LinuxCBT | UnixCBT Editino - Includes Modules Below

LinuxCBT | UnixCBT are the most comprehensive and cost-effective GNU/Linux, Unix, and Open Source training solutions available!
Both entail the following 35 offerings, spanning 735 hours of content:

Code:

                Operating Systems | Infrastructure
                    LinuxCBT IPv6 Edition
                    LinuxCBT EL-5 Edition
                    LinuxCBT feat. Debian4x Edition
                    LinuxCBT feat. SUSE 10 Ent. Edition
                    UnixCBT feat. Solaris 10 Edition
                    LinuxCBT EL-4 Edition
                    LinuxCBT feat. SUSE 9 Ent. Edition
                    LinuxCBT feat. Debian3x Edition
                    LinuxCBT Classic Edition
                Security Technologies
                    LinuxCBT Security Edition - /Includes Modules Below/
                    LinuxCBT Basic Security Edition
                    LinuxCBT Proxy Edition feat. Squid
                    LinuxCBT Firewall Edition feat. IPTables
                    LinuxCBT SELinux Edition
                    LinuxCBT NIDS Edition feat. Snort
                    LinuxCBT Packet | Capture | Analysis Edition
                    LinuxCBT PAM Edition
                    LinuxCBT OpenSSHv2 Edition
                    LinuxCBT feat. OpenPGP Edition
                Database Management Systems (DBMS) Technologies
                    LinuxCBT DBMS Edition feat. MySQL 5.x
                Messaging | Mail Server Technologies
                    LinuxCBT Mail Edition - /Includes Modules Below/
                    LinuxCBT Sendmail v8 Edition
                    LinuxCBT Postfix 2.x Edition
                    LinuxCBT qmail Edition
                Scripting | Automation Technologies
                    LinuxCBT Scripting Edition - /Includes Modules Below/
                    LinuxCBT BASH Edition
                    LinuxCBT Perl Edition
                    LinuxCBT Python Edition
                    LinuxCBT PHP Edition
                    LinuxCBT Regular Expressions (RegEx) Edition
                    LinuxCBT Awk & Sed Edition
                    LinuxCBT feat. KornShell Edition
                    Linux | Windows Integration Technologies
                    LinuxCBT Samba 3.x Edition
                Directory Services - LDAP
                    LinuxCBT feat. OpenLDAP Edition
                    LinuxCBT | UnixCBT Suite Editions - Hardware & Software
                    LinuxCBT Site Server Edition /Suite + NAS/
                    LinuxCBT Enterprise Server Edition /Suite + NAS/
                    LinuxCBT | UnixCBT Suite Edition /All Software Editions/

LinuxCBT Classic Edition 10CD iso

Traditional training outlets do not compare because they tend to
deliver canned certification courses, which means little to serious
IT-professionals and savvy hiring managers. Our Linux training
solution, LinuxCBT, is unparalleled in content, depth and expertise.
LinuxCBT prepares you or your organization for successfully deploying
and managing business-critical RedHat Linux-based desktop and server
solutions. Let LinuxCBT teach you what traditional training outlets and
other CBTs do not; real RedHat Linux skills!

LinuxCBT Classic Edition includes both Client Management and Server Management Components.

LinuxCBT Classic Edition - GNU/Linux Basics - Module 1

LinuxCBT.Classic.Edition.CD1


* Introduction to the GNU/Linux operating system - Basics
o Discussion of the Free Software Foundation's efforts to deliver ubiquitous UNIX!
o Emphasize the role and importance of the GNU project
o Identification of various Linux distributors including Debian, Mandrake, RedHat, etc.
o Introduction to the widely-used RedHat Linux distribution
o Explore Linux system documentation (man, info, GNOME, etc.)
o Explain the Filesystem Hierarchy Standard (FHS) - UNIX is one big directory!
o Explore the Linux file system
o Identify the various interfaces to Linux
o Discuss the role and release rules of the Linux Kernel
o Demonstrate usage of file & directory tools (pwd, ls, cd, touch, cp, mkdir, mv, rm, which, rpm)
o Basic BASH shell navigation & PATH & variable manipulation (set,unset,env,export,etc.)
o Explore usage of common user-tools (cat, echo, find, locate)
o Demonstrate typical usage of vi/vim ASCII text editors
o Installation & implemenation of pine mail reader and pico text editor
o Demonstrate typical usage of the king of all UNIX/Linux editors; EMACS
o Explain & demonstrate standard in, standard out, redirection & pipes
o Demonstrate usage of backup/restore tools (tar, gzip, gunzip)
o Identify basic utilities and package memberships
o Demonstrate usage of system monitoring tools (uptime, free, top, vmstat, meminfo, cpuinfo, ps, kill, watch)
o Identify the various types of files on Linux systems
o Identify Filesystem tools (fsck, fdisk, mkfs, parted)
o Mounting/unmounting basic Linux floppy, CD & ISO files
o Identification of major online open source repositories (sourceforge, freshmeat, etc.)

LinuxCBT Classic Edition Client Installations - Module 2

LinuxCBT.Classic.Edition.CD2

* Perform client Installations - Disc 2
o Planning the installation - identify software, hardware requirements & disk partitioning defaults
o Demonstrate complete upgrade
o Demonstrate complete client installation from bootable CD
o Create network-based source-tree on a centralized server for installation
o Prepare for network-based FTP installation - create bootable media/obtain patches/etc.
o Demonstrate complete client installation from FTP server
o Prepare for network-based Kickstart automated installation via Network File System (NFS)
o Create Kickstart installation source tree
o Perform Kickstart automated installation via NFS

LinuxCBT Classic Edition Desktop/Workstation Environment - Module 3

LinuxCBT.Classic.Edition.CD3

* Post client installation acclimation, exploration and configuration - Disc 3
o Discuss X-Windows client/server concepts, applications & security
o Learn how to configure X-Windows to support your hardware
o Discussion of window managment concepts and applications
o Customize desktop environment for GNOME & usage
o Customize desktop environment for KDE & usage
o Explore the shell interface including common tools, utilities, semantics, etc.
o Implement Mozilla web browser
o Confiure the Java JRE as a plug-in for the Mozilla web browser and evaluate results
o Implement Java Runtime Environment (JRE/J2SE) for system-wide access to Java applets/etc.
o Implement Macromedia Flash plug-in and configure support in Mozilla and evaluate results
o Download & Install Netscape web browser
o Configure Java & Flash support for Netsacpe and evaluate results
o Implement Ximian Evolution POP3/IMAP/Microsoft Exchange email client
o Implement & explore RDESKTOP terminal services desktop
connectivity to Windows 2003/2000/XP servers running Remote Desktop
Protocol (RDP)
o Demonstrate typical RDESKTOP Windows usage for productivity, multitasking and connectivity
o Upgrade RDESKTOP to version 1.3.1 & Remove RDESKTOP 1.2.x
o Demonstrate some of the new capabilities of RDESKTOP 1.3.x
o Troubleshoot common X-Windows and client-related problems
o Implement AT&T's VNC server screen emulation program for multiple remote desktop access

LinuxCBT Classic Edition Client Network Concepts and Applications - Module 4

LinuxCBT.Classic.Edition.CD4

* Linux client network administration essential concepts and applications - Disc 4
o User and group creation & management concepts - passwd, shadow, group, gshadow files
o Compile and install John The Ripper Password Cracking tool
o Validate password integrity with John The Ripper Password Cracking Tool
o Explain UNIX/Linux file security & permissions (-rwxrwxrwx/777) rules & concepts
o Discuss and demonstrate the client/server paradigm and distributed computing concepts
o Identify & demonstrate usage of common client/server tools(SSH/HTTP/FTP/IMAP/POP3/SAMBA/etc.)
o Demonstrate LFTP (Sophisticated FTP Client Software) usage
o Use LFTP to connect to FTP & HTTP servers
o Use LFTP to recover broken uploaded/downloaded transmissions
o Use LFTP to mirror & reverse mirror the content of local and remote servers
o Linux networking primer - Identify key Linux networking components
o Implement DHCP IP addressing with Cisco PIX Firewall DHCP Server integration
o Configure Linux client for DHCP configuration from a Cisco PIX firewall
o Configure Linux client with static TCP/IP parameters for network communication
o Test network connectivity internally and externally via ICMP & TCP-Port querying methodologies
o Explore all graphical redhat-* & redhat-config-* configuration tools
o Configure Network Time Protocol (NTP) via GUI & Shell interface to perform time synchronization
o Discuss and implement Samba(SMB) connectivity to Windows 2003 Server
o Implement client printing services via Common UNIX Printing
System (CUPS) to Windows 2003 Server & HP JetDirect-enabled printer.
o Discuss and implement NFS connectivity to Linux hosts and Windows 2003(NFS)
o Evaluate RedHat Package Manager (RPM) to add/upgrade/remove applications
o Discuss & demonstrate Backup & Restoration procedures
o Discuss scenarios and create Linux Rescue disk for emergency system recovery

LinuxCBT Classic Edition Server Installations - Discs 5

LinuxCBT.Classic.Edition.CD5

* Perform Server Installations of RedHat Linux - Module 5
o Prepare for server installation - verify system BIOS parameters/support
o Demonstrate complete server installation from bootable CD-ROM
o Demonstrate creation of installation source tree for network-based installations
o Demonstrate complete server installation from an Apache HTTP Web server
o Demonstrate complete custom server installation from HTTP Windows 2003 IIS server
o Demonstrate complete custom server installation from FTP server
o Demonstrate complete custom server installation from NFS server
o Prepare for an automated Kicstart installation - identify requirements
o Demonstrate complete server Kickstart automated installation from HTTP Apache Web server
o Demonstrate complete server Kickstart automated installation from FTP Apache Web server
o Connect system via serial communications to Sun Fire V100 SPARC box
o Recap installation methods including caveats

LinuxCBT Classic Edition Server Management - Module 6

LinuxCBT.Classic.Edition.CD6

* Linux Systems Management Concepts & Applications - Disc 6
o Explain Linux Boot process and contrast boot managers - GRUB & LILO
o Discuss the role of the init grandfather process and illustrate logical boot flow
o Explain and demonstrate Runlevel (0 - 6) concepts & applications
o Demonstrate Daemon/Service management with (chkconfig/ntsysv/redhat-config-services)
o User profile implementation logic and concepts - (Bash profile/etc/skel/aliases/PATH/etc.)
o Quota management - user-based, group-based and disk-based quota implementation
o Introduce, partition using FDISK and create an EXT3
journaling file system of 100GB of additional system storage. Identify
paritions in /proc virtual file system

* Discuss RedHat Package Manager (RPM) concepts, features and applications
o Demonstrate usage of RPM to ascertain available packages
o Demonstrate usage of RPM to import public keys of package publishers
o Demonstrate usage of RPM to verify the integrity of downloaded packages
o Demonstrate usage of RPM to add new packages locally
o Demonstrate usage of RPM to add new packages from a Windows 2003 FTP server
o Demonstrate usage of RPM to add new packages from an HTTP server
o Demonstrate usage of RPM to upgrade packages
o Demonstrate usage of RPM to freshen packages
o Demonstrate usage of RPM to remove packages

* Introduction to SYSLOG concepts
o Explanation of syslog facilities & levels
o Demonstrate syslog administration
o Demonstrate Cisco to Linux SYSLOG functionality
o Discuss & demonstrate automatic log rotation and customization

* Kernel Management
o Demonstrate Linux Kernel upgrade procedures
o Use RPM to install multiple kernels and verify functionality
o Use RPM to remove outdated kernels

LinuxCBT Classic Edition Network Administration - Module 7

LinuxCBT.Classic.Edition.CD7

* Linux Network Administration Essentials - Module 7
o Discuss & demonstrate the usage of commonly used networking tools:
o PING - Demonstrate PING flooding of remote hosts - ICMP Attack Techniques
o PING - Cisco PIX Integration & Debugging of ICMP Echo Requests/Echo Replies
o Traceroute - Cisco PIX Integration & provisioning of ICMP traffic types
o MTR (PING & Traceroute functionality) plus Cisco PIX debugging of ICMP data flow
o ARP
o NETSTAT/LSOF
o IFCONFIG
o Route
o DIG & NSLOOKUP
o Whois
o Who, w, wc, last, cat, grep, vi, pico, head, tail, etc.
o Message of the day banners (MOTD), /etc/issue file (pre-login banner/display info.)

* Implement Dynamic Host Configuration Protocol (DHCP) services
o Explain the various steps of the DHCP process
o Configure global & scope-level DHCP options
o Configure IP reservations based on layer 2 MAC addresses
o Disable Cisco PIX DHCP services
o Enable Linux DHCP services
o Configure Windows 2003/XP/Linux clients to receive dynamic addresses from Linux

* Discuss Xinetd super server concepts and applications
o Identify services controlled by Xinetd
o Enable & disable Xinetd-controlled services & examine results
o Implement access control on Xinetd controlled services
o Implement Xinetd IP and port-level daemon redirection
o Discuss Xinetd & TCP Wrappers relationship and dual-layer security benefits

* Implement Very Secure VSFTPD File Transfer Protocol (FTP) services
o Implement anonymous FTPD
o Implement user-level FTPD access
o Implement FTPD banners
o Disable anonymous access
o Configure VSFTPD to run under the auspices of Xinetd super server for increased security
o Implement bandwidth rate-limiting to control bandwidth usage

* Discuss Linux & Windows Integration via Samba
o Install Samba support
o Install Samba Web-based Administration Tool (SWAT)
o Configure Samba file & print sharing
o Evaluate access to Samba file & print server
o Configure Samba Windows Internet Name Server (WINS) support
o Evaluate Windows XP/2003 client access to Samba-WINS server

* Discuss the Network File System (NFS) concepts and Linux support
o Implement the NFS daemon
o Review /etc/exports parameters and options
o Evaluate access to NFS exports
o Implement NFS connectivity across a WAN connection via IPSEC VPN-connectivity

* Discuss the CRON scheduling system concepts and application
o Identify various predefined CRON entries and schedules
o Define custom cron jobs system-wide
o Define custom cron jobs user-wide
o Evaluate results of cron jobs

* Implement the Berkeley Internet Daemon (BIND) Domain Name Server (DNS)
o Implement BIND 9.x
o Configure BIND as a caching-only DNS server
o Test caching-only name resolution from Windows 2003 & Linux hosts
o Secure access to caching-only/recursive name server via ACLs
o Configure BIND as a primary DNS server
o Test primary name resolution from Windows 2003 & Linux hosts
o Configure BIND as a secondary(slave) DNS server
o Restrict communications between primary & secondary DNS servers
o Implement updates between master and secondary DNS servers via IPSEC VPN
o Configure DNS zones on Linux BIND & Windows 2003 DNS - activate replication
o Implement poor man's load balancing using DNS round robin
o Evaluate results of BIND configuration using DIG
o Configure DNS zones
o Configure zone transfers
o Configure secure-zone transfers
o Evaluate BIND's configuration files named.conf & named.custom
o Configure BIND sub-domain delegation. i.e. internal.linuxcbt.net
o Configure BIND to support reverse domains
o Configure Linux/Windows 2003 clients to use Linux BIND DNS server
o DNS Transaction Signatures (TSIG) implemenation
o Identify BIND logging information for troubleshooting purposes
o Configure BIND DNS with IP Aliasing (Sub-Interfaces) to host DNS on separate IP address

* Implement Network Monitoring & Graphing tools using SNMP, etc.
o Implement Multi Router Traffic Grapher (MRTG)
o Graph Cisco Firewall with MRTG
o Implement Cacti Network Graphing Tool
o Download and Install Cacti and required components (RRDTool, MySqL, etc.)
o Explore Cacti Interface, options, etc.
o Graph Cisco, Linux & Windows 2003 resources with Cacti using SNMP & Scripts

* Implement Network Time Protocol (NTP) & Time Synchronization services for local subnets
o Discuss features and distributed nature of the hierarchial NTP service
o Ascertain and select optimal Stratum 1 NTP servers for synchronization
o Review default NTP configuration
o Configure NTP to synchronize with NTP servers
o Configure internal Linux clients to syncrhonize with internal Stratum 2 NTP server
o Configure Cisco PIX firewall to synchronize with internal Stratum 2 NTP server
o Use NTP-related tools such as NTPQ, NTPTRACE to ascertain NTP-related information

