linux logo

Goals


- Learn to administer Web, mail, Samba, DNS services

- Prepare for LPI 202 certification

Program

BIND configuration and management
Zone definition
Reload a new definition
Knowledge of dnsMasq and powerDNS
Reverse DNS
BIND in a chroot environment
Knowledge of dnsSec and its tools

Configuring and managing Apache
Definition of access
Management of modules, in particular PERL and PHP
Authentication
Virtual hosting
SSL configuration and management
Generating certificates
Installation of certificates
Configure and manage a proxy
ACL management

Samba configuration and management
Samba tools
Mount an SMB volume
Map windows and linux users
Configuring and Managing NFS
NFS tools
Mount an NFS volume
TCP Wrapper
Configuring and managing dhcpd
Dhcp tools
PAM configuration and management
Configuration and management of openLDAP
Schemas and whitepage in LDAP
Knowledge of the SSSD daemon

Postfix configuration and management
Knowledge of the SMPT protocol
Knowledge of exim and sendmail
Configuration and management of procmail
Configuration and management of IMAP and POP

Configuring and managing IPTable
IPTable tools and commands
Port forwarding and IP forwarding
Create filter rules
Knowledge of IPV6 filtering
Configuration and management of pureFTP and vsftpd
Understanding the differences between active and passive connection
Configuring and managing openSSH
Permissions and restrictions for the super user and other users
Management of keys and their exchanges
Port testing tools
Knowledge of referrals to which to report faults and anomalies in the system
IDS Tools
Knowledge of openVAS and snort
Configuration and management of openVPN

Duration

5 days

Price

£ 2599

Audience

Linux System Administrators

Prerequisites

Have the LPI 201 certification or equivalent knowledge

Reference

LIN1137-F

Subject 207 : DNS

BIND 9.x configuration files, terminology and tools
Set the location of the BIND zone configuration files
Reload Modified Zone Settings and Files
Knowledge of dnsmasq, djbdns and PowerDNS as an alternate name server

Tools for retrieving information about the DNS server
Layout, content and location of BIND zone files
Methods to Add a Host to a Zone File, and to a Reverse Zone

BIND 9 configuration files
Chroot BIND
Separate BIND configuration using forwarder declarations
Configure and use transaction signatures (TSIG)
Know DNSSEC and basic tools

Workshop : MCQ to comment on the subject 207

Subject 208 : Web Services

Apache 2.x terminology and tools configuration files
Configuration and content of Apache log files
Methods and files to restrict access
Configuring mod_perl and PHP
Files and tools for user authentication
Configuration of maximum requests, minimum and maximum of servers and clients
Setting up Apache 2.x virtual hosts (with and without a fixed IP address)
Use redirects in Apache configuration to optimize file access

SSL configuration files and tools
Generate a private key and CSR request for a commercial CA
Generate a self-signed key from an enterprise CA
Install the private key and certificate
Common issues with VirtualHosts and using SSL
Security issues with SSL

Squid 3.x configuration files, glossary and tools
Access restriction methods
User authentication methods
Layout and content of ACLs in Squid configuration files

Nginx, presentation
Reverse Proxy, set up
Basic web server

Workshop : MCQ to comment on the subject 208

Subject 209 : File Sharing

Samba 3 Documentation
Samba configuration files
Samba Tools
Mount Samba Shares on Linux
Samba services
Map Windows and Linux users
User-level security and sharing

NFS version 3 configuration files
Tools for NFS
Access restriction for hosts and / or subnets
Server and client side mount options
TCP Wrappers
Knowledge of NFSv4
Workshop: MCQ to comment on the subject 209

Subject 210 : Client-side network management

DHCP configuration files, glossary, and tools
Setting up dynamically allocated IP scopes and reservation

PAM configuration files, glossary and tools
Passwd and shadow password management files

LDAP tools to manage and query data
Change user passwords
Query the LDAP directory

OpenLDAP, presentation
Access controls
DN Distinguished Names
Changetype operations
Diagrams and Whitepages
Directories
Object identifiers, attributes and classes
Knowledge of System Security Services Daemon (SSSD)

Workshop : MCQ to comment on the subject 210

Subject 211 : E-Mail services

Postfix configuration files
Basic knowledge of SMTP protocol
Knowledge of sendmail and exim

Procmail configuration files, and tools
Using procmail on both server and client side

Configuring Courier in IMAP and POP
Configuring Dovecot

Workshop : MCQ to comment on the subject 211

Subject 212 : System Security

Iptables configuration files and management tools
Routing table management tools
Private networks
Port forwarding and IP forwarding
Editing firewall rules based on source, destination, protocol and port
Back up and restore the filter configuration
Knowledge of ip6tables

Configuration files and tools for Pure-FTPd and vsftpd
Knowledge of ProFTPd
Understanding the passive and active modes of FTP connections

OpenSSH configuration files and tools
Access restrictions for root and users
Manage and use the server and client keys to authenticate without password
Use of multiple connections to guard against loss of connections

Tools to scan and test server ports
Security alerts: Bugtraq, CERT and other sources
Tools for setting up intrusion detection systems (IDS)
Knowledge of OpenVAS and Snort

Configure a VPN (Virtual Private Network)
Create a secure point-to-point connection
Create a secure site-to-site connection

Workshop : MCQ to comment on the subject 212

Passing of the certification (if foreseen in the financing)

Sessions

Contact us for more informations about session date