apache
  •  
  • MySQL Relational Database Management System
    • Install MySQL Relational Database Management System
    • Secure access to MySQL
    • Explore MySQL monitor shell-based interface
    • Create sample MySQL databases
    • Load external data-set from Linux
    • Load external data-set from Windows
    • Integrate PHP with MySQL

  • PHPMyAdmin - MySQL Web-based Management Interface
    • Install PHPMyAdmin for web-based management of MySQL instances
    • Explain & Secure access to PHPMyAdmin
    • Explore PHPMyAdmin's interface
  •  
  • Postfix Message Transfer Agent (MTA)
    • Introduction to Postfix Message Transfer Agent (MTA)
    • Explore the directives in the Postfix configuration files
    • Define default values for the FQDN
    • Alter myorigin and examine results
    • Configure Postfix to route messages using a Smarthost
    • Examine how Postfix delivers mail locally
    • Configure SMTP Relaying in Postfix
    • Use Mutt to demonstrate outbound mail handling using Postfix
    • Define SMTP Virtual domains for hosting multiple DNS domains
    • Configure Postfix with a production LinuxCBT DNS domain
    • Examine Virtual domain routing with production and non-production DNS domains
  •  
  • Post Office Protocol Version 3 (POP3)
    • Explain POP3 concepts and applications
    • Implement POP3 daemon
    • Connect to POP3 daemon using Windows 2003 Outlook Express client
    • Reroute inbound messages using Sendmail to POP3 account for retrieval
    • Use Mutt to send SMTP-based messages to POP3 account
  •  
  • Internet Messaging Access Protocol (IMAP)
    • Explain IMAP concepts and applications in comparison to POP3
    • Implement IMAP services
    • Connect to IMAP services from remote Windows Outlook Express client
  •  
  • Squirrel-mail Web-based Mail Interface Implementation
    • Describe required squirrel mail components for web-mail integration
    • Install squirrel mail on SUSE Enterprise Linux system
    • Configure Apache virtual directory for squirrel mail integration
    • Configure Apache Virtual Host for squirrel mail integration
    • Configure BIND DNS services for squirrel mail integration
    • Explore squirrel mail's web-based interface
  •  
  • PureFTPD Implementation
    • Explore configuration & enable service
    • Test various modes of operation
  •  
  • Xen Virtualization
    • Discuss features & benefits
    • Implement Xen with instance of SUSE Ent. 10 Edition
  •  
  • System Audit & Lockdown
    • Identify tools to perform system audit
    • Ascertain and document current system state
    • Close all superflous services
    • Bind necessary services (daemons) to necessary interfaces and logical addresses
    • Establish security configuration baseline
  •  
  • XINETD (Enhanced & Secure INETD Super Server Implementation)
    • Identify key XINETD configuration files
    • Explain the contents and structure of xinetd.conf
    • Restrict access to various daemons/services based on hosts & subnets
    • Lockdown XINETD-controlled services
    • Configure XINETD to restrict number of spawned instances of daemons/services
    • Configure XINETD to bind daemons/services to specific sub-interfaces (Virtual IP addresses)
    • XINETD logging
    • Explore additional XINETD features
  •  
  • TCP Wrappers concepts & applications
    • Identify primary package and key TCP Wrappers configuration files
    • Demonstrate disabled TCP Wrappers configurations by attempting connectivity
    • Examine pre and post TCP Wrappers configuration effects
    • Implement TCP Wrappers for common services
    • Test local & remote access to TCP Wrappers-protected host & services
  •  
  • IPTABLES (Netfilter Linux Kernel-based Firewall)
    • Discuss IPTABLES/Netfilter Concepts
    • Explain IPTABLES default chains/filters and policies
    • Examine TCP/ICMP communications pre-IPTABLES chains
    • Implement ICMP inbound filtration based on various hosts
    • Use Cisco PIX Firewall to verify ICMP debugging
    • Filter traffic based on Layer-4 TCP/UDP (Source/Destination Ports) information
    • Restrict access to various daemons (SSH/FTP/HTTP/etc.)
    • Test connectivity locally and remotely (RedHat/Windows/etc.)
  •  
  • Network Mapper (NMAP)
    • Obtain, compile and install current version of NMAP
    • Identify commonly used NMAP options/switches/parameters
    • Perform default TCP SYN-based ethical scans of local and remote resources
    • Explain typical TCP handshake protocol while using NMAP
    • Examine the results of scans on remote Cisco firewall with debugging mode enabled
    • Perform default TCP Connect-based ethical scans of local and remote resources
    • Examine the results of scans on remote Cisco PIX Firewall with debugging mode enabled
    • Use NMAP to scan using aliased and spoofed IP addresses
    • Peform local ethical scans
    • Identifiy key NMAP configuration files
    • Use NMAP to perform operating system fingerprinting
    • Peform subnet-wide ethical scans
  •  
  • Nessus Vulnerability Scanner Implementation
    • Download & Install Nessus Client & Server
    • Configure & test credentials
    • Discuss plug-ins and scopes
    • Perform vulnerability scans & evaluate results
  •  
  • TCPDump Traffic Capture
    • Discuss features
    • Capture data in ASCII & Binary formats
    • Implement Berkeley Packet Filters (BPFs)
    • Analyze results
  •  
  • Ethereal Traffic Analysis
    • Discuss features
    • Install using YaST
    • Analyze TCPDump binary file
    • Rebuild interesting TCP sessions
  •  
  • Snort 2.x Network Intrusion Detection System (NIDS)
    • Obtain, and install Snort pre-requisites (libpcap/libpcre/etc.)
    • Obtain, compile and install the Snort Intrusion Detection System (NIDS)
    • Identify and explain key operating modes (Sniffer/Logger/NIDS)
    • Explore Snort in network sniffer mode
    • Explain OSI Model and relevant Snort sniffing options
    • Explore Snort in ASCII and Binary (TCPDUMP) logging modes
    • Output Snort logs to ASCII text format and examine the results
    • Output Snort logs to binary format and examine the results
    • Implement Snort with BPF to filter traffic
    • Generate traffic from remote Windows 2003 and Linux hosts
    • Use Snort with Berkeley Packet Filter (BPF) to parse logs
    • Implement Snort in NIDS modes
    • Explore the snort.conf file and discuss rules
    • Explain Logging and Alerting output options
    • Perform port-scans from remote Linux systems and analyze Alerts
    • Configure MySQL with Snort-compliant schema
    • Configure Snort to log to MySQL
    • Download & Install BASE web analysis application
    • Configure BASE to read alerts from MySQL
    • Evaluate results
  •  

Tokyo Time

16:9

Rate

1.25x

Watched

1

Completed

1 of 5

Recent