LinuxCBT Classic Edition Linux Apache MySQL PHP (LAMP) - Module 8

LinuxCBT.Classic.Edition.CD8

* Linux Web Services - Apache/Tomcat/CGI/WebLogic - Module 8
o Discuss Apache Web Server's history, ubiquity (netcraft stats) and reliability
o Explain Apache Web Server's capabilities (Virtual directories, modules, WebDav, etc.)
o Implementation of Apache Web Server 2.x
o Evaluate installation/implementation results of Apache Web Server 2.x
o Demonstrate implementation of aliases & redirects via mod_alias
o Restrict access to aliases and test access from Linux & Windows 2003 nodes
o Examine implications of alias & redirect access on access & error logs from multiple hosts
o Demonstrate implementation of virtual directories
o Demonstrate configuration of several virtual hosts
o Discuss and implement Apache 2.x logging system per virtual host
o Configure basic authentication to virtual hosts containers via .htaccess & Directory directives
o Configure digest authentication to virtual hosts containers via Directory & .htaccess directives
o Configure SSL support for the virtual hosts
o Demonstrate SSL support without certificate provided by Certificate Authority
o Implementation of Webalizer Log Analysis software
o Customization of Webalizer to automatically generate reports for multiple virtual hosts
o Implementation of AWSTATS Log Analysis software
o Customization of AWSTATS to automatically generate reports for multiple virtual hosts

* Dynamic web sites - Common Gateway Interface(CGI) & scripting engine discussion & implementation
o Implement CGI access to Linux via Apache & PERL scripts
o Discuss benefits of PHP Dynamic Web Access Scripting Engine
o Implementation of PHP Dynamic Web Access Scripting Engine
o Evaluate PHP Dynamic Web Access Scripting Engine installation results
o Execute sample PHP web pages on Apache Web Server 2.x

* Application Servers - Java J2EE Platform integration with Linux
o Discuss benefits of Apache Tomcat Dynamic Web Scripting(JSP)/Java Servlet Engine
o Implementation of Sun's Java Development Kit (JDK) 1.4.x for Apache Tomcat support
o Implementation of Apache Tomcat Dynamic Web Scripting(JSP)/Java Servlet Engine
o Evaluate Apache Tomcat Dynamic Web Scripting(JSP)/Java Servlet Engine installation results
o Execute sample Apache Tomcat Dynamic Web Scripting(JSP)/Java Servlet applications
o Discuss benefits of BEA Weblogic JSP/Servlet/Enterprise Java Beans Engine
o Implementation of BEA Weblogic JSP/Servlet/Enterprise Java Beans Engine
o Evaluation of BEA Weblogic JSP/Servlet/Enterprise Java Beans Engine results
o Execute sample applications on BEA Weblogic JSP/Servlet/Enterprise Java Beans Engine
o Discuss benefits of Jboss J2EE JSP/Servlet/Enterprise Java Beans Engine
o Implementation of Jboss JSP/Servlet/Enterprise Java Beans Engine
o Evaluation of Jboss JSP/Servlet/Enterprise Java Beans Engine results
o Execute sample applications on Jboss JSP/Servlet/Enterprise Java Beans Engine

LinuxCBT Classic Edition Messaging Applications - Module 9

LinuxCBT.Classic.Edition.CD9

* Linux Messaging Essentials & applications - Module 9
* Discussion of messaging concepts and applications
* Sendmail MTA Essentials
o Introduction to Sendmail Message Transfer Agent (MTA)
o Implementation of Sendmail
o Configure Sendmail to relay messages for remote hosts
o Configure Sendmail to support virtual hosts/multiple domains
o Evaluate results of routing messages to multiple domains using Sendmail
o Sendmail logging capabilities
o Implement AWSTATS log reporting engine to generate HTML sendmail reports

* Postfix MTA Essentials
o Introduction to the Postfix Message Transfer Agent (MTA)
o Install Postfix
o Install Mail Transfer Agent (MTA) administrative switching tools
o Switch system from Sendmail to Postfix as default MTA
o Explore Postfix configuration files and directory structure
o Implement outbound messages via Postfix
o Confirm receipt of outbound messages on publicly-accessible systems
o Configure Postfix to support virtual domains
o Build Postfix virtual user mappings for virtual domains support
o Test virtual domains via external messaging sources

* Post Office Protocol Version 3 Essentials
o Discuss the capabilities and limitations of POP3
o Implement POP3 services
o Implement secure POP3 services
o Demonstrate access to POP3 services from the client perspective
o Implement Secure POP3 services using SSL with self-signed certificate

* Internet Messaging Access Protocol (IMAP)
o Discuss the capabilities and limitations of IMAP
o Implement IMAP services
o Demonstrate access to IMAP services from the client perspective
o Implement Secure IMAP services using SSL with self-signed certificate

* Web-based Mail Implementation using Squirrel-mail
o Describe required squirrel mail components for web-mail integration
o Install squirrel mail on Internet production system
o Configure squirrel mail defaults for linuxcbt.net domain
o Verify Sendmail virtual hosting configuration for linuxcbt.net domain
o Verify IMAP configuration
o Configure Apache alias for squirrel mail integration
o Configure Apache Virtual Host for squirrel mail integration
o Configure BIND DNS services for squirrel mail integration
o Explore squirrel mail's web-based interface
o Generate mail from various remote domains (hotmail.com, etc.) and retrieve with squirrel mail

Linux Concepts/Offensive/Defensive Security Implementation Techniques - Module 10

LinuxCBT.Classic.Edition.CD10

* Secure Shell (SSH) Concepts & Implementation
o SSH client concepts - replacement for clear-text-based Telnet, RCP, FTP protocols.
o Identification of required OpenSSH/OpenSSL components
o Demonstrate SSH connectivity & public key registration
o Implement globally-shared public keys
o Generate RSA & DSA public key/private key pairs
o Configure SSH client and SSHD to authenticate via public/private key pairs
o Authenticate to remote hosts using public/private key pairs
o Use Secure Copy (SCP) to move files
o Port Forwarding implementation
o Port Forwarding integration with Linux & Windows 2003 Server
o X11 Forwarding demonstration
o Use Secure File Transfer Protocol (SFTP) to move files

* Linux Defensive Security Implementation Techniques
o Implement NMAP port scanner and demostrate usage to ascertain open doors
o Discuss & demonstrate operating system fingerprinting techniques with NMAP
o Demonstrate IP-spoofing & packet forging with NMAP
o Discuss the benefits of the NESSUS Security & vulnerability scanner
o Implement Nessus client/server Security vulnerability scanner
o Demonstrate parallel security scanning of local & remote subnets
o Explore Nessus's reporting capabilities (NBE/XML/HTML/etc.)
o Demonstrate Nessus class-based access for corporate usage
o Implement Ethereal network sniffer
o Demonstrate telnet clear-text password theft with Ethereal
o Demonstrate alternative SSH encrypted sessions with Ethereal
o Demonstrate FTP clear-text password theft with Ethereal
o Demonstrate alternative SFTP encrypted sessions with Ethereal
o Implement HPING highly customizable packet forging tool
o Compare & contrast PING with HPING
o Demonstrate IP packet spoofing with HPING & Cisco PIX firewall integration
o Demonstrate HPING's ability to communicate with ICMP-filtered Internet servers
o Demonstrate using HPING to setup a trojan horse backdoor for executing arbritary code
o Implement John the Ripper password cracking tool
o Discuss file and directory security
o Implement chmod,chown,umask,SUID,SGID,etc.

* Linux Defensive Security Implementation Techniques
o Implement Multi-Router Traffic Grapher (MRTG) to establish network performance baseline
o Configure Cisco PIX firewall for MRTG support via Simple Network Management Protocol (SNMP)
o Configure MRTG to generate perfomance & badwidth-related graphs for Cisco PIX firewall
o Implement IP Tables Host-based firewall support
o Configure IP Tables to restrict access to necessary services
o Introduce, discuss & plan the implementation of Snort 2.x Intrustion Detection System (IDS)
o Discuss Snort intrustion detection concepts related to hubs & switches
o Install Snort 2.0 Network-based Intrusion Detection System
o Implement Snort 2.0 network sniffing functionality
o Implement Snort 2.0 sniffing & packet-logging functionality
o Demonstrate Snort's ability to monitor traffic between designated hosts
o Demonstrate password theft using Snort & FTP connections
o Demonstrate password theft using Snort & Apache HTTP basic authentication connections
o Implement Snort 2.0 Network-based Intrusion Detection System
o Implement SnortSnarf for web-based reporting of Snort 2.0 logs
o Examine SnortSnarf reports via SSL-enabled web session
o Demonstrate how to implement port mirroring on Cisco Catalyst switches
o Implement Network Address Translation (NAT)
o Discuss & Implement Port Address Translation (PAT)
o Implement TCP Wrappers
o Configure Xinetd to suppress access to the system from port-scanners
o Discuss & Disable Portmap services

RHEL 4 LinuxCBT RedHat Enterprise Linux 4 Edition

LinuxCBT.EL4.Edition


LinuxCBT Enterprise Linux 4 Edition focuses on the RedHat Enterprise 4 GNU/Linux operating system. It is the successor to LinuxCBT Classic Edition.

LinuxCBT EL-4 Edition, is unparalleled in content, depth and expertise.
LinuxCBT EL-4 Edition prepares you or your organization for
successfully deploying and managing business-critical RedHat
Enterprise 4-based solutions. Let LinuxCBT EL-4 Edition teach you what
traditional training outlets and other CBTs do not; real GNU/Linux
skills!

Workstation Focus - Module 1

* Installations and Usage on Dell PowerEdge Hardware
o Discuss features of RedHat Enterprise Linux 4
o Prepare images for network installation
o Install RedHat Enterprise 4 Workstation on Dell Power Edge Server
o Explore GNOME graphical environment
o Introduction to Bourne Again Shell (BASH) - Globes/environment
o Input (STDIN), output (STDOUT) and standard error (STDERR) redirection
o Pipes
o Command chaining
o BASH for loops

* Common BASH Shell commands - Command Line Interface (CLI)
o pwd, touch, stat, ls - explore useful Linux system commands
o echo, cat - expose ASCII text and integrate with files
o cp - copy files
o mv - move files throughout the file system
o tar - explore features and advantages of tarballs
o gzip, bzip2 - intetgrate with tar and examine Internet archive
o diff - compare and contrast between 2 or 3 files - diff3
o file - discuss logic used to ascertain file type
o find - single and multiple expressions and criteria
o slocate - Compare and contrast with find and create system-wide DB
o w, wall, watch, whereis, which, who - Important w commands
o ps & pstree- explore process lists
o free & top - explore process management with top
o seq, top, jobs, fg, kill, killall, bg - Manage processes using standard tools
o Use grep to process lines
o Use awk to process fields - 30

* Common Network Clients & Utilities
o nano editor
o Convert Unix text files to Windows format using unix2dos
o Convert Windows text files to Unix format using dos2unix
o Retrieve local and remote mail with mutt Mail User Agent (MUA)
o mount - Mount CDs and ISO images - create ISOs with mkisofs
o FTP - explore the standard File Transfer Protocol (FTP) client
o gFTP - Usge GNOME FTP to interact with remote FTP server
o LFTP - basic usage, job control
o LFTP - mirror and reverse mirror content - resume transmission
o LFTP - batch, non-interactive, scripted mode
o Introduction to SSH concepts, implementation, etc.
o Use SSH Client to connect to remote Linux Systems using password authentication
o Identify key SSH-client files (.known_hosts, public/private key pairs,etc.)
o Authenticate to remote Linux systems using alternate credentials
o Use Secure Copy Protocol (SCP) to move data between systems non-interactively
o Use Secure File Transfer Protocol (SFTP) to move data between systems interactively
o Demonstrate how to generate Public/Private key (RSA/DSA) pairs using SSH-Keygen
o Demonstrate using SSH to authenticate to remote Linux hosts without passwords
o Install RedHat Enterprise Workstation on Dell Laptop using HTTP
o Generate Public Key/Private Key pairs for use with file and E-mail encryption
o Demonstrate using E-mail client with GNU Privacy Guard (GPG) Open PGP for E-Mail encryption
o Use Remote Desktop to connect to RDP & VNC remote Linux and Windows hosts

System Configuration - Module 2

* Installation on Dell Poweredge Server
o Prepare Sources on Apache HTTP server
o Burn bootable CD with network drivers for network-based installation
o Remove hardware-based RAID 0 configuration
o Configure hardware-based RAID 5 logical storage
o Commence software installation
o Create custom partitions and mount points during installation
o Configure X11 and confirm installation

* System Initialization
o Explore GRUB
o Explore system recovery mode
o Explore INIT

* System V Linux Runlevel implementation
o Identify key startup files, including scripts (inittab,Sscripts,Kscripts,etc.)
o Explain GNU/Linux System V Init Runlevel (0 - 6) concepts & applications
o chkconfig & ntsysv
o Identify startup log files & entries using DMESG & exploration

* Manage Users and Groups & Permissions
o User and group creation & management concepts - passwd, shadow, group, gshadow files
o Use system-config-users to create and manage users and groups
o chmod/chown/chgrp
o SETGID - Group collaboration
o Explore Hard and Symbolic links including across disparate file systems

* File System Management
o FDISK
o Create Standard Linux Partition
o Make EXT2 File System & mount for general usage
o Use tune2fs to upgrade EXT2 to EXT3 File System
o Remove EXT2 partition and create EXT3-based parition
o FSTAB - explore File System Table
o Use FDISK to create a swap partition
o Create Swap partition using MKSWAP & SWAPON
o Provision additional swap space using swapon & swapoff
o Explore GNU Parted as a partition and file-system management tool
o Use Parted to create EXT?-based and Swap partitions
o Logical Volume Management (LVM) - Discuss concepts and applications
o Allocate partitions for usage with LVM
o Create Physical Volumes
o Create Volume Groups based on Physical Volumes
o Create Logical Volumes based on Volume Groups
o Prepare EXT3-based file systems on LVM-managed storage
o Mount and use LVM Volumes
o Resize LVM Volumes

* Kickstart-based RAID Installation
o Use Kickstart tool to configure automated kickstart process
o Installation via HTTP using Kickstart
o Discuss RAID concepts and configuration
o Configure RAID disk partitions

* RPM Package Management Tool Concepts & Usage
o Query existing packages & file-based packages
o Identify offline and online package repositories
o Install packages
o Upgrade packages
o Freshen packages
o Remove packages

* Kernel Concepts and Management
o Identify and discuss kernel implementation
o Use kernel utils to identify modules and supported hardware
o Discuss proper kernel update procedures
o Download and Install the latest SMP-based kernel
o Confirm results
o Remove outdated kernel and confirm results
o Download and Install the latest Uniprocessor-based kernel
o Examine changes to GRUB and other key directory trees
o SYSCTL - use to view and modify run-time variables

Core Networking Services - Module 3

* Network - Physical & Logical Configuration
o Identify key directories & files for static & dynamic communications
o Configure Linux client with static TCP/IP parameters for network communication
o Explore hotplug -> hwup -> ifup logic
o Use ifconfig to ascertain logical TCP/IP configuration
o Use hwinfo to ascertain installed hardware
o Configure Aliased Ethernet Interfaces to faciliate multiple IP addresses

* Explore System Logging via SYSLOG and Logrotate
o Explore Boot log & System Log
o Explore dmesg
o Explanation of syslog facilities & levels
o Demonstrate syslog administration
o Enable SYSLOG network listener
o Demonstrate Cisco PIX Firewall to Linux SYSLOG functionality
o Explore automatic log rotation and customization via Logrotate
o Configure Logrotate to rotate & compress sample log files

* Implement Network Time Protocol (NTP) Client/Server
o Configure Network Time Protocol (NTP) to perform client/server time synchronization
o Synchronize SUSE Enterprise Linux NTP with additional Linux Stratum 2 NTP server
o Synchronize against Stratum 1 NTP servers

