LinuxCBT.com

Syllabus

Focus: SuSE® Enterprise Linux Version 9x

Duration: 75-Hours

    • Installations and Usage of SUSE Professional Linux on Dell/IBM Hardware
      • Identify SUSE Professional distribution sites
      • Identify and discuss various SUSE Linux versions (tiers)
      • Prep an IBM Notebook for a Professional Desktop installation of SUSE Linux
      • Configure SUSE Linux installation to support Virtual Network Computing (VNC)
      • Install SUSE Linux on IBM notebook using CD-ROMs with VNC
      • Prep the Dell Precision Workstation for a Workstation installation of SUSE Linux
      • Install SUSE Linux on the Dell Precision system using DVD-ROM
      • Explore GUI-based yAST installation interface and options
      • Configure Dell Precision Serial ATA (SATA) ReiserFS Partitions
      • Configure nVidia PCI Xpress graphical support
    •  
    • General Desktop Exploration & Configuration
      • Explore the SUSE Professional KDE Desktop Interface
      • Explore archiving and compression (tar,gzip,bzip2) with Ark
      • Perform package updates with Yast Online Update (YOU)
      • Identify SUSE Linux Documentation
      • Install Mozilla Firefox browser
      • Install HP Printer for system usage
      • Explore printing sub-system - Common Unix Printing System (CUPS)
      • Print to PDF, Postscript and mail PDF to SMTP recipient
      • Configure Windows 2003 Server to share printer
      • Print to shared Windows 2003 Server Printer using Samba (SMB)
      • Install GNOME Desktop environment
      • Explore the SUSE Professional GNOME Desktop environment
      • File archival and compression with GNOME and File Roller
      • Alternate between KDE and GNOME Desktop environments
      • Install packages using Yast package manager
      • Implement Remote Desktop (RDesktop) to access Windows systems using RDP
      • Configure Wireless (WiFi) network interface with Linksys Access Point
      • Configure Wireless Encryption Protocol (WEP) on IBM Laptop with Linksys integration
    •  
    • Basic SUSE Professional GNU/Linux Skills - Command Line Interface (CLI) - BASH
      • Introduction to Konsole
      • Introduction to GNOME Terminal
      • Demonstrate usage of the following useful commands & concepts
      • ls, pwd, cd, cp, mv, rm, mkdir, rmdir, whoami, man, info
      • alias, cat, file, chmod, chown, history
      • Standard in/out, UNIX Pipes, Redirection, Command Chaining
      • ps, df, free, vmstat, top, kill
      • less & more, head & tail, diff
      • which & whereis, w, who
      • Use grep and cut to process delimited log files
      • find, locate
      • tar, gzip/gunzip, bzip2, zcat
      • Explore Pico text editor
      • Install and explore Nano text editor
      • Convert Windows text files to Unix format using dos2unix
      • Convert Unix text files to Windows format using unix2dos
    •  
    • Common Network Clients
      • File Transfer Protocol (FTP) client
      • Install and use LFTP - Sophisticated FTP Client to connect to FTP/HTTP servers
      • Mirror and reverse mirror using LFTP to synchronize data
      • Wget - HTTP/HTTPS/FTP connectivity
      • Explain SSH concepts, implementation, etc.
      • Use SSH Client to connect to remote Linux Systems using password authentication
      • Identify key SSH-client files (.known_hosts, public/private key pairs,etc.)
      • Authenticate to remote Linux systems using alternate credentials
      • Use Secure Copy Protocol (SCP) to move data between systems non-interactively
      • Use Secure File Transfer Protocol (SFTP) to move data between systems interactively
      • Demonstrate how to generate Public/Private key (RSA/DSA) pairs using SSH-Keygen
      • Demonstrate using SSH to authenticate to remote Linux hosts without passwords
      • Generate Public Key/Private Key pairs for use with file and E-mail encryption
      • Demonstrate using E-mail client with GNU Privacy Guard (GPG) Open PGP for E-Mail encryption
      • Use Remote Desktop to connect to RDP & VNC remote Linux and Windows hosts
    •  
    • Installations on Dell PowerEdge and Usage of SUSE Enterprise Linux 9 on Dell Poweredge Servers
      • Identify distribution sites & obtain SUSE Enterprise Linux
