Our Trainers Consult, Our Consultants Train
Enterprise Linux Network Services
| Course Code: GL275 Length: 5 days |
Monday, October 25, 2010 (5 days) Denver, CO $1,995.00 Register |
Course Description
Students interested in developing skills as network administrators find this course invaluable. Topics explored and implemented in the class include the setup and maintenance of many of the most popular network services available for Linux and Unix today, including servers for DNS, SMB (Windows networking), e-mail servers, FTP, web, and caching proxy. Special attention is paid to the concepts needed to implement these services securely, and to the trouble-shooting skills which will be necessary for real-world administration of network services.
Courseware supports latest versions of Red Hat Enterprise Linux, Fedora Core, SUSE LINUX Professional, and SUSE LINUX Enterprise Server.
Prerequisites
Individuals wishing to take this class should already have a solid grounding in UNIX concepts and basic systems administration. Fundamentals such as an understanding of the Linux filesystem, process management, and the ability to manipulate and edit files is considered a must and will not be covered in class. A good understanding of network concepts, and the TCP/IP protocol suite is also assumed.
Course Contents
DNS Concepts
- Naming Services
- The Domain Name Space
- Delegation and Zones
- Server Roles
- Resolving Names and Resolving IP Addresses
- BIND Administration
- rndc key configuration
- Configuring the Resolver and Testing Resolution
- Lab - Configure BIND
Configuring Bind
- BIND Configuration Files
- named.conf Syntax and Options Block
- Creating a Site-Wide Cache
- Zones In named.conf
- Zone Database File Syntax
- SOA - Start of Authority
- A - Address / PTR-Pointer
- NS - Name Server
- CNAME - Alias / MX-Mail Host
- Abbreviations and Shortcuts
- $GENERATE
- Lab - Configure BIND
Creating DNS Hierarchies
- Subdomains and Delegation
- in-addr.arpa Delegation
- Issues with in-addr.arpa
- RFC2317 & in-addr.arpa
- Lab - Configure BIND
Securing BIND and DNS
- Split Namespaces
- Using Views with BIND 9
- Address Match Lists & ACLs
- Restricting Queries
- Restricting Zone Transfers
- Running BIND in a chroot jail
- Dynamic DNS Concepts
- Allowing DDNS updates
- Using DDNS with "nsupdate"
- Common Problems
- Lab - Advanced BIND Configuration
LDAP Concepts
- Centralized Authentication
- Directory Services
- What LDAP Provides
- LDAP Concepts and Organization
- Schema and Entry Referencing
- LDIF
- LDAP Architecture, Security, Implementations, and Client Configuration
- Lab - Search LDAP
OpenLDAP Servers
- OpenLDAP Components
- Configuring slapd
- Global Parameters and Schema Definition
- Access Control
- Backend Types
- Backend and Database Configuration
- Indexes and Replicas
- Replica Configuration
- Syntax Conformance
- Lab - Configure LDAP
Using OpenLDAP
- Managing slapd
- Online and Offline Data Manipulation
- Native LDAP authentication and Client Config
- Lab - Configure LDAP
Using Apache
- HTTP Operation
- Apache History and Status
- Apache Architecture
- SSL / HTTPS and Apache
- Apache Configuration Files
- httpd.conf
- Dynamic Shared Objects
- Adding Modules to Apache
- Apache Logging
- Log Analysis
- The Webalizer
- Lab - Configure Apache
Virtual Hosting with Apache
- HTTP Virtual Servers
- DNS Implications
- Security Implications
- IP-based Virtual Host
- Name-based Virtual Host
- Port-based Virtual Host
- Lab - Configure Apache
Apache Security
- Delegating Administration
- Directory Protection
- Common Uses for .htaccess
- Symmetric and Asymmetric Key Cryptography
- Digital Certificates
- SSL Using mod_ssl
- Lab - Configure Apache
Apache Server-side Programming
- Dynamic HTTP Content
- PHP: Hypertext Preprocessor
- Developer Tools for PHP
- Installing, Configuring, and Securing PHP
- Java Servlets and JSP
- Jakarta Tomcat
- Installing Java SDK and Jakarta Tomcat
- Using Tomcat with Apache
- Lab - Dynamic Content
Implementing an FTP Server
- The FTP Protocol and Operation
- Active and Passive FTP
- WU-FTPD
- vsftpd
- Configuring vsftpd
- Anonymous vsftpd
- Lab - Configure VSFTPD
The SQUID Proxy Server
- Squid Overview, File Layout, and Access Control Lists
- Squid ACL application
- Tuning Squid / Hierarchies
- Bandwidth Metering
- Monitoring Squid
- Proxy Client Configuration
- Lab - Configure SQUID
Samba Concepts
- SMB Network Protocol
- NetBIOS and NetBEUI
- NetBIOS Naming
- Samba Daemons, Clients, and Utilities
- Samba Configuration Files
- The smb.conf File
- Lab - Configure Samba
Using Samba
- Unix and DOS Permissions
- Unix and Windows Concepts
- Name and Case Mangling
- Sharing [homes] and Printers
- Restricting Access
- Share-Level and User-Level Access
- Mapping Users
- SMB and Passwords
- The smbpasswd Database
- User Share Restrictions
- Lab - Configure Samba
SMTP Theory
- SMTP Terminology and Architecture
- SMTP Commands and Extensions
- SMTP AUTH and STARTTLS
- SMTP Session
Sendmail
- sendmail Features, and Process
- sendmail Architecture, Components, and Configuration
- Configuration Files
- Databases
- Text Files
- Network Access
- Masquerading sendmail
- Controlling access
- Configuring SMTP AUTH and Configuring SMTP STARTTLS
- Lab - Configure Sendmail
Postfix
- Postfix Features, Architecture, Components, and Configuration
- master.cf and main.cf
- Postfix Map Types and Pattern Matching
- Advanced Options
- Virtual Domains and Mail Filtering
- Configuration and Management Commands
- Postfix Logging and Logfile Analysis
- chroot’ing Postfix
- Postfix and SMTP AUTH
- SMTP AUTH Server and Clients
- Postfix Extensions
- Postfix/TLS
- TLS Server Configuration
- Postfix Client Configuration
- Other TLS Clients and Ensuring TLS Security
- Lab - Configure Postfix
IMAP, POP, Spam Filtering and Web Mail
- Filtering Email
- procmail
- SpamAssassin
- Sendmail Mail Filter (milter)
- Amavisd-new Mail Filtering
- Accessing Email
- The POP3 and the IMAP4 Protocol
- Dovecot POP3/IMAP Server
- Cyrus IMAP/POP3 Server
- Cyrus IMAP MTA integration
- Cyrus Mailbox Admin
- Fetchmail and SquirrelMail
- Lab - Filtering/Web Mail
Appendix 1 - Using NIS
- NIS History, Overview, and Limitations
- NIS Advantages and Implementation
- Creating a NIS Master Server
- NIS Client Configuration
- Slave Server Configuration
- Troubleshooting Aids
- Lab Appendix - NIS
If you have any questions about this or any other class, ask us and we'll be happy to help.