* Dynamic Host Configuration Protocol (DHCP)
o Explain DHCP Concepts & Applications
o Explore DHCP confiuration files
o Configure DHCP subnet with applicable options
o Configure DHCP Reservation based on layer-2 address

* Domain Name System (DNS)
o Configure BIND as a caching-only DNS server
o Implement Master DNS Zone
o Configure Reverse Zone for local subnet
o Implement Dynamic Domain Name System (DDNS) Zones (Forward/Reverse)
o Explain DHCP and DNS update integration options
o Integrate DHCP with DNS via Encypted Transaction Signatures (TSigs)
o Configure Windows 2003 Active Directory to publish DNS Records to Linux Server
o Examine Windows 2003 SRV Records
o Configure Master/Slave Zones with Linux Server
o Evaluate results of BIND configuration using DIG & host
o Implement DNS sub-domains (Third-level domains)

* CRON - System Scheduler
o Explore Cron Implementation
o Explain scheduling options
o Global and scope-based Cron options
o Schedules jobs to run & examine the output
o Configure individual Crontab entries

* Samba Implementation
o Implement Linux & Windows Integration via Samba
o Explore Samba Configuration files
o Implement SMBFS integration with SUSE Enterprise Linux File System
o Mount Windows shares seamlessly using Samba File System (SMBFS)
o Configure FSTAB to support repetitive mounts
o Implement secure SMBFS credentials for mounting
o Install Samba Server support
o Install Samba Web-based Administration Tool (SWAT)
o Configure Samba file sharing
o Configure Samba with multiple NETBIOS aliases
o Install Active Directory (AD) on Windows 2003 Host
o Configure Samba-Active Directory Integration

* Very Secure VSFTPD File Transfer Protocol (FTP) services
o Implement anonymous FTPD
o Implement user-level FTPD access
o Implement FTPD banners
o Disable anonymous access
o Configure VSFTPD to chroot jail users into their home directories
o Implement bandwidth rate-limiting to control bandwidth usage

* Network File System (NFS) Implementation
o Implement NFS Server
o Export shares and discuss options
o Mount NFS exports on remote Linux Host
o Implement AutoFS

* Trivial File Transfer Protocol (TFTP) Implementation
o Install TFTP server
o Backup Cisco PIX firewall configuration using TFTP
o Update Cisco PIX firewall configuration using TFTP

Apache - MySQL - PHP (LAMP) - Disc 4

* Apache Web Server Implementation
o Discuss Apache server's features and concepts
o Examine Apache-RedHat HTTPD CONF hierarchy
o Examine various configuration files
o Implement Apache Mod Alias and ScriptAlias
o Follow SYMLINKS
o Discuss and implement the Directory directive
o Restrict access to content based on IPs and subnets
o Implement user home (public_html) directories for personal web-publishing
o Configure .htacess file with directives
o Configure IP-based Virtual Hosts
o Configure Name-based Virtual Hosts
o Implement Basic and digest authentication schemes
o Explore Apache logging semantics
o Implement Apache logging system per virtual host
o Webalizer Log Analysis software Implementation
o Generate web reports using Webalizer
o Perl CGI - Implementation

* MySQL Relational Database Management System
o Install MySQL Relational Database Management System
o Secure access to MySQL
o Explore MySQL monitor shell-based interface
o Create sample MySQL databases
o Load external data-set from Linux
o Load external data-set from Windows

* PHPMyAdmin - MySQL Web-based Management Interface
o Install PHPMyAdmin for web-based management of MySQL instances
o Explain & Secure access to PHPMyAdmin
o Explore PHPMyAdmin's interface

* Postfix Message Transfer Agent (MTA)
o Introduction to Sendmail Implementation
o Configure Postfix as default MTA
o Introduction to Postfix Message Transfer Agent (MTA)
o Explore the directives in the Postfix configuration files
o Define default values for the FQDN
o Alter myorigin and examine results
o Configure Postfix to route messages using a Smarthost
o Examine how Postfix delivers mail locally
o Configure SMTP Relaying in Postfix
o Use Mutt to demonstrate outbound mail handling using Postfix
o Define SMTP Virtual domains for hosting multiple DNS domains
o Configure Postfix with a production LinuxCBT DNS domain
o Examine Virtual domain routing with production and non-production DNS domains

* Internet Messaging Access Protocol (IMAP) - Dovecot
o Explain IMAP concepts and applications in comparison to POP3
o Implement IMAP services
o Connect to IMAP services from remote Windows Outlook Express client
o Implement IMAPS
o Generate new self-signed SSL certificate for use with IMAPS

* Squirrel-mail Web-based Mail Interface Implementation
o Describe required squirrel mail components for web-mail integration
o Install squirrel mail on SUSE Enterprise Linux system
o Configure Apache virtual directory for squirrel mail integration
o Configure Apache Virtual Host for squirrel mail integration
o Configure BIND DNS services for squirrel mail integration
o Explore squirrel mail's web-based interface

* XMPP - Enterprise Instant Messenger - Jive Messenger
o Download and Install Jive Messenger
o Configure Jive Messenger for usage
o Evaluate IM-connectivity from Linux Jabber-compliant client
o Evaluate IM-connectivity from Windows Jabber-compliant client

Security Implementation Techniques - Module 5

* System Audit & Lockdown
o Identify tools to perform system audit
o Ascertain and document current system state
o Close all superflous services
o Bind necessary services (daemons) to necessary interfaces and logical addresses
o Establish security configuration baseline

* NMAP - Port Scanner and Vulnerability Assessment Tool
o Obtain, and install current version of NMAP
o Identify commonly used NMAPoptions/switches/parameters
o Explain typical TCPhandshake protocol while using NMAP
o Identifiy key NMAP configuration files
o Use NMAP to perform operating system fingerprinting
o Peform subnet-wide ethical scans
o Perform default TCPSYN-based ethical scans of local and remote resources
o Examine the results of scans on remote Cisco firewall with debugging mode enabled
o Perform default TCPConnect-based ethical scans of local and remote resources
o Examine the results of scans on remote Cisco PIXFirewall with debugging mode enabled
o Use NMAPto scan using aliased and spoofed IP addresses
o Peform local ethical scans
o Explore NMAP Front-End Graphical User Interface (GUI)
o Discuss NMAP's features and applications
o Perform Connect/Syn/Fin and various ethical port-scans
o Perform service exposure scans

* XINETD (Enhanced & Secure INETD Super Server Implementation)
o Identify key XINETD configuration files
o Explain the contents and structure of xinetd.conf
o Restrict access to various daemons/services based on hosts & subnets
o Lockdown XINETD-controlled services
o Configure XINETD to restrict number of spawned instances of daemons/services
o Configure XINETD to bind daemons/services to specific sub-interfaces (Virtual IP addresses)
o XINETD logging
o Explore additional XINETD features

* TCP Wrappers concepts & applications
o Identify primary package and key TCP Wrappers configuration files
o Demonstrate disabled TCP Wrappers configurations by attempting connectivity
o Examine pre and post TCP Wrappers configuration effects
o Implement TCP Wrappers for common services
o Test local & remote access to TCP Wrappers-protected host & services

* IPTABLES (Netfilter Linux Kernel-based Firewall)
o Discuss IPTABLES/Netfilter Concepts
o Explore default tables and chains
o Define and test INPUT chains
o Define and test OUTPUT chains
o Create user-defined chain and evaluate results
o Explain IPTABLES default chains/filters and policies
o Examine TCP/ICMP communications pre-IPTABLES chains
o Implement ICMP inbound filtration based on various hosts
o Use Cisco PIX Firewall to verify ICMP debugging
o Filter traffic based on Layer-4 TCP/UDP (Source/Destination Ports) information
o Restrict access to various daemons (SSH/FTP/HTTP/etc.)
o Test connectivity locally and remotely (RedHat/Windows/etc.)
o Implement IP Forwarding between disparate subnets
o Implement Network Address Translation (NAT)

* Nessus Vulnerability Scanner
o Download and Install Nessus Vulnerability Scanner
o Install missing system dependencies
o Generate self-signed SSL certificates
o Perform basic Nessus system configuration and start the daemon
o Use Nessus Linux client to connect to Nessus Server and perform scans
o Examine resuls of scanning Windows 2003 Host
o Examine resuls of scanning Cisco PIX Firewall Appliance

* Secure Shell Daemon - Secure Communications Implementation
o Explore SSHD key configuration files
o Restrict access to SSHD
o Explore SSHD logging
o Configure PVPNs with local port forwarding
o Configure PVPNs with remote port forwarding
o Execute remote commands in non-interactive mode using SSH
o Discuss forced-commands framework
o Configure SUSE Enterprise to accomodate forced-commands
o Test forced-commands for pre-configured accounts for push/pull secure transactions
o Integrate SSHD with Windows 2003 Server and PuTTY SSH client
o Implement PKI with PuTTY SSH
o Use PSCP and PSFTP to communicate securely from Windows 2003 to SUSE Linux

* Snort 2.x Network Intrusion Detection System (NIDS)
o Obtain, and install pre-requisites (libpcap/libpcre/etc.)
o Obtain, compile and install the Snort Network Intrusion Detection System (NIDS)
o Identify and explain key operating modes (Sniffer/Logger/NIDS)
o Explore in network sniffer mode
o Explain OSI Model and relevant sniffing options
o Explore Snort in ASCII and Binary (TCPDUMP) logging modes
o Output logs to ASCII text format and examine the results
o Output logs to binary format and examine the results
o Implement Snort with BPF to filter traffic
o Generate traffic from remote Windows 2003 and Linux hosts
o Use Snort with Berkeley Packet Filter (BPF) to parse logs
o Implement Snort in NIDS modes
o Explore the snort.conf file and discuss rules
o Explain Logging and Alerting output options
o Perform port-scans from remote Linux systems and analyze Alerts
o Configure Snort to log to SYSLOG

Debian GNU/Linux LinuxCBT feat. Debian 4x Edition 5CD







LinuxCBT.Debian.Edition-CD1
LinuxCBT.Debian.Edition-CD2
LinuxCBT.Debian.Edition-CD3
LinuxCBT.Debian.Edition-CD4
LinuxCBT.Debian.Edition-CD5

LinuxCBT feat. Debian4x Edition focuses primarily on the true open-source Debian GNU/Linux 4x operating system.

LinuxCBT feat. Debian4x Edition prepares you or your organization for
successfully deploying and managing business-critical Debian
GNU/Linux-based server solutions. Let LinuxCBT feat. Debian4x Edition
teach you what traditional training outlets and other CBTs do not;
solid Debian GNU/Linux skills!

# Introduction to & Installation of Debian GNU/Linux

* Install Debian Linux Using Various Methods
o Explore network layout
o Identify Debian GNU/Linux distribution sites
o Explain various methods of obtaining Debian GNU/Linux
o Explain the various branches
o Prep the Intel-based system for a minimal installation
o Install Debian Linux on x86 machine using local media and the Internet
o Install Debian Linux on Intel-based x86 machine using CD-ROMs
o Configure the installation process with Server-oriented packages
o Prep the Intel-based system for a PXE network installation
o Identify Network Installation ISO Image repositories
o Configure the installation process with Server-oriented packages
o Prepare VMWare host server
o Install Debian GNU/Linux on VMWare Server

# Debian GNU/Linux Fundamentals

* Explore Linux boot sequence
* Explore Debian GNU/Linux GNOME Desktop Interface & Default Applications
* Basic Debian GNU/Linux Skills
* Demonstrate usage of the following useful commands & concepts
o ls, pwd, cd, cp, mv, rm, mkdir, rmdir, whoami, man, info
o alias, cat, file, chmod, chown, history
o Standard in/out, UNIX Pipes, Redirection, Command Chaining
o ps, df, free, vmstat, top, kill
o less & more, head & tail, find
o which & whereis, w, who
o PING (Packet Internet Groper)
o dig (Domain Information Groper) - used to query DNS servers
o Demonstrate typical usage of the vi text editor
o Demonstrate typical usage the nano text editor
o Tarball Archiving & compression of files & directories with tar|gzip|bzip2|unzip
o Explain UNIX/Linux file security & permissions (-rwxrwxrwx)
o Use mount/umount to access CD-ROM and floppy devices
o Explore /etc/fstab (File system Table file)
o Explore TCP/IP Configuration
o Explore Wget and demonstrate its typical usage to interface to HTTP/FTP servers
o Explore GNU: GREP | Awk | Sed

* Advanced Package Management Tool (APT) Concepts
o Explain classes of Debian GNU/Linux Packages
o Identify Debian GNU/Linux Package Management Tools
o Inventory currently installed DEB packages
o Identify key Advanced Package Tool (APT) configuration files
o Search for Debian GNU/Linux packages using Advanced Package Tool (APT)
o Install/Update/Remove software using APT
o Configure APT to query multiple sources for packages
o Use DPKG to install a DEB package located on an EXT3 File System
o Configure APT to install packages from varying versions of Debian GNU/Linux
o Use Aptitude to manage Debian GNU/Linux packages
o Install Apt-Spy using APT to identify optimal mirrors

* Disk & Volume Management
o Provision additional Storage partitions using FDISK
o Use MKE2FS to provision multiple EXT2 & EXT3 File Systems
o Provision additional Storage partitions using Parted
o Provision additional Swap storage
o Use MKSWAP & SWAPON to enable additional Swap storage
o Update File System Table (FSTAB) to reflect system changes
o Explore Logical Volume Management (LVM) Configuration
o Create volume sets using: Logical Volume Management (LVM)

* Package Management
o Discuss various package management options
o Explore package management repositories
o Use DPKG to install a .deb package
o Install packages using 'apt-get'
o Manage packages using 'aptitude'

* INIT
o Explain Debian GNU/Linux System V Init Runlevel (0 - 6) concepts & applications
o Explore INIT configuration
o Identify key startup files, including scripts (inittab,Sscripts,Kscripts,etc.)
o Switch between run levels and evaluate
o Demonstrate using SSH to authenticate to remote Linux hosts without passwords

* Explore the CRON scheduling daemon & configuration
o Identify key Cron configuration scopes (Global & User)
o Explain Crontab file format and applicable options
o Define custom cron jobs system-wide
o Define custom cron jobs user-wide
o Evaluate results of cron jobs

# Core Network Services

* System Logging via Syslog, Syslog-NG and Logrotate
o Explanation of syslog facilities & levels
o Demonstrate syslog administration
o Demonstrate Cisco to Linux SYSLOG functionality
o Migrate system to Syslog-NG
o Discuss Syslog-NG features and benefits
o Explore automatic log rotation and customization via Logrotate
o Configure Logrotate to rotate & compress sample log files

* IPv4 & IPv6 Configuration
o Identify key files for the transition from DHCP to Static addressing
o Configure Linux client with static TCP/IP parameters for network communication
o Configure Virtual (Sub) Ethernet Interfaces to faciliate multiple IP addresses
o Explain IPv6 addresses (prefixes)
o Explore IPv6 configuration on Linux and Cisco router

* Implement Network Time Protocol (NTP) Client/Server
o Configure Network Time Protocol (NTP) to perform client/server time synchronization
o Identify NTP bounded UDP interfaces
o Synchronize Debian GNU/Linux NTP with RedHat Linux Stratum 2 NTP server
o Configure RedHat Linux NTP server to synchronize with Debian GNU/Linux server

* Trivial File Transfer Protocol Daemon (TFTPD)
o Discuss features and benefits
o Explore TFTPD configuration
o Backup Cisco router and firewall configuration using TFTPD
o Evaluate results

* Very Secure File Transfer Protocol Daemon (VSFTPD) & LFTP Client
o Discuss features and benefits
o Explore configuration
o Test FTP connectivity
o Explore LFTP client features
o Evaluate results

* Telnet Daemon (TELNETD) for temporary clear-text shell communications
o Discuss features and benefits
o Install TELNETD using Aptitude
o Explore configuration and usage
o Examine Message of the day banners (MOTD), /etc/issue file (pre-login banner/display info.)