      • Prep Dell PowerEdge Server for SUSE Enterprise Linux Installation
      • Configure RAID0 on Dell PowerEdge Server for Installation
      • Install SUSE Enterprise Linux on Dell PowerEdge Server with RAID0
      • Configure RAID1 on Dell PowerEdge Server for Installation
      • Install SUSE Enterprise Linux on Dell PowerEdge Server with RAID1
      • Configure RAID5 on Dell PowerEdge Server for Installation
      • Install SUSE Enterprise Linux on Dell PowerEdge Server with RAID5
      • Select appropriate packages for type of server
      • Install SUSE Enterprise Linux via Virtual Network Computing (VNC) from a remote Linux Host
      • Create a SUSE Media installation server for subsequent installations
    •  
    • Remote Installation Sources
      • Setup SUSE Enterprise Server to host SUSE Pro 9.x and SUSE Enterprise Installation Sources
      • Setup SUSE Enterprise Linux installation directory tree on a remote RedHat Linux system for network installation
      • Install SUSE Enterprise Linux using HTTP Apache Web server from remote SUSE Linux Host
      • Install SUSE Enterprise Linux via Secure Shell (SSH) Protocol client from a remote system
      • Use MKISOFS to create ISO of SUSE DVD for installation deployment
      • Create install image using autoYaST
    •  
    • System V Linux Runlevel implementation
      • Explain SUSE Linux System V Init Runlevel (0 - 6) concepts & applications
      • Identify key startup files, including scripts (inittab,Sscripts,Kscripts,etc.)
      • Identify startup log files & entries using DMESG & exploration
    •  
    • RPM Package Management Tool Concepts & Usage
      • Explain classes of SUSE Linux Packages
      • Query existing packages
      • Identify offline and online package repositories
      • Install packages
      • Upgrade packages
      • Freshen packages
      • Remove packages
      • Identify package membership of files on the SUSE system
    •  
    • Manage Users and Groups & Permissions
      • User profile implementation logic and concepts - (Bash profile/etc/skel/aliases/PATH/etc.)
      • User and group creation & management concepts - passwd, shadow, group, gshadow files
      • Use YaST to create and manage users and groups
      • SETUID
      • SETGID - Group collaboration
      • Sticky Bit
      • Explore Hard and Symbolic links including across disparate file systems
    •  
    • Kernel Management
      • Identify imporatant Linux kernel components on the SUSE Systems
      • Download current kernel from FTP location
      • Install current SMP kernel
    •  
    • Miscellaneous Configuration & Commands
      • Provision additional Swap storage
      • Use MKSWAP & SWAPON to enable additional Swap storage
      • NETSTAT
      • Traceroute & MTR (PING & Traceroute functionality)
      • ARP
      • IFCONFIG
      • Route
      • DIG & HOST
      • Whois
    •  
    • Network - Physical & Logical Configuration
      • Identify key directories & files for static & dynamic communications
      • Configure Linux client with static TCP/IP parameters for network communication
      • Explore hotplug -> hwup -> ifup logic
      • Use ifconfig to ascertain logical TCP/IP configuration
      • Use hwinfo to ascertain installed hardware
      • Configure Aliased Ethernet Interfaces to faciliate multiple IP addresses
    •  
    • Explore System Logging via SYSLOG and Logrotate
      • Explore Boot log & System Log
      • Explore dmesg
      • Explanation of syslog facilities & levels
      • Demonstrate syslog administration
      • Enable SYSLOG network listener
      • Demonstrate Cisco PIX Firewall to SUSE Linux SYSLOG functionality
      • Explore automatic log rotation and customization via Logrotate
      • Configure Logrotate to rotate & compress sample log files
    •  
    • Implement Network Time Protocol (NTP) Client/Server
      • Configure Network Time Protocol (NTP) to perform client/server time synchronization
      • Identify NTP bounded UDP interfaces
      • Synchronize SUSE Enterprise Linux NTP with RedHat Linux Stratum 2 NTP server
      • Synchronize against Stratum 1 NTP servers
    •  
    • Dynamic Host Configuration Protocol (DHCP)
      • Explain DHCP Concepts & Applications
