Goals
- Learn to administer Web, mail, Samba, DNS services
- Prepare for LPI 202 certification
Program
BIND configuration and management
Zone definition
Reload a new definition
Knowledge of dnsMasq and powerDNS
Reverse DNS
BIND in a chroot environment
Knowledge of dnsSec and its tools
Configuring and managing Apache
Definition of access
Management of modules, in particular PERL and PHP
Authentication
Virtual hosting
SSL configuration and management
Generating certificates
Installation of certificates
Configure and manage a proxy
ACL management
Samba configuration and management
Samba tools
Mount an SMB volume
Map windows and linux users
Configuring and Managing NFS
NFS tools
Mount an NFS volume
TCP Wrapper
Configuring and managing dhcpd
Dhcp tools
PAM configuration and management
Configuration and management of openLDAP
Schemas and whitepage in LDAP
Knowledge of the SSSD daemon
Postfix configuration and management
Knowledge of the SMPT protocol
Knowledge of exim and sendmail
Configuration and management of procmail
Configuration and management of IMAP and POP
Configuring and managing IPTable
IPTable tools and commands
Port forwarding and IP forwarding
Create filter rules
Knowledge of IPV6 filtering
Configuration and management of pureFTP and vsftpd
Understanding the differences between active and passive connection
Configuring and managing openSSH
Permissions and restrictions for the super user and other users
Management of keys and their exchanges
Port testing tools
Knowledge of referrals to which to report faults and anomalies in the system
IDS Tools
Knowledge of openVAS and snort
Configuration and management of openVPN
Duration
5 days
Price
£ 2599
Audience
Linux System Administrators
Prerequisites
Have the LPI 201 certification or equivalent knowledge
Reference
LIN1137-F
Subject 207 : DNS
BIND 9.x configuration files, terminology and tools
Set the location of the BIND zone configuration files
Reload Modified Zone Settings and Files
Knowledge of dnsmasq, djbdns and PowerDNS as an alternate name server
Tools for retrieving information about the DNS server
Layout, content and location of BIND zone files
Methods to Add a Host to a Zone File, and to a Reverse Zone
BIND 9 configuration files
Chroot BIND
Separate BIND configuration using forwarder declarations
Configure and use transaction signatures (TSIG)
Know DNSSEC and basic tools
Workshop : MCQ to comment on the subject 207
Subject 208 : Web Services
Apache 2.x terminology and tools configuration files
Configuration and content of Apache log files
Methods and files to restrict access
Configuring mod_perl and PHP
Files and tools for user authentication
Configuration of maximum requests, minimum and maximum of servers and clients
Setting up Apache 2.x virtual hosts (with and without a fixed IP address)
Use redirects in Apache configuration to optimize file access
SSL configuration files and tools
Generate a private key and CSR request for a commercial CA
Generate a self-signed key from an enterprise CA
Install the private key and certificate
Common issues with VirtualHosts and using SSL
Security issues with SSL
Squid 3.x configuration files, glossary and tools
Access restriction methods
User authentication methods
Layout and content of ACLs in Squid configuration files
Nginx, presentation
Reverse Proxy, set up
Basic web server
Workshop : MCQ to comment on the subject 208
Subject 209 : File Sharing
Samba 3 Documentation
Samba configuration files
Samba Tools
Mount Samba Shares on Linux
Samba services
Map Windows and Linux users
User-level security and sharing
NFS version 3 configuration files
Tools for NFS
Access restriction for hosts and / or subnets
Server and client side mount options
TCP Wrappers
Knowledge of NFSv4
Workshop: MCQ to comment on the subject 209
Subject 210 : Client-side network management
DHCP configuration files, glossary, and tools
Setting up dynamically allocated IP scopes and reservation
PAM configuration files, glossary and tools
Passwd and shadow password management files
LDAP tools to manage and query data
Change user passwords
Query the LDAP directory
OpenLDAP, presentation
Access controls
DN Distinguished Names
Changetype operations
Diagrams and Whitepages
Directories
Object identifiers, attributes and classes
Knowledge of System Security Services Daemon (SSSD)
Workshop : MCQ to comment on the subject 210
Subject 211 : E-Mail services
Postfix configuration files
Basic knowledge of SMTP protocol
Knowledge of sendmail and exim
Procmail configuration files, and tools
Using procmail on both server and client side
Configuring Courier in IMAP and POP
Configuring Dovecot
Workshop : MCQ to comment on the subject 211
Subject 212 : System Security
Iptables configuration files and management tools
Routing table management tools
Private networks
Port forwarding and IP forwarding
Editing firewall rules based on source, destination, protocol and port
Back up and restore the filter configuration
Knowledge of ip6tables
Configuration files and tools for Pure-FTPd and vsftpd
Knowledge of ProFTPd
Understanding the passive and active modes of FTP connections
OpenSSH configuration files and tools
Access restrictions for root and users
Manage and use the server and client keys to authenticate without password
Use of multiple connections to guard against loss of connections
Tools to scan and test server ports
Security alerts: Bugtraq, CERT and other sources
Tools for setting up intrusion detection systems (IDS)
Knowledge of OpenVAS and Snort
Configure a VPN (Virtual Private Network)
Create a secure point-to-point connection
Create a secure site-to-site connection
Workshop : MCQ to comment on the subject 212
Passing of the certification (if foreseen in the financing)
Sessions
Contact us for more informations about session date