* Commonly-used Network Utilities
o NETSTAT
o Traceroute & MTR (PING & Traceroute functionality)
o ARP
o IFCONFIG
o Route
o DIG & NSLOOKUP
o Whois

* Dynamic Host Configuration Protocol (DHCP) services
o Explain the various steps of the DHCP process
o Configure global & scope-level DHCP options
o Configure IP reservations based on layer 2 MAC addresses
o Enable Linux DHCP services
o Configure Windows/Linux clients to receive dynamic addresses from Linux
o Examine evidence of clients requesting addresses from DHCPD

* Implement the Berkeley Internet Naming Daemon (BIND) Domain Name Server (DNS)
o Implement BIND 9.x
o Configure BIND as a caching-only DNS server
o Test caching-only name resolution from Linux hosts
o Configure Linux/Windows 2003 clients to use Linux BIND DNS server
o Configure BIND as an Authoritative DNS server
o Test primary name resolution from Windows & Linux hosts
o Configure BIND as a secondary(slave) DNS server
o Evaluate results of BIND configuration using DIG
o Configure DNS zones
o Configure zone transfers
o Evaluate BIND's configuration files
o Implement IPv6 DNS AAAA records & evaluate forward IPv6 name resolution
o Implement IPv6 DNS reverse records & evaluate reverse IPv6 name resolution

* Network File System (NFS)
o Discuss features and benefits
o Explore NFS configuration
o Test NFS on clients and servers

* Implement Linux & Windows Integration via Samba
o Implement SMBFS integration with Debian GNU/Linux File System
o Mount Windows shares seamlessly using Samba File System (SMBFS)
o Configure FSTAB to support repetitive mounts
o Implement secure SMBFS credentials for mounting
o Install Samba Server support
o Install Samba Web-based Administration Tool (SWAT)
o Configure Samba file sharing
o Configure Samba with multiple NETBIOS aliases
o Configure Samba Windows Internet Name Server (WINS) support
o Evaluate Windows XP client access to Debian GNU/Linux Samba server

# Application Services - Linux|Apache|MySQL|PHP (LAMP)

* Web Application Services
o Implement Apache Web Server
o Examine httpd.conf file directives
o Implement virtual directories using Apache and symbollic links
o Implement Redirects using Locate and various Apache directives
o Configure virtual hosts bound to the primary IP address and port
o Configure virtual hosts bound to alternate virtual IP addresses and ports
o Implement Apache logging system per virtual host
o Configure basic authentication to virtual hosts containers via Directory directives
o Configure digest authentication
o Implementation of Webalizer Log Analysis software
o Generate web reports using Webalizer
o Implementation of PHP Dynamic Web Access Scripting Engine
+ Evaluate PHP Dynamic Web Access Scripting Engine installation results
+ Test basic PHP script-processing using sample scripts

* MySQL Relational Database Management System
o Install MySQL Relational Database Management System
o Secure access to MySQL
o Create sample MySQL databases
o Install PHPMyAdmin for web-based management of MySQL instances
o Explain & Secure access to PHPMyAdmin
o Explore PHPMyAdmin's interface

* Postfix MTA
o Install Postfix MTA
o Introduction to Postfix Message Transfer Agent (MTA)
o Use Mutt to demonstrate outbound mail handling using Postfix
o Explore Postfix Configuration

* Post Office Protocol Version 3 (POP3)
o Explain POP3 concepts and applications
o Implement POP3 daemon
o Connect to POP3 daemon using Windows Outlook Express client
o Use Mutt to send SMTP-based messages to POP3 account

* Internet Messaging Access Protocol (IMAP)
o Explain IMAP concepts and applications in comparison to POP3
o Implement IMAP services
o Connect to IMAP services from remote Windows Outlook Express client

* Web-based Mail Implementation using Squirrel-mail
o Describe required squirrel mail components for web-mail integration
o Install squirrel mail on Debian GNU/Linux system
o Configure Apache virtual directory for squirrel mail integration
o Configure Apache Virtual Host for squirrel mail integration
o Configure BIND DNS services for squirrel mail integration
o Explore squirrel mail's web-based interface

# Security Implementation Techniques

* TCP Wrappers (hosts.allow/hosts.deny)
o Discuss TCP Wrappers concepts & applications
o Identify primary package and key TCP Wrappers configuration files
o Demonstrate disabled TCP Wrappers configurations by attempting connectivity
o Examine pre and post TCP Wrappers configuration effects
o Implement TCP Wrappers for common services
o Test local & remote access to TCP Wrappers-protected host & services

* XINETD (Enhanced & Secure INETD Super Server Implementation)
o Upgrade Debian GNU/Linux system from INETD to XINETD
o Identify key XINETD configuration files
o Explain the contents and structure of xinetd.conf
o Restrict access to various daemons/services based on hosts & subnets
o Compare & contrast TCP Wrappers and XINETD
o Secure services with XINETD
o Insert common global xinetd.conf daemon/service defaults
o Configure XINETD to log via SYSLOG
o Configure XINETD to restrict number of spawned instances of daemons/services
o Configure port forwarding of daemons/services
o Configure XINETD to bind daemons/services to specific sub-interfaces (Virtual IP addresses)
o Explore additional XINETD features

* IPTABLES (Netfilter Linux Kernel-based Firewall)
o Discuss IPTABLES/Netfilter Concepts
o Explain IPTABLES default chains/filters and policies
o Examine TCP/ICMP communications pre-IPTABLES chains
o Implement ICMP inbound filtration based on various hosts
o Use Cisco PIX Firewall to verify ICMP debugging
o Filter traffic based on Layer-4 TCP/UDP (Source/Destination Ports) information
o Restrict access to various daemons (SSH/FTP/HTTP/etc.)
o Test connectivity locally and remotely (RedHat/Windows/etc.)

* Network Mapper (NMAP)
o Obtain, compile and install current version of NMAP
o Identify commonly used NMAP options/switches/parameters
o Perform default TCP SYN-based ethical scans of local and remote resources
o Explain typical TCP handshake protocol while using NMAP
o Examine the results of scans on remote Cisco firewall with debugging mode enabled
o Perform default TCP Connect-based ethical scans of local and remote resources
o Examine the results of scans on remote Cisco PIX Firewall with debugging mode enabled
o Use NMAP to scan using aliased and spoofed IP addresses
o Peform local ethical scans
o Identifiy key NMAP configuration files
o Use NMAP to perform operating system fingerprinting
o Peform subnet-wide ethical scans

* Nessus Vulnerability Scanner
o Download, compile, and prepare Nessus vulnerability scanner for deployment
o Implement Nessus client/server Security vulnerability scanner in SSL-mode
o Identify Nessus's key features and explore its graphical interface
o Ethical scan of the local system for vulnerabilities
o Examine scan results via the reporting engine
o Discuss mitigation techniques for suggested vulnerabilities
o Ethical scan of a fraction of the class C subnet by using CIDR
o Examine the scan results and discuss
o Ethical scan of the entire class C subnet
o Examine Nessus process utilization while vulnerability scans are in progress

* Lockdown (Debian GNU/Linux System Lockdown)
o Explain potential network-based entry points to the system
o Identify superfluous daemons/services using NETSTAT & NMAP
o Disable superfluous daemons/services using update-rc.d and proper scripts
o Identify changes in the system as a result of performing the lockdown
o Disable superfluous daemons/services using XINETD
o Restrict source address access to daemons/services using XINETD
o Restrict bind address for daemons/services using XINETD
o Discuss application-layer security for added protection (MySQL/Apache/Sendmail/SSH/Nessus)
o Force SSHD to bind to desired layer-3 IP address for controlled security
o Secure the system using IPTABLES & TCP Wrappers for added security

* TCPDump & Wireshark
o Discuss features and benefits
o Explore TCPDump usage
o Capture interesting traffic
o Analyze with Wireshark

* Snort 2.8x Intrusion Detection System (IDS)
o Obtain, and install Snort pre-requisites (libpcap/libpcre/etc.)
o Obtain, compile and install the Snort Intrusion Detection System (IDS)
o Identify and explain key operating modes (Sniffer/Logger/IDS)
o Run Snort in all three modes and examine the results
o Output Snort logs to ASCII text format and examine the results
o Output Snort logs to binary format and examine the results
o Use Snort with Berkeley Packet Filter (BPF) to parse logs
o Implement Snort with BPF to filter real-time traffic
o Obtain and install requisite MySQL libraries for Snort
o Recompile Snort IDS with MySQL support
o Implement Snort IDS with MySQL integration for real-time reporting
o Implement ACID web-based front-end for examining Snort logs

LinuxCBT feat. SUSE 10 Enterprise Edition focuses exclusively on the SUSE Enterprise 10 Linux operating system.SUSE Linux Enterprise 10
LinuxCBT feat. SUSE 10 Enterprise Edition, is unparalleled in content, depth and expertise. LinuxCBT feat. SUSE 10 Enterprise Edition prepares you or your organization for successfully deploying and managing business-critical SUSE Enterprise 10-based server solutions.
Let LinuxCBT feat. SUSE 10 Enterprise Edition teach you SUSE Enterprise 10 Linux skills!
Recommended Prerequisites:

• Open mind & determination to master Linux and related open-source applications
  
• Basic MS Windows skills
  
• Basic understanding of networking concepts
  
• Access to a spare PC to perform all of the installations and exercises
  

Installation & General Usage - Module 1

• Network-based (HTTP & SSH) Installations
  
  
  
  • Enable Apache HTTPD on Installation server
    
  • Configure SUSE Ent. 10 Server as an HTTP Installation source with Apache
    
  • Discuss system requirements
    
  • Install SUSE Ent. 10 Server via HTTP
    
  • Confirm results
    
  </li>
  
• </li>
  
• Grand Unified Boot Loader (GRUB) & System V Linux Runlevel implementation
  
  
  
  • Explore GRUB configuration
    
  • Explain SUSE Linux System V Init Runlevel (0 - 6) concepts & applications
    
  • Identify key startup files, including scripts (inittab,Sscripts,Kscripts,etc.)
    
  
  </li>
  
• </li>
  
• GNOME & YaST
  
  
  
  • Explore the GNOME Desktop Interface
    
  • Explore YaST, centralized management tool
    
  • Install packages using Yast package manager
    
  
  
  
  </li>
  
• </li>
  
• Basic GNU/Linux Skills - Command Line Interface (CLI) - BASH
  
  
  
  • Introduction to GNOME Terminal
    
  • Demonstrate usage of the following useful commands & concepts
    
  • ls, pwd, cd, cp, mv, rm, mkdir, rmdir, whoami, man, info
    
  • alias, cat, file, chmod, chown, history
    
  • Standard in/out, UNIX Pipes, Redirection, Command Chaining
    
  • ps, df, free, vmstat, top, kill
    
  • less & more, head & tail, diff
    
  • which & whereis, w, who
    
  • Use grep and cut to process delimited log files
    
  • find, locate
    
  • tar, gzip/gunzip, bzip2, zcat
    
  • Explore Pico text editor
    
  • Install and explore Nano text editor
    
  • Convert Windows text files to Unix format using dos2unix
    
  • Convert Unix text files to Windows format using unix2dos
    
  
  </li>
  
• </li>
  
• Common Network Clients
  
  
  
  • File Transfer Protocol (FTP) client
    
  • Install and use LFTP - Sophisticated FTP Client to connect to FTP/HTTP servers
    
  • Mirror and reverse mirror using LFTP to synchronize data
    
  • Wget - HTTP/HTTPS/FTP connectivity
    
  • Explain SSH concepts, implementation, etc.
    
  • Use SSH Client to connect to remote Linux Systems using password authentication
    
  • Identify key SSH-client files (.known_hosts, public/private key pairs,etc.)
    
  • Authenticate to remote Linux systems using alternate credentials
    
  • Use Secure Copy Protocol (SCP) to move data between systems non-interactively
    
  • Use Secure File Transfer Protocol (SFTP) to move data between systems interactively
    
  • Demonstrate how to generate Public/Private key (RSA/DSA) pairs using SSH-Keygen
    
  • Demonstrate using SSH to authenticate to remote Linux hosts without passwords
    
  • Generate Public Key/Private Key pairs for use with file and E-mail encryption
    
  • Demonstrate using E-mail client with GNU Privacy Guard (GPG) Open PGP for E-Mail encryption
    
  • Use Remote Desktop to connect to RDP & VNC remote Linux and Windows hosts
    
  • Use ping, mtr & arp
    
  • Use dig, host, nslookup name resolution clients
    
  • NETSTAT
    
  • IFCONFIG
    
  
  </li>
  
• </li>
  
• top
  

Systems Managment & Configuration - Module 2

• RPM Package Management Tool Concepts & Usage
  
  
  
  • Explain classes of SUSE Linux Packages
    
  • Query existing packages
    
  • Identify offline and online package repositories
    
  • Install packages
    
  • Upgrade packages
    
  • Freshen packages
    
  • Remove packages
    
  • Identify package membership of files on the SUSE system
    
  
  </li>
  
• </li>
  
• Manage Users and Groups & Permissions
  
  
  
  • User profile implementation logic and concepts - (Bash profile/etc/skel/aliases/PATH/etc.)
    
  • User and group creation & management concepts - passwd, shadow, group, gshadow files
    
  • Use YaST to create and manage users and groups
    
  • SETUID
    
  • SETGID - Group collaboration
    
  • Sticky Bit
    
  • Explore Hard and Symbolic links including across disparate file systems
    
  
  </li>
  
• </li>
  
• Paritions, File Systems & Volumes (RAID|LVM)
  
  
  
  • Provision new paritions with FDISK/Parted/YaST & ReiserFS
    
  • Configure RAID 0/1/5/ Volumes
    
  • Implement Logical Volume Management (LVM)
    
  • Provision additional Swap storage paritions and files
    
  • Use MKSWAP & SWAPON to enable additional Swap storage
    
  • Identify allocated swap space to the kernel
    
  • Committ changes for persistence
    
  
  
  
  
  
  
  </li>
  
• </li>
  
• Explore System Logging via SYSLOG-NG and Logrotate
  
  
  
  • Explore Boot log & System Log
    
  • Explanation of syslog facilities & levels
    
  • Discuss SYSLOG-NG features & enhancements
    
  • Demonstrate syslog administration
    
  • Enable SYSLOG network listener
    
  • Demonstrate Cisco PIX Firewall to SUSE Linux SYSLOG-NG functionality
    
  • Explore automatic log rotation and customization via Logrotate
    
  • Configure Logrotate to rotate & compress sample log files
    
  
  
  </li>
  
• </li>
  
• top
  

Core Networking Services - Module 3

• Network - Physical & Logical Configuration
  
  
  
  • Identify key directories & files for static & dynamic communications
    
  • Configure Linux client with static TCP/IP parameters for network communication
    
  • Explore hotplug -> hwup -> ifup logic
    
  • Use ifconfig to ascertain logical TCP/IP configuration
    
  • Use hwinfo to ascertain installed hardware
    
  • Configure Aliased Ethernet Interfaces to faciliate multiple IP addresses
    
  
  </li>
  
• </li>
  
• Implement Network Time Protocol (NTP) Client/Server
  
  
  
  • Configure Network Time Protocol (NTP) to perform client/server time synchronization
    
  • Identify NTP bounded UDP interfaces
    
  • Synchronize SUSE Enterprise Linux NTP with RedHat Linux Stratum 2 NTP server
    
  • Synchronize against Stratum 1 NTP servers
    
  
  </li>
  
• </li>
  
• Dynamic Host Configuration Protocol (DHCP)
  
  
  
  • Explain DHCP Concepts & Applications
    
  • Explore DHCP confiuration files
    
  • Configure DHCP subnet with applicable options
    
  • Configure DHCP Reservation based on layer-2 address
    
  • Enable DHCP with DDNS
    
  • Configure DHCP Failover between SUSE and RedHat Linux Servers
    
  • Test DHCP Failover with Windows 2003 Host
    
  
  </li>
  
• </li>
  
• Domain Name System (DNS)
  
  
  
  • Explore SUSE DNS configuration via YaST
    
  • Configure BIND as a caching-only DNS server
    
  • Implement Master DNS Zone
    
  • Configure Reverse Zone for local subnet
    
  • Implement Dynamic Domain Name System (DDNS) Zones (Forward/Reverse)
    
  • Explain DHCP and DNS update integration options
    
  • Integrate DHCP with DNS via Encypted Transaction Signatures (TSigs)
    