      • Explore DHCP confiuration files
      • Configure DHCP subnet with applicable options
      • Configure DHCP Reservation based on layer-2 address
      • Enable DHCP with DDNS
      • Configure DHCP Failover between SUSE and RedHat Linux Servers
      • Test DHCP Failover with Windows 2003 Host
    •  
    • Domain Name System (DNS)
      • Explore SUSE DNS configuration via YaST
      • Configure BIND as a caching-only DNS server
      • Implement Master DNS Zone
      • Configure Reverse Zone for local subnet
      • Implement Dynamic Domain Name System (DDNS) Zones (Forward/Reverse)
      • Explain DHCP and DNS update integration options
      • Integrate DHCP with DNS via Encypted Transaction Signatures (TSigs)
      • Configure Windows 2003 Active Directory to publish DNS Records to SUSE Server
      • Examine Windows 2003 SRV Records
      • Configure Master/Slave Zones with RedHat Linux Server
      • Evaluate results of BIND configuration using DIG & host
      • Implement DNS sub-domains (Third-level domains)
    •  
    • CRON - System Scheduler
      • Explore Cron Implementation
      • Explain scheduling options
      • Global and scope-based Cron options
      • Schedules jobs to run & examine the output
      • Configure individual Crontab entries
    •  
    • Samba Implementation
      • Implement Linux & Windows Integration via Samba
      • Explore Samba Configuration files
      • Implement SMBFS integration with SUSE Enterprise Linux File System
      • Mount Windows shares seamlessly using Samba File System (SMBFS)
      • Configure FSTAB to support repetitive mounts
      • Implement secure SMBFS credentials for mounting
      • Install Samba Server support
      • Install Samba Web-based Administration Tool (SWAT)
      • Configure Samba file sharing
      • Configure Samba with multiple NETBIOS aliases
    •  
    • Very Secure VSFTPD File Transfer Protocol (FTP) services
      • Implement anonymous FTPD
      • Implement user-level FTPD access
      • Implement FTPD banners
      • Disable anonymous access
      • Configure VSFTPD to chroot jail users into their home directories
      • Implement bandwidth rate-limiting to control bandwidth usage
      • Implement & test banning of unwelcomed anonymous e-mail addresses
      • Implement VSFTPD user with redirect to a Samba share
    •  
    • Network File System (NFS) Implementation
      • Implement NFS Server
      • Export shares and discuss options
      • Mount NFS exports on remote RedHat Linux Host
      • Install Services For UNIX (SFU) on Windows 2003 Host
      • Integrate Windows Services For UNIX with SUSE Enterprise NFS Server
    •  
    • Network Information System (NIS) Implementation
      • Implement NIS Master Server
      • Configure Master server as an NIS Client
      • Configure additoinal SUSE Professional system as NIS Client
      • Evaluate NIS configuration utilities and NIS features
    •  
    • Apache Web Server Implementation
      • Discuss Apache server's features and concepts
      • Examine Apache-SUSE HTTPD CONF hierarchy
      • Examine various configuration files
      • Implement Apache Mod Alias and ScriptAlias
      • Examine user home directories
      • Discuss the Directory directive
      • Explore redirects
      • Configure .htacess file with directives
      • Implement Basic and digest authentication schemes
      • Configure IP-based Virtual Hosts
      • Configure Name-based Virtual Hosts
      • Explore Apache logging
      • Implement Apache logging system per virtual host
      • Webalizer Log Analysis software Implementation
      • Generate web reports using Webalizer
      • Implementation of PHP Dynamic Web Access Scripting Engine
      • Evaluate PHP Dynamic Web Access Scripting Engine installation results
      • Test basic PHP script-processing using sample scripts
      • Create and test PHP-form with Apache
    •  
    • MySQL Relational Database Management System
      • Install MySQL Relational Database Management System
      • Secure access to MySQL
      • Explore MySQL monitor shell-based interface
      • Create sample MySQL databases
      • Load external data-set from Linux
      • Load external data-set from Windows
      • Integrate PHP with MySQL

