KB0141 - RedHat Linux Network Administration

Course Length: 30 hrs

Course Description:

This course teaches Linux systems administrators develop their skills to build and configure common network services and security administration using Red Hat Linux. This course is updated for building skills on Red Hat Enterprise Linux

Who Should Attend:

Linux system administrators who already have some real world experience with Red Hat Linux systems administration and for those who want to enhance their skills in networking services and security.

Benefits of Attendance:

Upon completion of this course, students will be able to:

- Setup a Red Hat Linux server Network Infrastructure.

- Configure common network services and security at a basic to advanced level.

Prerequisites:

Students should have taken Red Hat Linux System Administration or have equivalent experience with Red Hat Linux. Students should also have LAN/WAN fundamentals or equivalent and Internetworking with TCP/IP or equivalent.

Course Outline:

Chapter 1: Advanced Filesystem Management

Software RAID Configuration

Software RAID Recovery

Converting LVM1 to LVM2

Creating Logical Volumes

Resizing Logical Volumes

The Linux Quota System

Chapter 2: Introduction To Network Services

Red Hat Linux Network Components

Connecting Networks

Service Management

chkconfig

xinetd Services

The xinetd Daemon

Fault Analysis

Chapter 3: Network Configuration

Device Recognition

Network Interfaces

mii-tool

ifconfig

ifup/ifdown

Interface Configuration Files

Configuration Utilities

Binding Multiple IP Addresses

DHCP/BOOTP

Global Network Parameters

Default Route

Static Routes

Name Resolution

DNS Client Configuration

DNS Utilities

Network Diagnostics

Chapter 4: DNS Server Setup and Configuration - Organizing Networked Systems (BIND)

DNS Basics

Internet DNS Hierarchy

Name Server Hierarchy

Client-side DNS

Server-side DNS

Berkeley Internet Name Domain (BIND)

Configuring BIND

Configuration File Basics

Address Match Lists and acl RNDC

Zone Files

Main Record Types

Delegating Subdomains

Caching-only Name Server

BIND Utilities

BIND Syntax Utilities

Configuring the DHCP server

Chapter 5: Network File Sharing Services (NFS)

Configuring NFS services

Configuring NFS Server

Configuring NFS Client

Configuring File and Directory Sharing

Configuring FTP services

Chapter 6: SAMBA Installation and Configuration  (SMB)

Samba Services

Samba Daemons

Configuring Samba

Configuring File and Directory Sharing

Printing to the Samba Server

Authentication Methods

Samba Client Tools: smbclient and smbmount

Chapter 7:  E-Mail Server Administration - Electronic Mail Services (SENDMAIL)

sendmail Features

Security and "Anti-Spam" Features

An Email Review

Simple Operational Overview

Main Configuration Files

sendmail Configuration with the m4 Macro Language

sendmail Client Configuration

Blacklisting Recipients

Debugging sendmail

Postfix

Using Postfix

Additional postfix Configuration Files

procmail Local Delivery

Chapter 8: Web Server Administration - The HTTP Service (APACHE)

Apache Features

Apache Configuration

Apache Server Configuration

Virtual Hosts

Apache Namespace Configuration

CGI

Apache Encrypted Web Server

Squid Web Proxy Cache

Chapter 9: Security Concerns And Policy

Security Terms

Basic Network Security

Which Services Are Running?

Remote Service Detection

Definitions of Security

Security Policy

Backup Policies

Chapter 10: Authentication Services

Authentication Basics

Service Profile: PAM

PAM Operation

Core PAM Modules

Authentication Modules

Password Security

Password Policy

Resource Limits

User Access Control

Single User Mode

Authentication Troubleshooting

NIS Overview

NIS Server Topology

Configuring an NIS Server

NIS Client Configuration

NIS Troubleshooting

Chapter 11: System Monitoring

Introduction to System Monitoring

File System Analysis

Set User and Group ID Permissions

Typical Problematic Permissions

EXT2 Filesystem Attributes

Monitoring Data Integrity with tripwire

Configuring tripwire

System Log Files

syslogd and klogd configuration

Advanced syslogd configuration

Log File Analysis

Monitoring and Limiting Processes

Monitoring Processes with top

Monitoring Processes Graphically

System Activity Reporting

Process Accounting Tools

Chapter 12: Securing Networks

Packet Filtering Capabilities

Netfilter Architecture

Netfilter Packet Flow

Chain Operations

Rule targets

Rule Matching

Network Address Translation(NAT)

Connection Tracking

Rule persistence

The "Bastion Host"

Chapter 13: Securing Services

SystemV Startup Control

Securing the Service

tcp_wrappers Configuration

Daemon Specification

Client Specification

Advanced Syntax

xinetd-based security

xinetd Access Control

Host Patterns

Advanced Security Options

Chapter 14: Securing Data

The Need For Encryption

Cryptographic Building Blocks

Random Numbers

One-Way Hashes

Symmetric Encryption

Asymmetric Encryption

Public Key Infrastructures

Digital Certificates

Generating Digital Certificates

OpenSSH Overview

The OpenSSH

OpenSSH Authentication

Protecting Your Keys

Applications: RPM