  • Configure Windows 2003 Active Directory to publish DNS Records to SUSE Server
    
  • Examine Windows 2003 SRV Records
    
  • Configure Master/Slave Zones with RedHat Linux Server
    
  • Evaluate results of BIND configuration using DIG & host
    
  • Implement DNS sub-domains (Third-level domains)
    
  
  </li>
  

• 
  
• 
  
• CRON - System Scheduler
  
  
  
  • Explore Cron Implementation
    
  • Explain scheduling options
    
  • Global and scope-based Cron options
    
  • Schedules jobs to run & examine the output
    
  • Configure individual Crontab entries
    
  
  </li>
  
• 
  
• Samba Implementation
  
  
  
  • Implement Linux & Windows Integration via Samba
    
  • Explore Samba Configuration files
    
  • Implement SMBFS integration with SUSE Enterprise Linux File System
    
  • Mount Windows shares seamlessly using Samba File System (SMBFS)
    
  • Configure FSTAB to support repetitive mounts
    
  • Implement secure SMBFS credentials for mounting
    
  • Install Samba Server support
    
  • Install Samba Web-based Administration Tool (SWAT)
    
  • Configure Samba file sharing
    
  • Configure Samba with multiple NETBIOS aliases
    
  • Install Active Directory on Windows 2003 Server
    
  • Integrate SUSE Ent. 10 Server with Windows Active Directory (AD)
    
  • Test Samba-to-Windows integration using 'getent' and authentication
    
  
  </li>
  
• 
  
• Very Secure VSFTPD File Transfer Protocol (FTP) services
  
  
  
  • 
    
  • Implement anonymous FTPD
    
  • Implement user-level FTPD access
    
  • Implement FTPD banners
    
  • Disable anonymous access
    
  • Configure VSFTPD to chroot jail users into their home directories
    
  • Implement bandwidth rate-limiting to control bandwidth usage
    
  • Implement & test banning of unwelcomed anonymous e-mail addresses
    
  • Implement VSFTPD user with redirect to a Samba share
    
  
  </li>
  
• 
  
• Network File System (NFS) Implementation
  
  
  
  • Identify key services/daemons
    
  • Configure NFS Client & Server
    
  • Evaluate NFS connectivity to other Linux hosts
    
  
  </li>
  
• 
  
• RSYNC Implementation
  
  
  
  • Discuss features and benefits
    
  • Implement rsync
    
  • Confirm results
    
  
  </li>
  
• 
  
• top
  

Linux Apache MySQL PHP (LAMP) - Messaging - PureFTPD - Module 4

• Apache Web Server Implementation
  
  
  
  
  • Discuss Apache server's features and concepts
    
  • Examine Apache-SUSE HTTPD CONF hierarchy
    
  • Examine various configuration files
    
  • Implement Apache Mod Alias and ScriptAlias
    
  • Examine user home directories
    
  • Discuss the Directory directive
    
  • Explore redirects
    
  • Configure .htacess file with directives
    
  • Implement Basic and digest authentication schemes
    
  • Configure IP-based Virtual Hosts
    
  • Configure Name-based Virtual Hosts
    
  • Explore Apache logging
    
  • Implement Apache logging system per virtual host
    
  • Webalizer Log Analysis software Implementation
    
  • Generate web reports using Webalizer
    
  • Implementation of PHP Dynamic Web Access Scripting Engine
    
  • Evaluate PHP Dynamic Web Access Scripting Engine installation results
    
  • Test basic PHP script-processing using sample scripts
    
  • Create and test PHP-form with Apache
    
  
  </li>
  
• 
  
• MySQL Relational Database Management System
  
  
  
  • Install MySQL Relational Database Management System
    
  • Secure access to MySQL
    
  • Explore MySQL monitor shell-based interface
    
  • Create sample MySQL databases
    
  • Load external data-set from Linux
    
  • Load external data-set from Windows
    
  • Integrate PHP with MySQL
    
  
  </li>
  
• 
  
• PHPMyAdmin - MySQL Web-based Management Interface
  
  
  
  • Install PHPMyAdmin for web-based management of MySQL instances
    
  • Explain & Secure access to PHPMyAdmin
    
  • Explore PHPMyAdmin's interface
    
  
  </li>
  
• 
  
• Postfix Message Transfer Agent (MTA)
  
  
  
  • Introduction to Postfix Message Transfer Agent (MTA)
    
  • Explore the directives in the Postfix configuration files
    
  • Define default values for the FQDN
    
  • Alter myorigin and examine results
    
  • Configure Postfix to route messages using a Smarthost
    
  • Examine how Postfix delivers mail locally
    
  • Configure SMTP Relaying in Postfix
    
  • Use Mutt to demonstrate outbound mail handling using Postfix
    
  • Define SMTP Virtual domains for hosting multiple DNS domains
    
  • Configure Postfix with a production LinuxCBT DNS domain
    
  • Examine Virtual domain routing with production and non-production DNS domains
    
  
  </li>
  
• 
  
• Post Office Protocol Version 3 (POP3)
  
  
  
  • Explain POP3 concepts and applications
    
  • Implement POP3 daemon
    
  • Connect to POP3 daemon using Windows 2003 Outlook Express client
    
  • Reroute inbound messages using Sendmail to POP3 account for retrieval
    
  • Use Mutt to send SMTP-based messages to POP3 account
    
  
  </li>
  
• 
  
• Internet Messaging Access Protocol (IMAP)
  
  
  
  • Explain IMAP concepts and applications in comparison to POP3
    
  • Implement IMAP services
    
  • Connect to IMAP services from remote Windows Outlook Express client
    
  
  </li>
  
• 
  
• Squirrel-mail Web-based Mail Interface Implementation
  
  
  
  • Describe required squirrel mail components for web-mail integration
    
  • Install squirrel mail on SUSE Enterprise Linux system
    
  • Configure Apache virtual directory for squirrel mail integration
    
  • Configure Apache Virtual Host for squirrel mail integration
    
  • Configure BIND DNS services for squirrel mail integration
    
  • Explore squirrel mail's web-based interface
    
  
  </li>
  
• 
  
• PureFTPD Implementation
  
  
  
  • Explore configuration & enable service
    
  • Test various modes of operation
    
  
  
  </li>
  
• 
  
• Xen Virtualization
  
  
  
  • Discuss features & benefits
    
  • Implement Xen with instance of SUSE Ent. 10 Edition
    
  
  
  
  </li>
  
• 
  
• top
  

Security Implementation Techniques - Module 5

• System Audit & Lockdown
  
  
  
  • Identify tools to perform system audit
    
  • Ascertain and document current system state
    
  • Close all superflous services
    
  • Bind necessary services (daemons) to necessary interfaces and logical addresses
    
  • Establish security configuration baseline
    
  
  </li>
  
• 
  
• XINETD (Enhanced & Secure INETD Super Server Implementation)
  
  
  
  • Identify key XINETD configuration files
    
  • Explain the contents and structure of xinetd.conf
    
  • Restrict access to various daemons/services based on hosts & subnets
    
  • Lockdown XINETD-controlled services
    
  • Configure XINETD to restrict number of spawned instances of daemons/services
    
  • Configure XINETD to bind daemons/services to specific sub-interfaces (Virtual IP addresses)
    
  • XINETD logging
    
  • Explore additional XINETD features
    
  </li>
  
• 
  
• TCP Wrappers concepts & applications
  
• 
  
  
  
  • Identify primary package and key TCP Wrappers configuration files
    
  • Demonstrate disabled TCP Wrappers configurations by attempting connectivity
    
  • Examine pre and post TCP Wrappers configuration effects
    
  • Implement TCP Wrappers for common services
    
  • Test local & remote access to TCP Wrappers-protected host & services
    
  
  </li>
  
• 
  
• IPTABLES (Netfilter Linux Kernel-based Firewall)
  
  
  
  • Discuss IPTABLES/Netfilter Concepts
    
  • Explain IPTABLES default chains/filters and policies
    
  • Examine TCP/ICMP communications pre-IPTABLES chains
    
  • Implement ICMP inbound filtration based on various hosts
    
  • Use Cisco PIX Firewall to verify ICMP debugging
    
  • Filter traffic based on Layer-4 TCP/UDP (Source/Destination Ports) information
    
  • Restrict access to various daemons (SSH/FTP/HTTP/etc.)
    
  • Test connectivity locally and remotely (RedHat/Windows/etc.)
    
  </li>
  
• 
  
• Network Mapper (NMAP)
  
  
  
  • Obtain, compile and install current version of NMAP
    
  • Identify commonly used NMAP options/switches/parameters
    
  • Perform default TCP SYN-based ethical scans of local and remote resources
    
  • Explain typical TCP handshake protocol while using NMAP
    
  • Examine the results of scans on remote Cisco firewall with debugging mode enabled
    
  • Perform default TCP Connect-based ethical scans of local and remote resources
    
  • Examine the results of scans on remote Cisco PIX Firewall with debugging mode enabled
    
  • Use NMAP to scan using aliased and spoofed IP addresses
    
  • Peform local ethical scans
    
  • Identifiy key NMAP configuration files
    
  • Use NMAP to perform operating system fingerprinting
    
  • Peform subnet-wide ethical scans
    
  </li>
  
• 
  
• Nessus Vulnerability Scanner Implementation
  
  
  
  • Download & Install Nessus Client & Server
    
  • Configure & test credentials
    
  • Discuss plug-ins and scopes
    
  • Perform vulnerability scans & evaluate results
    
  </li>
  
• 
  
• TCPDump Traffic Capture
  
  
  
  • Discuss features
    
  • Capture data in ASCII & Binary formats
    
  • Implement Berkeley Packet Filters (BPFs)
    
  • Analyze results
    
  </li>
  
• 
  
• Ethereal Traffic Analysis
  
  
  
  • Discuss features
    
  • Install using YaST
    
  • Analyze TCPDump binary file
    
  • Rebuild interesting TCP sessions
    
  </li>
  
• 
  
• Snort 2.x Network Intrusion Detection System (NIDS)
  
  
  
  • Obtain, and install Snort pre-requisites (libpcap/libpcre/etc.)
    
  • Obtain, compile and install the Snort Intrusion Detection System (NIDS)
    
  • Identify and explain key operating modes (Sniffer/Logger/NIDS)
    
  • Explore Snort in network sniffer mode
    
  • Explain OSI Model and relevant Snort sniffing options
    
  • Explore Snort in ASCII and Binary (TCPDUMP) logging modes
    
  • Output Snort logs to ASCII text format and examine the results
    
  • Output Snort logs to binary format and examine the results
    
  • Implement Snort with BPF to filter traffic
    
  • Generate traffic from remote Windows 2003 and Linux hosts
    
  • Use Snort with Berkeley Packet Filter (BPF) to parse logs
    
  • Implement Snort in NIDS modes
    
  • Explore the snort.conf file and discuss rules
    
  • Explain Logging and Alerting output options
    
  • Perform port-scans from remote Linux systems and analyze Alerts
    
  • Configure MySQL with Snort-compliant schema
    
  • Configure Snort to log to MySQL
    
  • Download & Install BASE web analysis application
    
  • Configure BASE to read alerts from MySQL
    
  • Evaluate results
    
  
  
  </li>
  

UnixCBT feat. Solaris 10 Editon

UnixCBT.feat.Solaris.10

UnixCBT feat. Solaris 10 Edition focuses on the enterprise-trusted, Solaris 10 Operating System (OS).

The coursework focuses on traditional Unix features including:
Bourne/BASH shells, user/group management, file permissions, disk
management, Cron, Network Time Protocol (NTP), Network File System
(NFS), SendMail, and File Transfer Protocol (FTP).

UnixCBT feat. Solaris 10 Edition also covers Solaris 10-specific
features, including but not limited to: Custom installations, Service
Management Facility (SMF) framework, Package & Patch management,
Unix File System (UFS) management, Volume management (RAID-0/1/5),
Solaris Management Console (SMC), Solaris Zones, and the Zettabyte
File System (ZFS).

Additionally, UnixCBT feat. Solaris 10 Edition covers the integration
of key Open Source technologies, including, but not limited to: Grand
Unified Boot Loader (GRUB), GNOME Desktop, Samba, Apache HTTPD, MySQL,
PHP (SAMP), BIND (DNS), Secure Shell Version 2 (SSHv2), GNU Privacy
Guard (GPG (PGP-compliant encryption tools), TCPDump, Snort NIDS, and
Nmap.


Installations

* Local Media (CDROM) Text-based Installation on Dell PowerEdge Hardware
o Discuss features of Solaris 10
o Explore system BIOS
o Configure BIOS for local media booting
o Boot local media and discuss default GRUB options for installation
o Boot installation and discuss installation options
o Discuss system requirements for text & GUI installations
o Discuss single-user mode access
o Boot text-based installation and explain hardware detection process & assignment
o Configure network parameters
o Configure time & locale parameters
o Explore software companion DVD components
o Select appropriate installation package group (Entire Distribution)
o Customize file system slices - /, /export/home, SWAP
o Complete installation of Entire Distribution
o Reboot and confirm boot to the GUI screen

* Pre-Execution (PXE) Nework-based Installation on Dell PowerEdge Hardware
o Explain PXE installation requirements (TFTP, DHCP, etc.)
o Prepare an alternate Solaris server to become an Install Server - ./setup_install_server
o Share Install Server source files using Network File System (NFS)
o Configure SuSE Linux DHCP Server to support the PXE client (Solaris server) using a reservation
o Configure Solaris Install server to support the Solaris client - ./add_install_client
o Explore files created by ./add_install_client to support PXE
o Explain PXE-boot process
o Boot PowerEdge server and configure BIOS to boot using PXE
o Reboot and install Solaris 10 across the network without local media
o Install using Solaris Interactive option
o Configure GUI (KVM) settings for graphical installation
o Configure network parameters
o Configure time & locale parameters
o Confirm additional parameters and NFS path to source files
o Customize file system slices - /, /export/home, /var, SWAP
o Complete installation of Entire Distribution
o Reboot and explore the Grand Unified Boot Loader (s) menu items
o Discuss Service Management Facility (SMF) initial starup process
o Confirm GUI Login

* Console-based (Serial Cisco Firewall Rollover Cable) Installation
o Discuss requirements of serial installation
o Execute ./add_install_client to setup console installation option on appropriate com port
o Boot PowerEdge server and confirm PXE boot
o Select console boot option and confirm GRUB boot option
o Connect to SuSE Linux and use kermit to connect via com1 to the PowerEdge server
o Continue PXE-Console(Serial) installation
o Alter kermit console to resemble a mainframe terminal
o Configure network parameters
o Configure time & locale parameters
o Customize file system slices - /, /export/home, /var, /usr, /opt, SWAP
o Complete installation of Entire Distribution
o Configure X.org GUI parameters using kdmconfig

* Sysidcfg (phase 1) & JumpStart-based (phase 2) Installation - Unattended Installs
o Explain the directives(network,locale,etc.) and application of the 'sysidcfg' file
o Define the 'sysidcfg' file
o Execute ./add_install_client to provide support for 'sysidcfg' file
o Reboot using PXE and install using 'sysidcfg' file, confirming auto-population of directives - phase 1
o Discuss rules regarding JumpStart installation method - phase 2
o Introduction to the 'rules.ok' file
o Discuss 'rules.ok' profile development for classes of users (marketing, development, etc.)
o Define 'rules.ok' profile file with appropriate criteria, validae, and store in NFS-accessible location
o Reboot server, and confirm 'sysidcfg' and 'rules.ok' files in GRUB entry
o Continue JumpStart, unattended installation

* Desktop Console-based Installation with PXE
o Boot using 'sysidcfg' and 'rules.ok' files incorporated in JumpStart option
o Configure X.org using kdmconfig
o Complete unattended remainder of installation

* Flash-based (Snapshot) Installation with PXE and JumpStart Integration
o Discuss ideal environment for implementing flash installations
o Identify the current runlevel and enter single-user mode to prepare flash archive
o Use the 'flar' utility to take a snapshot of the system
o Use Secure Copy (scp) to copy flash archive to NFS server
o Reboot PowerEdge server and perform flash installation
o Compete installation, reboot and confirm initial startup
o Configure JumpStart and flash archive installation
o Configure X.org GUI parameters using kdmconfig
o Customize file system slices - /, SWAP
o Complete installation
o Confirm results - GUI Login

