RH253 Red Hat® Linux Networking and Security Administration

Classroom Learning

Also available via

Virtual Classroom e-Learning

On-Site Learning

Who Needs to Attend

Linux or UNIX system administrators who already have some real-world experience with Red Hat Linux systems administration and want a first course in networking services and security.

Prerequisites

RH133 Red Hat Linux System Administration or equivalent experience with Red Hat Linux LAN/WAN fundamentals
Mastering TCP/IP (or equivalent)

RH133 Red Hat® Linux System Administration & Red Hat® Certified Technician (RHCT®) Lab Exam

Follow-On Courses

RH300 Red Hat® Linux (RHCE®) Rapid Track Certification Course & RHCE Lab Exam

Certification Programs and Certificate Tracks

This course is part of the following programs or tracks:

RHCE - Red Hat® Certified Engineer

Configure and administer secure network services using Red Hat Enterprise Linux.

Learn the skills to configure the common network services and security administration using Red Hat Enterprise Linux.

Red Hat training and certification for Red Hat Enterprise Linux 5 is not just valuable for those professionals who will be working with it immediately. It is also valuable to professionals working on earlier releases of Red Hat Enterprise Linux. While Red Hat Enterprise Linux 5 does introduce new capabilities and technologies, the core system administration tasks one must learn and master as system administrator are far more similar to previous releases than different. Consequently, those who train on Red Hat Enterprise Linux 5 should adjust easily to earlier releases, while also having an understanding of the potential and opportunity that Red Hat Enterprise Linux 5 presents.

What You'll Learn

New and updated for the current version Red Hat Enterprise Linux
Essential preparation for RHCE exam and certification
Comprehensive skills for setting up Red Hat Enterprise Linux server
Key security skills and techniques for configuration/administration of secure Red Hat Linux networks

Course Outline

1. Introduction to Network Services

Red Hat Enterprise Linux Network Components
Connecting Networks
Service Management
Chkconfig
xinetd Services
The xinetd Daemon
Fault Analysis

2. Organizing Networked Systems

DNS Basics
Internet DNS Hierarchy
Name Server Hierarchy
Client-Side DNS
Server-Side DNS
Berkeley Internet Name Domain (BIND)
Configuring BIND
Configuration File Basics
Address Match Lists and acl
rndc
Zone Files
Main Record Types
Delegating Subdomains
Caching-Only Name Server
BIND Utilities
BIND Syntax Utilities
Configuring the DHCP server

4. Electronic Mail Services

sendmail Features
Security and "Anti-Spam" Features
An E-Mail Review
Simple Operational Overview
Main Configuration Files
sendmail Configuration with the m4 Macro Language
sendmail Client Configuration
Blacklisting Recipients
Debugging sendmail
Postfix
Using Postfix
Additional Postfix Configuration Files
procmail Local Delivery

5. The HTTP Service

Apache Features
Apache Configuration
Apache Server Configuration
Virtual Hosts
Apache Namespace Configuration
CGI
Apache Encrypted Web Server
Squid Web Proxy Cache

6. Security Concerns and Policy

Security Terms
Basic Network Security
Which Services are Running?
Remote Service Detection
Definitions of Security
Security Policy
Backup Policies

7. Authentication Services

Authentication Basics
Service Profile: PAM
PAM Operation
Core PAM Modules
Authentication Modules
Password Security
Password Policy
Resource Limits
User Access Control
Single User Mode
Authentication Troubleshooting
NIS Overview
NIS Server Topology
Configuring an NIS Server
NIS Client Configuration
NIS Troubleshooting

8. System Monitoring

Introduction to System Monitoring
File System Analysis
Set User and Group ID Permissions
Typical Problematic Permissions
EXT2 Filesystem Attributes
Monitoring Data Integrity with tripwire
Configuring tripwire
System Log Files
syslogd and klogd configuration
Advanced syslogd configuration
Log File Analysis
Monitoring and Limiting Processes
Monitoring Processes with top
Monitoring Processes Graphically
System Activity Reporting
Process Accounting Tools

9. Securing Networks

Packet Filtering Capabilities
Netfilter Architecture
Netfilter Packet Flow
Chain Operations
Rule Targets
Rule Matching
Network Address Translation (NAT)
Connection Tracking
Rule Persistence
The "Bastion Host"

10. Securing Services

SystemV Startup Control
Securing the Service
tcp_wrappers Configuration
Daemon Specification
Client Specification
Advanced Syntax
xinetd-Based Security
xinetd Access Control
Host Patterns
Advanced Security Options

11. Securing Data

The Need for Encryption
Cryptographic Building Blocks
Random Numbers
One-Way Hashes
Symmetric Encryption
Asymmetric Encryption
Public Key Infrastructures
Digital Certificates
Generating Digital Certificates
OpenSSH Overview
The OpenSSH
OpenSSH Authentication
Protecting Your Keys
Applications: RPM

Hands-On Labs