    • PHPMyAdmin - MySQL Web-based Management Interface
      • Install PHPMyAdmin for web-based management of MySQL instances
      • Explain & Secure access to PHPMyAdmin
      • Explore PHPMyAdmin's interface
    •  
    • Postfix Message Transfer Agent (MTA)
      • Introduction to Postfix Message Transfer Agent (MTA)
      • Explore the directives in the Postfix configuration files
      • Define default values for the FQDN
      • Alter myorigin and examine results
      • Configure Postfix to route messages using a Smarthost
      • Examine how Postfix delivers mail locally
      • Configure SMTP Relaying in Postfix
      • Use Mutt to demonstrate outbound mail handling using Postfix
      • Define SMTP Virtual domains for hosting multiple DNS domains
      • Configure Postfix with a production LinuxCBT DNS domain
      • Examine Virtual domain routing with production and non-production DNS domains
    •  
    • Post Office Protocol Version 3 (POP3)
      • Explain POP3 concepts and applications
      • Implement POP3 daemon
      • Connect to POP3 daemon using Windows 2003 Outlook Express client
      • Reroute inbound messages using Sendmail to POP3 account for retrieval
      • Use Mutt to send SMTP-based messages to POP3 account
    •  
    • Internet Messaging Access Protocol (IMAP)
      • Explain IMAP concepts and applications in comparison to POP3
      • Implement IMAP services
      • Connect to IMAP services from remote Windows Outlook Express client
    •  
    • Squirrel-mail Web-based Mail Interface Implementation
      • Describe required squirrel mail components for web-mail integration
      • Install squirrel mail on SUSE Enterprise Linux system
      • Configure Apache virtual directory for squirrel mail integration
      • Configure Apache Virtual Host for squirrel mail integration
      • Configure BIND DNS services for squirrel mail integration
      • Explore squirrel mail's web-based interface
    •  
    • TFTP Connectionless Protocol Implementation
      • Install and configure TFTP for easy communications with Cisco PIX Firewall
      • Update Cisco PIX Firewall configuration using TFTP server
    •  
    • System Audit & Lockdown
      • Identify tools to perform system audit
      • Ascertain and document current system state
      • Close all superflous services
      • Bind necessary services (daemons) to necessary interfaces and logical addresses
      • Establish security configuration baseline
    •  
    • XINETD (Enhanced & Secure INETD Super Server Implementation)
      • Identify key XINETD configuration files
      • Explain the contents and structure of xinetd.conf
      • Restrict access to various daemons/services based on hosts & subnets
      • Lockdown XINETD-controlled services
      • Configure XINETD to restrict number of spawned instances of daemons/services
      • Configure XINETD to bind daemons/services to specific sub-interfaces (Virtual IP addresses)
      • XINETD logging
      • Explore additional XINETD features
    •  
    • TCP Wrappers concepts & applications
      • Identify primary package and key TCP Wrappers configuration files
      • Demonstrate disabled TCP Wrappers configurations by attempting connectivity
      • Examine pre and post TCP Wrappers configuration effects
      • Implement TCP Wrappers for common services
      • Test local & remote access to TCP Wrappers-protected host & services
    •  
    • IPTABLES (Netfilter Linux Kernel-based Firewall)
      • Discuss IPTABLES/Netfilter Concepts
      • Explain IPTABLES default chains/filters and policies
      • Examine TCP/ICMP communications pre-IPTABLES chains
      • Implement ICMP inbound filtration based on various hosts
      • Use Cisco PIX Firewall to verify ICMP debugging
      • Filter traffic based on Layer-4 TCP/UDP (Source/Destination Ports) information
      • Restrict access to various daemons (SSH/FTP/HTTP/etc.)
      • Test connectivity locally and remotely (RedHat/Windows/etc.)
    •  
    • Network Mapper (NMAP)
      • Obtain, compile and install current version of NMAP
      • Identify commonly used NMAP options/switches/parameters
      • Perform default TCP SYN-based ethical scans of local and remote resources
      • Explain typical TCP handshake protocol while using NMAP
      • Examine the results of scans on remote Cisco firewall with debugging mode enabled
      • Perform default TCP Connect-based ethical scans of local and remote resources
      • Examine the results of scans on remote Cisco PIX Firewall with debugging mode enabled
      • Use NMAP to scan using aliased and spoofed IP addresses
      • Peform local ethical scans
      • Identifiy key NMAP configuration files
      • Use NMAP to perform operating system fingerprinting
      • Peform subnet-wide ethical scans
    •  
    • Secure Shell Daemon - Secure Communications Implementation
      • Explore SSHD key configuration files
      • Restrict access to SSHD
      • Explore SSHD logging
      • Configure PVPNs with local port forwarding
      • Configure PVPNs with remote port forwarding
      • Execute remote commands in non-interactive mode using SSH
      • Discuss forced-commands framework
      • Configure SUSE Enterprise to accomodate forced-commands
      • Test forced-commands for pre-configured accounts for push/pull secure transactions
      • Integrate SSHD with Windows 2003 Server and PuTTY SSH client
      • Implement PKI with PuTTY SSH
      • Use PSCP and PSFTP to communicate securely from Windows 2003 to SUSE Enterprise Linux
    •  
    • Snort 2.x Network Intrusion Detection System (NIDS)
      • Obtain, and install Snort pre-requisites (libpcap/libpcre/etc.)
      • Obtain, compile and install the Snort Intrusion Detection System (NIDS)
      • Identify and explain key operating modes (Sniffer/Logger/NIDS)
      • Explore Snort in network sniffer mode
      • Explain OSI Model and relevant Snort sniffing options
      • Explore Snort in ASCII and Binary (TCPDUMP) logging modes
      • Output Snort logs to ASCII text format and examine the results
      • Output Snort logs to binary format and examine the results
      • Implement Snort with BPF to filter traffic
      • Generate traffic from remote Windows 2003 and Linux hosts
      • Use Snort with Berkeley Packet Filter (BPF) to parse logs
      • Implement Snort in NIDS modes
      • Explore the snort.conf file and discuss rules
      • Explain Logging and Alerting output options
      • Perform port-scans from remote Linux systems and analyze Alerts
      • Configure Snort to log to SYSLOG
    •  

LinuxCBT SLES-9x Edition

  •  
DEMO