System Administration

* Grand Unified Boot Loader (GRUB) Implementation
o Describe the boot process (BIOS - GRUB - Solaris Kernel - Sched - Init - SMF - Runlevel)
o Discuss the default GRUB menu items
o Explain how GRUB references bootable media
o Boot into single-user mode by modifying GRUB
o Explore the GRUB startup environment

* System Initialization (INIT - PID 1)
o Describe init's invocation
o Peruse init's default configuration file /etc/inittab
o Explain runlevels
o Compare & contrast Solaris & Linux runlevels
o Explore /etc/init.d and /etc/rc* directories

* Service Management Facility (SMF) Framework
o Discuss the adavantages and features of SMF
o Discuss the service configuration database
o Explain support for legacy services
o Discuss the role of service restarters - 'svc.startd' & 'inetadm'
o Describe support for INETD-controlled daemons
o Enumerate services configured on the system, including state information
o Discuss & examine Fault Management Resource Identifiers (FMRIs)
o Discuss service dependencies
o Use 'svcadm' to manage (disable/enable) services
o Break dependencies and evaluate the results
o Use 'inetadm' to manage INETD-related services
o Convert legacy INETD service to SMF-managed service

* GNOME Desktop Environment

o Explore GNOME Desktop
o Identify key features
o Explore the Control Panel interface
o Browse the filie system using Nautilus explorer
o Correlate GNOME Desktop items to files in the user's home directory
o Customize GNOME Desktop
o Create GNOME Desktop launchers (Shortcuts)
o Save configuration

* Shell-based User & Group Management
o Enumerate key user & group management tools
o Analyze the fields in /etc/passwd, /etc/shadow, /etc/group
o Correlate /etc/passwd to /etc/shadow entries
o Create and modify users and groups
o Alter the default encryption algorithm used for passwords
o Add users to groups and evaluate results

* Solaris Management Console (SMC) - Consolidated GUI System Management
o Confirm that 'wbem' is running
o Launch SMC and connect to local 'wbem' instance
o Authenticate and explore the SMC GUI interface
o Peruse key system metrics
o Explore the log viewer interface
o Manage users & groups using SMC
o Define user templates and create users based on those templates
o Examine scheduled jobs and correlate to crontab entries
o Explore mounted file systems

* Bourne Again Shell (BASH)/Bourne Shell Basics
o Distinguish between privileged and non-privileged uses
o Identify the default shell for a given user
o Discuss features of BASH
o Execute BASH
o Discuss pseudo-terminals and how to identify connected terminals
o Modify user's accounts to default to BASH using shell & SMC
o Use 'su' to switch users
o Explore key BASH commands
o Focus on BASH input, output, and error redirection
o Explore BASH command chaining
o Use logical BASH operators (&&, ||) to control program logic
o Discuss and alter BASH global and user-specific configuration files
o Reveal key information using system info commands

* Package Management
o Discus options for managing packages
o Discuss package nomenclature
o Use 'installer' script in GUI & text modes to install packages
o Install packages from the Software Companion DVD sources
o Use 'prodreg' to display currently-installed software
o Install packages using prodreg and evaluate results
o Enumerate existing packages using 'pkginfo'
o Echo package metadata using pkginfo
o Use 'pkgchk' to enumerate package's contents
o Use pkgchk to discover discrepancies in file locations and permissions - auditing
o Determine package membership of files using pkgchk
o Use 'pkgadd' to install packages
o Add packages to the local pacakage repository for subsequent installs

* Patch Management
o Discuss options for managing patches
o Register server with sun.com to obtain patches automatically
o Resolve outstanding patches using Update Manager
o Install selected patches and reboot if necessary
o Confirm patch application
o Analyze patch level using 'smpatch' from the BASH shell
o Install specific patches using 'smpatch'

* Unix File Permissions
o Analyze permissions in 'ls -l' output
o Discuss common Unix file types (files, directories, links, named-pipes, etc.)
o Correlate symbolic permissions values to octal values
o Use 'chmod' to alter file & directory permissions
o Use 'chown & chgrp' to alter file & directory ownership
o Apply SETUID & SETGID permissions to files & directories
o Discuss the rules of symbolic & hard links
o Create hard and soft links - symlinks
o Discuss and examine inodes

* Devices & Drivers Overview
o Explore & correlate logical & physical device locations
o Identify & discuss default driver locations

* Disk, Slice & File System Management

o Explain disk terminology (Tracks/Cylinders/Sectors/Partitions/Slices)

o Examine existing disk layout, including slices using prtvtoc

o Discuss x86 partition constraints - Volume Table of Contents (VTOC) & FDISK

o Illustrate the disk-FDISK-slice hierarchy

o Explain the disk nomenclature: c0t0d0s* (controller, target, disk, slice)

o Identify logical and physical disk/slice locations

o Use 'format' to enumerate connected controllers & disks

o Manipulate slices using 'format'

o Rectify disk geometry issues using fdisk option of 'format'

o Manipulate FDISK partitions with fdisk option of 'format'

o Discuss 'newfs' rules

o Create Unix File Systems (UFSs) using 'newfs'

o Mount newly-created file systems at various locations

o Confirm available storage

o Updated /etc/vfstab, ensuring persistence

o Recap file system provisioning process

o Provision memory-based, Temporary File System (TEMPFS)

o Provision and manage additional SWAP storage (files & file systems)



* Volume Management - State Database Replicas, RAID-0/1/5, Volume Extenstion (growfs)

o Introduction to volume management

o Discuss Replicas, RAID Volumes, Hot Spare Pools, and Soft Partitions

o Create required state database replicas on available slices, using SMC

o Provision RAID-0 (Stripe) using SMC and available disks

o Create UFS file system on RAID-0 volume, mount, and confirm results

o Provision RAID-1 (Mirror) using SMC and available disks

o Create UFS file system on RAID-1 volume, mount, and confirm results

o Provision RAID-5 (Stripe with Parity) using SMC and available disks

o Create UFS file system on RAID-5 volume, mount, and confirm results

o Extend an in-use volume dynamically, using 'growfs'

o Confirm extended volume results



* Quota Implementation

o Discuss the benefits of implementing quotas

o Discuss soft & hard limits

o Discuss inodes and blocks usage

o Examine 'edquota'

o Use 'quotacheck' to confirm quotas

o Enable quotas on a per-file system basis & confirm results

o Test soft & hard limits by generating I/O

o Use 'repquota' to confirm current disk & slice usage



* CRON - Process Scheduling - Automation

o Discuss the benefits of automation & scheduling

o Explore at, and Cron's directory layout

o Explain Cron scheduling fields

o Examine user's cron entries

o Schedule per-user jobs and confirm execution



* SYSLOG - Configuration

o Discuss features & benefits

o Identify key binaries and configuration files

o Discuss Syslog rule components: selectors (facilities & levels) and actions

o Peruse predefined selectors & actions

o Explain options for facilities, levels and actions

o Configure new selectors & actions for Cisco PIX firewall logging

o Confirm logging results



* Log Rotation - logadm

o Discuss features & benefits

o Identify key binaries and configuration files

o Explore default log rotation schedule and items

o Discuss available logadm criteria

o Examine log rotation and effects on inodes



* Zettabyte File System (ZFS) Implementation

o Discuss the features (RAID-0/1/Z, Pools, etc.) and benefits of ZFS

o Discuss ZFS prerequisites

o Create ZFS pools using the Command Line Interface (CLI)

o Set quotas on provisioned ZFS file systems atop the hierarchy and evaluate results

o Manage ZFS storage pools from the CLI

o Extend ZFS storage pools dynamically, while mounted

o Manage ZFS storage pools using the web GUI



Network Administration



* NETSTAT

o Explain 'netstat' applications

o Identify key output features including: address families & protocols

o Use 'netstat' to return the current IP routing table

o Correlate service names in output to /etc/services

o Return protocol-specific entries

o Return active sockets and attached processes

o Reveal DHCP-configured plumbed interfaces



* Network Configuration

o Discuss network configuration modes

o use 'dladm' to reveal the status of connected network interfaces - layer 1

o Explain network interface nomenclature

o Use 'ifconfig' to return layer 2(MAC) & 3(IP) information for network interfaces

o Identify key network services using Service Management Facility (SMF)

o Enumerate key network configuration files for the configuration modes

o Transition from DHCP to static configuration, creating the requisite files

o Reboot and confirm static configuration

o Reveal DHCP-configured plumbed interfaces using 'ifconfig'

o Plumb(Initiate) physical interfaces, commit configuration for persistence & test comms

o Plumb(Initiate) logical interfaces associated with physical interfaces & test comms from Linux

o Explore '/etc/nsswitch.conf' name service configuration file



* Network Time Protocol (NTP) Client/Server Implementation

o Configure Network Time Protocol (NTP) to perform client/server time synchronization

o Synchronize NTP with additional Stratum 2 NTP server

o Synchronize against Stratum 1 NTP servers



* Network File System (NFS) Implementation

o Implement NFS Server

o Export shares and discuss options

o Mount NFS exports on remote Linux Hosts

o Explore AutoFS configuration

o Configure AutoFS mount points



* Samba Implementation

o Focus on key Samba (SMB/CIFS) clients

o Integrate with Windows via Samba

o Explore Samba Configuration files

o Enable Samba Server support

o Explore Samba Web-based Administration Tool (SWAT)

o Configure Samba file sharing

o Configure Samba with multiple NETBIOS aliases



* WUFTPD File Transfer Protocol (FTP) services

o Implement anonymous FTPD

o Implement user-level FTPD access

o Implement FTPD banners

o Disable anonymous access

o Configure WUFTPD to chroot jail users into their home directories

o Configure virtual FTP hosts



* Dynamic Host Configuration Protocol (DHCP)

o Explain DHCP Concepts & Applications

o Explore DHCP confiuration files

o Configure DHCP subnet with applicable options

o Configure DHCP Reservation based on layer-2 address



* Domain Name System (DNS)

o Identify BIND packages & key files

o Construct a standard 'named.conf' configuration file with root hints, forward, and reverse zones

o Download latest root hints file as 'db.cache' using 'wget'

o Construct appropriate zone files to match defined zones in '/etc/named.conf'

o Configure BIND as a caching-only DNS server

o Implement Master DNS Zone

o Configure Master/Slave Zones with Linux Server

o Evaluate results of BIND configuration using DIG & host



* Sendmail Message Transfer Agent (MTA)

o Introduction to Sendmail Implementation

o Explore the directives in the Sendmail configuration files

o Explre aliases

o Test messaging using 'sendmail' binary

o Identify relay-related configuration files

o Configure Virtual Domains



* Internet Message Access Protocol (IMAP) Implementation

o Explain POP3 & IMAP applications

o Download & Install IMAP server using 'wget' , 'gunzip' & 'pkgadd'

o Configure IMAP server to be managed by INETADM (SMF)

o Invoke & test mail retrieval



* Apache Web Server Implementation

o Identify the versions of Apache included with Solaris 10 using SMF & pkg* tools

o Discuss Apache server's features and concepts

o Explore key binaries, configuration files, and documentation

o Discuss key sections & directives in the Apache 'httpd.conf' file

o Setup Apache 2 support

o Implement Apache Mod Alias and ScriptAlias

o Discuss and implement the File, Location & Directory directives

o Explore Apache logging semantics

o Configure IP-based Virtual Hosts

o Configure Name-based Virtual Hosts

o Implement Apache logging system per virtual host

o Webalizer Log Analysis software Implementation

o Generate web reports using Webalizer



* Trivial File Transfer Protocol (TFTP) Implementation

o Install TFTP server

o Backup Cisco PIX firewall configuration using TFTP

o Update Cisco PIX firewall configuration using TFTP



* MySQL Relational Database Management System

o Install MySQL Relational Database Management System

o Explore key configuration files

o Secure access to MySQL

o Discuss security framework

o Discuss default table storage engine, MyISAM, file types

o Explore MySQL monitor shell-based interface



* PHPMyAdmin - MySQL Web-based Management Interface

o Install PHPMyAdmin for web-based management of MySQL instances

o Explain & Secure access to PHPMyAdmin

o Explore PHPMyAdmin's interface



* Postfix Message Transfer Agent (MTA)

o Configure Postfix as default MTA

o Introduction to Postfix Message Transfer Agent (MTA)

o Explore the directives in the Postfix configuration files

o Define default values for the FQDN

o Alter myorigin and examine results

o Configure Postfix to route messages using a Smarthost

o Examine how Postfix delivers mail locally

o Configure SMTP Relaying in Postfix

o Use Mutt to demonstrate outbound mail handling using Postfix

o Define SMTP Virtual domains for hosting multiple DNS domains

o Configure Postfix with a production UnixCBT DNS domain

o Examine Virtual domain routing with production and non-production DNS domains



Security Implementation Techniques



* System Security Overview

o Discuss key areas related to security in a vanilla Solaris 10 installation

o Peruse the 'sulog' log file to identify 'su' instances & explain fields

o Test using 'su' and examine results in '/var/adm/sulog'

o Record failed logins in the '/var/adm/loginlog' file

o Test login failures and examine results in 'loginlog'

o Peruse the directives in '/etc/default/login'

o Adjust 'login' file directive to capture failed login attempts

o Test failed logins using SSH - Compare SSH threshold to system threshold

o Explore system-wide account-policy information using 'logins' command

o Identify the default password encryption algorithm

o Upgrade default password encryption algorithm to MD5 and Blowfish

o Test user-account modifcation of passwords and evaluate encryption strings

* Secure Shell Version 2 (SSHv2)

o Discuss the features and benefits of SSHv2

o Identify SSHv2 SMF FMRI

o Identify global and per-user configuration files

o Explain SSHv2 config file precedence order

o Identify key directives in global and per-user configuration files

o Discuss '~/.ssh/known_hosts' file

o Execute 'ssh' in debug mode and evaluate output, including psuedo-terminal (pty) assignment

o Execute remote commands and return output to local system using 'ssh'

o Use Secure Copy (SCP) to copy files securely and non-interactively between systems

o Use Secure File Transfer Program (SFTP) to copy files securely interactively between systems

o Generate SSHv2 DSA & RSA usage keys for PKI login

o Configure SSHv2 to support PKI (password-less) logins

o Test password-less login to remote systems

o Execute 'ssh' in debug mode and evaluate output, including PKI, password-less login

o Implement '~/.ssh/authorized_keys' file

o Discuss using SSHv2 as a psuedo-VPN via port forwarding

o Use SSHv2 to forward local TCP ports & test communications

o Use SSHv2 to forward remote TCP ports & test communications

o Enable the sharing of locally & remotely forwarded TCP ports



* GNU Privacy Guard (GPG) - Pretty Good Privacy (PGP)-compatible Facility

o Discuss the features and benefits of GPG

o Download GPG package from sunfreeware.com

o Install GPG

o Explore GPG files

o Generate DSA public/private key pair

o Identify available, per-user public/private key pairs on keychains

o Import G/PGP public key and evaluate results

o Sign imported public key and verify signature associated with downloaded content

o Encrypt ASCII text file with appropriate public key and evaluate output

o Decrypt ASCII text with appropriate private key and evaluate output



* Snoop - Packet Sniffing

o Discuss the features and benefits of snoop

o Explain default interface behavior

o Execute 'snoop' and evaluate packet headers

o Capture snoop output to log file

o Use 'snoop' to playback captured packets

o Playback ranges of packets

o Return layers 2-7 of OSI model and evaluate output

o Apply filters, similar to Berkelye Packet Filters (BPFs), and evaluate results

o Adjust time output, relative to current, and first packet captured

o Source FTP traffic from Windows 2003 and snoop credentials passed in clear-text

o Evaulate results



* TCPDump - Packet Sniffing

o Discuss the features and benefits of tcpdump

o Install tcpdump from the Software Companion DVD

o Identify installed package & man pages

o Discuss tcpdump-supported qualifiers for creating expressions & capturing packets

o Execute 'tcpdump' and evaluate captured packets

o Bind tcpdump to specific interfaces for capturing packets

o Apply Berkeley Packet Filters (BPFs) to capture sessions to suppress traffic

o Dump 'tcpdump' capture to log file and evaluate results

o Use 'tcpdump' to playback captured packets

o Source FTP traffic from Windows 2003 host and sniff credentials passed in clear-text

o Source Telnet traffic from Windows 2003 host and sniff credentials passed in clear-text

o Evaluate results



* Snort 2.x Network Intrusion Detection System (NIDS) - Packet Sniffing & Logging

o Discuss the features and benefits of Snort NIDS

o Discuss Snort NIDS pre-requisites (libpcap/libpcre/compiler/etc.)

o Obtain, compile and install the Snort Network Intrusion Detection System (NIDS)

o Identify and explain key operating modes (Sniffer/Logger/NIDS)

o Invoke Snort in network sniffer mode

o Explore Snort in Binary (TCPDUMP) logging mode

o Output logs to binary format and examine the results

o Implement Snort with BPF to filter traffic

o Generate traffic from remote Windows 2003 and Linux hosts

o Use Snort with Berkeley Packet Filter (BPF) to parse logs



* Network Mapper (Nmap)

o Discuss the features and benefits of Nmap

o Download Nmap bzip2 source package from insecure.org

o Compile & install Nmap

o Discuss default TCP-connect scan mode

o Discuss SYN-based scanning

o Use Nmap to perform reconnaisance testing

o Evaluate results



* Solaris Zones - Containers - Virtualization - Instances

o Discuss the features, benefits and limitations of Solaris Zones

o Discuss Global and Non-Global zones

o Identify file system location to house non-global zones

o Use 'zonecfg' to provision non-global zones

o Verify zone configuration using 'zonecfg'

o Install non-global zones using 'zoneadm' and evaluate results

o Login to non-global zones and explore

o Evaluate results

o Manage zones using 'zoneadm'

LinuxCBT DBMS Edition feat. MySQL 5

LinuxCBT.DBMS.Edition.feat.MySQL.5

LinuxCBT DBMS Edition feat. MySQL 5 focuses on the
ubiquitous, high-performance, low-maintenance, highly-available and
scaleable MySQL 5 Database Management System (DBMS).

LinuxCBT DBMS Edition establishes the foundation for successful
deployments and administration of MySQL 5 by exploring many of its
features including but not limited to DML & DDL Statements,
Terminal Monitor, shell-based clients, graphical clients, MyODBC,
storage engines, data imports & exports, and PHP integration.

LinuxCBT DBMS Edition is unparalleled in content, depth and expertise.
It entails 30-hours, or 4+ days of classroom training. LinuxCBT DBMS
Edition prepares you for successfully deploying MySQL-based DBMS
solutions.



Modules:

* MySQL Installation
o Introduction to MySQL 5
o Discuss DBMS system specifications
o Identify existing MySQL-installed components
o Explore file-system layout
o Identify & discuss the various downloadable formats /source|binary|packaged/
o Download MySQL packages to a local repository
o Discuss the key DBMS components
o Confirm md5sums of components
o Install MySQL server package and examine defaults
o Identify key server-side administrative utilities
o Inspect the contents of the default DBMS data-directory
o Install MySQL Client package and explore its contents

* Terminal Monitor Shell Client
o Discuss Terminal Monitor concepts
o Explain the default privileges configuration
o Connect to the DBMS using anonymous privileges
o Explore Terminal Monitor's help facility and useful escape sequences
o Identify the default schemas
o Execute useful SQL functions
o Demonstrate how to execute SQL queries from the shell in non-interactive mode

* User Administration
o Identify the currently logged-in user
o Connect to MySQL DBMS as root and explore the interface
o Attempt to connect to the DBMS as invalid users and discuss the results
o Attempt to connect from a remote host and evaluate results
o Discuss the primary methods of tightening the default security scheme
o Tighten the default privileges for the root user
o Explore the global 'user' grant table & discuss attributes
o Secure anonymous user accounts
o Remove anonymous privileges and confirm enhanced security policy
o Discuss and explore the grant tables and applicable attributes
o Identify the ancillary grant tables that permit granular filtration
o Create new DBMS users and confirm connectivity
o Remove superfluous user accounts
o Discuss permissible host values when defining users
o Create remote super users and test connectivity
o Discuss privileges scopes concepts & applications
o Identify grant tables related to privileges scopes
o Use GRANT to create and manipulate user-privileges
o Create unprivileged accounts and explore capabilities
o Use REVOKE to remove privileges
o Use DROP to discard superfluous accounts
o Maintain user passwords using SET and UPDATE

* Show Commands & Options Files
o Explain the usages of key SHOW commands
o Expose DBMS privileges for currently authenticated user
o Expose DBMS privileges for other defined users
o List all databases available on the system
o Show the DDL statements used to create various MySQL-managed databases
o Examine the default supported character sets
o Reveal the structure of defined tables
o Show the DDL statements used to create various tables
o List the supported Storage Engines by the current binary-build of MySQL
o Examine the MyISAM Storage Engine tables on the file system & discuss key file types
o Show the schemas of various tables and discuss the results
o Examine the currently executing processes, including connected users
o Initiate & KILL connections listed in the process-list table
o Examine key status variables on the running server
o Show table status information, revealing used-space, length, create-time, etc.
o Discuss the default search-path for options files by MySQL clients
o Examine and secure the MySQL history file to prevent superfluous disclosure of queries
o Define a personal MySQL options file
o Explain the supported section headers in MySQL options files
o Define useful run-time directives for MySQL clients and examine results
o Define a useful, custom MySQL prompt on a global and per-user basis & examine usefulness
o Set default database variable in per-user options files and examine results

* Key MySQL Client Utilities
o Focus on mysql terminal monitor utility
o Discuss & demonstrate mysql client modes
o Discuss command-line option types
o Output queries to standard /HTML|XML|TXT/ formats
o Exclude column-headers from output for easy import into other applications
o Use options file to control startup variables
o Focus on mysqladmin utility
o Compare & contrast mysqladmin batch-mode to mysql interactive mode
o Confirm the status of DBMS servers using mysqladmin
o Ascertain remote DBMS process list
o Create & drop remote databases using mysqladmin
o Administer remote user credentials using mysqladmin
o Focus on mysqldump utility
o Discuss mysqldump applications, features & benefits
o Dump all databases and related objects to an ASCII text backup file
o Examine the resulting dump file
o Dump select databases and examine resulting file
o Dumpy DBMS databases to a remote MySQL instance using mysqldump
o Focus on mysqlimport utility
o Create database container and table structure for subsequent imports
o Create matching data-feed for import by mysqlimport
o Import data-feed using default delimiters and record-separators
o Discuss mysqlimport defaults regarding data-directory and table names
o Examine importing duplicate records

* Key Data Manipulation Language (DML) Statements
o Discuss common DML statements
o Focus on SELECT DML statement
o Optimize SELECT statements with WHERE clauses to define criteria
o Discuss SELECT operators /=|<=|>=|!=|etc/
o Perform pattern matching using WHERE clause with LIKE operator & wildcards
o Influence the order of SELECT output using ORDER BY
o Extend criteria definition and optimize queryies using AND clause
o Return result-set INTO output ASCII text file using SELECT INTO
o Redirect result-set to AWK and extract interesting fields
o Use LIMIT with SELECT to return n number of rows
o Return total number of rows including LIMIT value
o Alias column headers using SELECT
o Concatenate results returned using SELECT
o Focus on INSERT DML statement
o Explain supported INSERT statements /VALUES|SET|SELECT/
o Describe table structure to determine column constraints
o INSERT VALUES specifying column names
o INSERT VALUES one-to-one without defined column headers
o Use SET with INSERT to indicate interesting columns
o Use VALUES to INSERT multiple rows in one statement
o Discuss INSERT SELECT applications
o Create table structure for using INSERT SELECT
o Populate newly-created table with data
o Use SELECT INSERT to move data between tables & evaluate results
o Focus on UPDATE DML statement
o Perform global table UPDATE with simple DML statement
o Specify columns to be updated and evaluate affected rows
o UPDATE interesting rows using criteria
o UPDATE n number of records using the LIMIT criteria operator
o Focus on DELETE DML statement
o Remove interesting records using WHERE clause and applicable critieria
o Intro to the ALTER Data Definition Language (DDL) statement

* Key Data Types

o Focus on Numeric data-types

o Use describe to expose defined data-types for columns

o Discuss unsigned and auto incremented column attributes

o Discuss /TINYINT|SMALLINT|MEDIUMINT|INT|BIGINT/ capacity and applications

o Discuss FLOAT capacity and applications

o Discuss DOUBLE capacity and applications

o Discuss DECIMAL capacity and applications

o Discuss BIT capacity and applications

o Define a table with TINYINT column

o Populate TINYINT column with INSERT and exceed its limits and evaluate resutls

o Use ALTER to increase the capacity of the TINYINT column to SMALLINT

o Populate SMALLINT column and evaluate results

o ALTER table and add columns with greater numeric capacity

o Define a DECIMAL column and store values

o Focus on String data-types

o Explain features and limitations of CHAR type fields

o INSERT strings with unpreserved characters and evaluate results

o Compare & contrast VARCHAR & CHAR type fields; fixed vs. varaible-length

o ALTER table to convert interesting fields from CHAR to VARCHAR

o Create Perl script to generate values for VARCHAR columns and evaluate results

o Discuss /TEXT|TINYTEXT|MEDIUMTEXT|LONGTEXT/ column types

o Discuss /BLOB|TINYBLOB|MEDIUMBLOB|LONGBLOB/ column types

o ALTER table to support LONGTEXT and import data and evaluate results

o Discuss /BINARY|VARBINARY/ usages and limits

o Explain the usages of ENUM column types

o Explore predefined ENUM column types in system tables

o Define ENUM fields, insert data and evaluate DBMS behavior

o Focus on Date data-types

o Discuss DATE column type features (resolution & range)

o ALTER table structure to support DATE-based column

o INSERT invalid date and evaluate results

o Discuss DATETIME column type features (resolution & range)

o ALTER table structure to support DATETIME-based column

o INSERT valid date & time value and evaluate results

o Discuss how MySQL implements dummy dates

o ALTER table structure to support TIMESTAMP-based column

o Discuss TIMESTAMP column type features (resolution & range)

o Discuss NULL-enabled auto-timestamp (dummy-time) invocated columns

o Explain MySQL's default date syntax

o Insert Date & Time values into MySQL columns using mixed delimiters

o Insert Date & Time values into MySQL columns without delimiters

o Recap supported data-types



* Key Data Definition Language (DDL) Statements

o Focus on CREATE DDL statement

o Describe how MySQL maps database containers to the file system

o CREATE DATABASE container to house new tables

o Define the requirements /auto_increment|primary key|etc/ of new base tables

o Define the CREATE TABLE syntax for new base tables based on selected data types

o Execute statement and evaluate results of recently-created tables

o Use SHOW CREATE TABLE to examine DDL syntax for reference

o CREATE TABLE with NOT-NULL column enforcements

o Populate tables with useful values and evaluate results

o INSERT VALUES with DEFAULT for auto-populated columns and evaluate results

o Duplicate table structure using CREATE TABLE and evaluate results

o Populate destination table with data from the source table using INSERT

o Discuss Temporary tables features and applications

o CREATE TEMPORARY TABLES and populate with useful data

o Rename tables using RENAME TABLE as an alternative to ALTER TABLE

o Focus on DROP DDL statement

o Describe the objects that are affected using DROP

o DROP DBMS objects and evaluate file system implications

o Focus on CREATE INDEX DDL statement

o Discuss the importance of indexes to improved data-retrieval

o Discuss MyISAM storage engine per-index limits

o Identify default MyISAM index files

o Explore defined indices

o Define UNIQUE indices

o Compare & contrast table & index storage requirements

o Generate data-set to be imported into an indexed column

o Compare & contrast query-execution times with and without indices



* JOINS

o Discuss the features & benefits of using JOINS to access normalized data

o Normalize the data structure, using ALTER TABLE, to prepare for using joins

o Use seq to generate normalized data and import using mysqlimport

o Discuss the various types of supported JOINS /EQUI|NATURAL|LEFT|RIGHT|INNER|OUTER/

o Define and execute EQUIJOINS

o Define and execute NATURAL JOINS

o Define JOINS using fully-justified DBMS object names

o Use table and column aliases with JOINS



* VIEWS & TRIGGERS

o Discuss the features & benefits of using VIEWS

o Use DESCRIBE to identify interesting VIEW candidate-columns

o Explain VIEW-creation syntax

o Create useful VIEWS and evaluate results

o Create VIEWS using column-aliases

o Update VIEWS using CREATE OR REPLACE VIEW & ALTER VIEW

o Create VIEWS based on EQUIJOINS

o Demonstrate how to UPDATE base-table data using VIEWS

o Remove superfluous VIEWS using DROP VIEW

o Focus on TRIGGERS

o Discuss MySQL's TRIGGER implementation rules

o Discuss TRIGGER timing & events

o Discuss TRIGGER statements

o Define a TRIGGER to update a secondary table upon INSERT INTO primary table

o INSERT INTO primary table and examine TRIGGER response

o Log table updates using TRIGGERS

o Use SHOW to reveal defined TRIGGERS ON tables

o Create & evaluate multiple statement triggers using BEGIN .. .END

o Redefine MySQL statement delimiters to support multiple statement triggers



* Stored Routines (Functions & Procedures)

o Discuss Stored Routines components and applications

o Focus on Stored Procedures

o Discuss required privileges

o Explain how to invoke stored procedure

o Define useful stored procedures

o Use SHOW to reveal stored procedures and important attributes

o Create multiple statement stored procedures

o Redirect stored procedure output to memory for easy reuse

o Focus on Functions

o Discuss ideal uses for functions

o Describe function syntax

o Define functions based on date calculations and evaluate results



* Replication Configuration

o Explore uses of replication

o Illustrate MySQL Master-Slave replication model

o Discuss binary logging requirements

o Updated configuration on Master & Slave servers to reflect replicaiton requirements

o Create replication accounts on Master & Slave servers

o Create a snapshot of the master server's databases

o Transport the snapshot to slave servers using SCP

o Record replication position

o Configure server IDs on Master & Slave servers

o Use DDL to enable Master & Slave servers

o Confirm replication status via DDLs, the process list and system table

o Committ updates to the master server and confirm replication to the slave servers

o Configure an additional slave server and confirm replication



* Logging

o Explain MySQL logging /ERROR|QUERY|BINARY|SLOW/

o Discuss the default log file nomenclature

o Explain & examine the contents of the ERROR log file

o Restart MySQL and examine log entries

o Enable the QUERY log file

o Explain & examine the contents of the QUERY log file

o Discuss the BINARY log file

o Discuss the SLOW log file

o Enable the SLOW log file

o Use mysqlbinlog to examine the contents of binary logs



* Win32 Integration

o Connect to Windows 2003 host and download MySQL Administrator

o Install MySQL Administrator

o Connect to Linux-based MySQL instance and explore key variables

o Download and install MySQL Query Browser

o Explore Query Browser interface & features

o Execute remote queries with Query Browser

o Download & install MyODBC

o Connect MS Access to MySQL using MyODBC

o Import data into MS Access from MySQL

o Link Tables in MS Access to MySQL using MyODBC



* Storage Engines

o Discuss the MyISAM storage engine

o Explain the usages and limitations of the Memory storage engine

o Confirm Memory storage engine support

o Create memory-based tables using the Memory storage engine

o Focus on the CSV storage engine

o Confirm support for the CSV storage engine

o Define CSV-based tables and evaluate results

o Focus on the Federated storage engine

o Explain the applications of remote tables using the Federated storage engine

o Implement Federated tables and evaluate results

o Focus on the Archive storage engine

o Confirm support for the Archive storage engine

o Describe the applications of compressed tables using the Archive storage engine

o Implement compressed tables and evaluate results

o Import data-set into compressed table and evaluate storage requirements

o Focus on the InnoDB storage engine

o Discuss the benefits /Transactional|Scalability/ of InnoDB-based tables

o Confirm support for InnoDB tables

o Explain InnoDB storage architecture and identify default data & log files

o Update /etc/my.cnf configuration file to support InnoDB tables

o Load large data-set and examine resulting data & log files

o Define custom InnoDB data & log files

o Extend the data & log files and evaluate results

o Distribute data & log files across multiple partitions

o Create a raw device for InnoDB data & log files

o Define InnoDB data & log files on a RAW device



* phpMyAdmin

o Discuss the benefits and applications of phpMyAdmin

o Install & configure Apache HTTPD

o Download & install phpMyAdmin

o Secure phpMyAdmin's access to MySQL DBMS

o Explore phpMyAdmin's interface

o Perform many shell-based queries, graphically



* PHP5 Integration

o Uninstall PHP 4.x

o Download & install PHP 5.x packages & relevant modules /MySQL|SSL|etc./

o Explore the PHP Command Line Interface (CLI)

o Interface PHP CLI to MySQL & return results

o Implement PHP->MySQL error handling using conditions & OO-functions

o Execute useful PHP->MySQL methods

o Define HTML forms

o Process HTML forms using PHP

o Store data in MySQL using PHP

LinuxCBT Postfix Edition



LinuxCBT Mail Edition(Sendmail, Postfix, qmail)Postfix

LinuxCBT Postfix Edition,a component of LinuxCBT Mail Edition, focuses on the extremely popular Postfix Mail Transfer Agent (MTAs) and ancillary components.
Although Sendmail is the most widely-deployed MTA across Linux/UNIX systems, Postfix is growing in popularity due to its straightforward administration, modular design, and Sendmail-like approach to certain tasks. Additionally, Postfix is implemented as the default MTA on major Linux distributions such as RedHat and SuSE. Expect to find it throughout corporate networks and similar environments.



LinuxCBT.Postfix.Edition[www.TopSage.com].bin


LinuxCBT Postfix Edition - Disc 1

• Postfix - Installation
  
  
  
  • Identify a geographically close Postfix mirror location
    
  • Discuss Postfix nomenclature
    
  • Download Postfix
    
  • Import PGP-compatible key to verify downloaded source archive
    
  • Verify Postfix source archive against imported signature
    
  • Extract Postfix source archive
    
  • Identify existing system MTA configuration
    
  • Explore Postfix source tree
    
  • Discuss pre-requisites
    
  • Identify Sendmail-compatible binaries to backup
    
  • Add required Postfix user and groups
    
  • Compile & install Postfix
    
  • Identify key directories and binaries
    
  • Alter key Postfix configuration files for basic operation
    
  
  
• 
  
• Postfix - Local Mail & Queueing
  
  
  
  • Define local domains in main configuration file
    
  • Define Fully Qualified Domain Name (FQDN) of Postfix Host
    
  • Confirm running Postfix TCP (super server) Manager
    
  • Explore current running directives with postconf
    
  • Alter configuration to enable local aliases
    
  • Use sendmail-compatible binary to inject messages into the local queue
    
  • Confirm delivery via default Syslog location
    
  • Identify default mbox-based mailstore
    
  • Use MUA mutt to verify delivery of local mail
    
  • Discuss & explore various Postfix queues
    
  • Explain how Postfix implements local injection
    
  • Explain how Postfix handles SMTP-based mail
    
  
  
• 
  
• Postfix - Aliases
  
  
  
  • Discuss concepts and applications for aliases
    
  • Identify required aliases
    
  • Describe Sendmail-compatible alias types
    
  • Define 1-to-1 aliases
    
  • Define list-based aliases
    
  • Test aliases delivery
    
  • Discuss per-user aliases (.forward) file
    
  • Define per-user .forward file with redirection to vacation program
    
  • Test delivery and auto-response
    
  • Discuss how mail is routed into the file system (maildrop) while Postfix is up/down
    
  • Identify binaries responsible for local mail injection (pickup/cleanup)
    
  
  
• 
  
• Postfix - Simple Mail Transfer Protocol (SMTP)
  
  
  
  • Confirm the existence of remote recipients
    
  • Inject mail for delivery to remote Linux Host
    
  • Review Postfix delivery report generated upon invocation of verbose mode
    
  • Confirm delivery of remote mail to remote Linux Host
    
  • Use MUA mutt to reveal and explore the headers of SMTP-based mail
    
  • Explore name resolution order file & discuss logic
    
  • Configure Postfix to receive mail to second-level domain plus FQDN
    
  • Simulate Postfix name resolution process at delivery-time
    
  • Expose current Mail Exchanger (MX) Host for the second-level domain
    
  
  
• 
  
• Postfix - Rewriting Features - Canonical Maps - BCC Maps
  
  
  
  • Discuss default configuration
    
  • Examine envelope headers
    
  • Configure Postfix to masquerade outbound messages
    
  • Test masqueraded envelope by generating new mail
    
  • Discuss canonical maps concepts & applications
    
  • Explain corresponding rewrite binaries
    
  • Define canonical maps in Ascii format
    
  • Use Postmap to generate DB-formatted canonical maps
    
  • Instruct main.cf to employ canonical maps database
    
  • Test address rewriting using canonical maps
    
  • Confirm message delivery via Syslog-generated logs
    
  • Examine the headers of delivered message altered using canonical maps & myorigin
    
  • Define & test sender canonical maps
    
  • Define & test recipient canonical maps
    
  • Configure Postfix to BCC all messages to specified recipients
    
  • Test messages between various users to ensure BCC functionality
    
  • Configure Postfix to BCC messages based on specific senders
    
  • Define Sender BCC maps using editor and Postmap to generate Hashed DB
    
  
  
• 
  
• Postfix - Relay Control
  
  
  
  • Explore & discuss default relay behavior
    
  • Identify key relay-related directives
    
  • Connect to remote Windows 2003 Host and attempt to relay
    
  • Confirm DNS resolution of Postfix relay host
    
  • Attempt relay to recipient on relay host & confirm path via logs
    
  • Attempt relay to recipient on foreign host & confirm delivery
    
  • Tighten default Postfix relay policy to restrict relaying to local subnet
    
  • Attempt local subnet and Internet-based relays & confirm results
    
  • Use SMTP commands to expose features supported by Postfix MTA
    
  • Discuss SMTP Auth pre-requisites
    
  • Recompile Postfix to support SMTP Auth
    
  • Configure Postfix with SMTP Auth to restrict relaying by users vs. IP or hostname
    
  • Confirm support of SMTP Auth using standard STMP commands
    
  • Configure Outlook Express client to support SMTP Auth
    
  • Attempt to relay based on SMTP Auth support
    
  • Permit relaying of non-local domains based on relay domains
    
  • Define additional second-level domain for relaying
    
  • Configure relaying of non-local domains using hashed Berkeley DB maps
    
  • Discuss Postfix transport maps concepts and applications
    
  • Define transport maps for domains to bypass DNS MX lookups
    
  • Update receiving Postfix host to support transport maps
    
  • Confirm delivery of messages to additional domains defined in transport maps
    
  • Configure Postfix as a Backup Mail Exchanger (MX) host and confirm delivery during failure
    
  
  
• 
  
• Postfix - Smart Host & Null Client configuration
  
  
  
  • Discuss Smart Host concepts and applications
    
  • Define the Postfix Smart Host
    
  • Define the Postfix Smart Host client
    
  • Test local delivery and confirm delivery
    
  • Test delivery of Internet-based message which requires Smart Host
    
  • Confirm delivery via logs and remote SSH session
    
  • Discuss Null client concepts and applications
    
  • Internet -> DMZ -> Corporate Backbone Mail Repository
    
  • Disable local mail delivery on Postfix host
    
  • Configure Postfix to function as a null client
    
  • Test results of null client delivery
    
  
  
• 
  
• Postfix - Virtual Domains
  
  
  
  • Discuss default domains handled by Postfix
    
  • Attempt IP-address based delivery
    
  • Explore the mydestination parameter
    
  • Alter BIND configuration to route messages for basic virtual domain
    
  • Configure Postfix to map individual users to domains
    
  • Define individual virtual domains hash
    
  • Define virtual domains user hash
    
  • Generate hashed virtual domains and virtual user databases
    
  • Confirm routing of messages to appropriate users
    
  • Define catchall addresses for non-matching users and/or aliases
    
  • Use Postmap to query virtual users and determine delivery path
    
  
  
• 
  
• Postfix - Mailbox Formats
  
  
  
  • Explore default mbox configuration location and permissions
    
  • Describe mbox format
    
  • Explore environment configuration variables related to mail delivery
    
  • Test delivery of mbox-bound messages using mutt & Postfix
    
  • Discuss Maildir message storage format
    
  • Configure Postfix to deliver messages using Maildir message format
    
  • Examine Postfix-created Maildir structure after mail delivery
    
  • Alter shell environment to support Maildir format with desired MUA
    
  
  
• 
  
• Postfix - Network-based Mail Retrieval
  
  
  
  • Discuss Courier IMAP framework
    
  • Identify and install pre-requisites
    
  • Download, compile, and install Courier Authentication Library Daemon
    
  • Identify Courier Authentication key directories, binaries and configuration file
    
  • Download and install Courier IMAP Daemon
    
  • Explore Courier IMAP binary directory tree
    
  • Discuss Courier framework
    
  • Configure Courier for POP3 mail retrieval
    
  • Confirm retrieval using Windows 2003 - Outlook Express client
    
  • Identify POP3 Secure configuration files
    
  • Generate self-signed certificate for use with POP3 Secure communications
    
  • Confirm retrieval of messages using Outlook Expres and POP3 Secure
    
  • Establish run-level symbolic links for POP3 & POP3S services
    
  • Configure Courier for IMAP mail retrieval
    
  • Confirm retrieval using Windows 2003 - Outlook Express client
    
  • Generate self-signed certificate for use with IMAP Secure communications
    
  • Establish run-level symbolic links for IMAP & IMAPS services
    
  
  
• 
  
• Postfix - Web-based Mail Retrieval
  
  
  
  • Discuss Web-based SquirrelMail pre-requisites
    
  • Enable Apache web server
    
  • Download and Install SquirrelMail into web-accessible location
    
  • Secure data and attachments directories
    
  • Configure SquirrelMail for initial use with Courier IMAP
    
  • Address PHP session-related issues
    
  • Explore SquirrelMail from the browser as various Linux users
    
  • Confirm deliver using multiple clients - (mutt/Outlook Express/SquirrelMail/Local Injection)
    
  
  
• 
  
• Postfix - Malware Framework
  
  
  
  • Dowload MailScanner
    
  • Download Clam Anti-Virus (ClamAV)
    
  • Download SpamAssAssin
    
  • Download, compile & install zlib
    
  • 
    
  • Clam Anti-Virus (ClamAV) Implementation
    
    
    
    • Create required user and group
      
    • Compile & install ClamAV
      
    • Identify key ClamAV binaries
      
    • Update ClamAV configuration files for basic operation
      
    • Update ClamAV definitions
      
    • Configure system Crontab to update virus definitions every hour
      
    • Confirm scheduled virus definition updates 24 hours later
      
    
    
  • 
    
  • SpamAssAssin Implementation
    
    
    
    • Illustrate message flow from remote SMTP system through our Malware Framework
      
    • Download SpamAssAssin from Apache Foundation
      
    • Extract & discuss SpamAssAssin source tree
      
    • Compile and install Perl-based SpamAssAssin
      
    
    
  • 
    
  • MailScanner Implementation
    
    
    
    • Download, compile and install the current MailScanner malware engine
      
    • Explore MailScanner source and binary trees
      
    • Explore MailScanner.conf configuration file - discuss important directives
      
    • Update MailScanner to support Postfix MTA
      
    • Configure Postfix MTA to route inbound messages into temporary queue for processing
      
    • Invoke MailScanner malware engine and confirm
      
    • Debug incidentals related to invalid configuration directives and missing components
      
    • Malware Framework - MUA -> MTA -> MailScanner -> ClamAV -> SpamAassAssin -> MTA -> Maildir/Mailbox
      
    • Send sample malware through the malware framework & confirm detection
      
    • Send sample spam through the malware framework & confirm detection
      
    • Configure MailScanner to affix outbound Corporate Signatures - Legalise - to all messages based trusted configuration
      
    
    
  • 
    
  
  
• 
  
• Postfix - Log Analysis
  
  
  
  • Download AWStats log analysis application
    
  • Configure AWStats to function in current Apache Web Server environment
    
  • Discuss AWStats features and applications
    
  • Configure AWStats to process Postfix MTA Logs
    
  • Explore AWStats' web-based interface
    
  
  

LinuxCBT qmail Edition



LinuxCBT Mail Edition(Sendmail, Postfix, qmail) qmail。

LinuxCBT qmail Edition, a component of LinuxCBT Mail Edition, focuses on the second most popular Mail Transfer Agent (MTA), qmail, and ancillary components.

qmail is used by some of the biggest names on the Net such as
Yahoo!, for moving large volumes of mail, rapidly. Its design is
entirely modular with an emphasis on security and rapid delivery.
Additionally, many tasks in qmail can be accomplished via standard
Linux/UNIX shell constructs: Pipes & redirection. Consequently,
advanced Linux/UNIX Admins are comfortable with its DIY approach.



LinuxCBT.qmail.Edition[www.TopSage.com].iso
- LinuxCBT Sendmail v8 Edition



LinuxCBT Sendmail Edition, a component of LinuxCBT Mail Edition, focuses on the leading Linux/UNIX Mail Transfer Agents (MTAs); Sendmail v8.

Linux/UNIX systems are responsible for moving the overwhelming
majority of electronic mail across private and public networks.
Sendmail is the most widely-deployed MTA across Linux/UNIX systems.
Consequently, savvy Systems Admins. are expected to have a solid
foundation in Sendmail and ancillary components for general and
automated mail-based applications.



LinuxCBT.Sendmail.v8.Edition[www.TopSage.com].bin

LinuxCBT Security Edition ISO

Basics, Proxy, Firewall, SELinux, NIDS

LinuxCBT Security Edition encompasses 9 pivotal security modules:

1. Security Basics (fundamentals)
2. Proxy Security featuring Squid
3. Firewall Security featuring IPTables
4. SELinux Security - MAC-based Security Controls
5. Network Intrusion Detection System (NIDS) Security featuring Snort NIDS
6. Packet | Capture | Analysis Security featuring Ethereal
7. Pluggable Authentication Modules (PAM) Security
8. Open Secure Shell version 2 (OpenSSHv2) Security
9. OpenPGP with Gnu Privacy Guard (GPG) Security

LinuxCBT.Security.Edition 5.Modules
LinuxCBT.Packet.Capture.Analysis.Edition
LinuxCBT.PAM.Edition.bin
LinuxCBT.OpenSSHv2.Edition
LinuxCBT.OpenPGP.Edition

LinuxCBT Samba Edition

LinuxCBT.Samba.Edition

LinuxCBT Scripting Edition


1. LinuxCBT Bash Edition LinuxCBT.Bash.Shell.Scripting[www.TopSage.com].zip
2. LinuxCBT Perl Edition LinuxCBT.Perl.Programming
3. LinuxCBT Python Edition LinuxCBT.Scripting.Edition-CD3
4. LinuxCBT PHP Edition LinuxCBT.Scripting.Edition-CD4[www.TopSage.com].zip
5. LinuxCBT RegEx Edition LinuxCBT.RegEx.Edition
6. LinuxCBT Awk & Sed Edition LinuxCBT.Awk-Sed.Edition[www.TopSage.com].iso

LinuxCBT IPv6 Edition

LinuxCBT.IPv6.Edition

LinuxCBT IPv6 Edition focuses exclusively on the burgeoning Internet Protocol Version 6 (IPv6).

The coursework explores IPv6 implementation on today's mainstream
Network Operating Systems (NOSs), including: GNU/Linux, Solaris,
Windows and Cisco IOS.

Given the imminent depletion of globally-unique 32-bit IPv4 addresses,
and mandates set by the US Government with respect to
IPv6-backbone-compliancy by Q2 2008 for government agencies,
Information Technology (IT) Network/Systems
Engineers/Administrators/Integrators/Directors/etc., are tasked with
preparing their backbones and applicable
infrastructure(VLANs/DMZs/etc.) to support Internet Protocol Version 6
(IPv6).