Linux Training Overview:
This five-day course provides students with the knowledge to perform system administration tasks relating to kernel management and system security. These topics include the proc filesystem configuration, kernel rebuilds and backups as well as log file maintenance. The course moves into security issues including physical security of the host and console, user and system accounts, network and firewall security and software security. The course ends with intrusion detection techniques.
Linux Training Audience:
Linux system administrators who want to build competency with kernel builds and system security.
Learning Prerequisites:
Linux Level 2 or equivalent experience.
Linux Training Course duration:
5 days
Linux Training Course outline:
The proc File System
- What is the proc File System?
- Viewing System Information
- Viewing Process Information
- Viewing and Changing Kernel Features
- The sysctl Command
- The /etc/sysctl.conf File
Loadable Kernel Modules
- What are Loadable Kernel Modules?
- Loading LKMs
- Displaying LKMs
- Unloading LKMs
- Loading Modules that have Dependencies
Rebuilding the Kernel
- Kernel Source Files
- Extract the Source Files
- Apply the Patch Files
- Initial Configuration Steps
- Configure the 2.4 Kernel
- Configure the 2.6 Kernel
- Building the Kernel
- Using the New Kernel
- Building a Red Hat Enterprise Linux Kernel
- Kernel Parameters
Log File Administration
- System Log Daemons
- The /etc/syslog.conf File
- The /etc/sysconfig/syslog File
- Default System Log Files
- Using logrotate to Maintain Log Files
- Using logwatch to Monitor Log Files
- Using redhat-logviewer to Monitor Log Files
- Generating Messages with logger
Backups
- Backing Up Data
- Backup Media
- Backup Methods
- Device Files
- Using the dump and restore Commands
- Using the tar Commands
- Using the gzip Command
- Using the zip Command
- Using the bzip2 Command
- Using the cpio Command
- Additional Utilities
Security Overview
- What is Security?
- Balance
- Staying Up to Date
- Documentation
- Thinking like the Enemy
- What is a Security Policy?
- Step 1 - Initially Secure the System
- Step 2 - Maintain System Security
- Step 3 - Recovery
Physical Security
- What is Physical Security?
- Access Protection
- Protecting BIOS
- Protecting the Boot Loader
- Disabling Reboots
- Using vlock
- Devices
- Natural Disasters
- Hardware Error
- Theft
Securing User Accounts
- Account Names
- Mail Aliases
- The /etc/passwd, /etc/shadow, /etc/group and /etc/gshadow Files
- Displaying User Information
- Users and their Passwords
- Users with no Passwords
- Forcing Users to Change their Password
- Preventing Users from Changing their Password
- Application Accounts
- Same UID, Multiple User Accounts
- Setting Accounts Defaults
- Process Accounting
- Tools
Securing System Accounts
- Securing the Root Account
- Root Password and Name
- The root's PATH Variable
- Physically Protecting the root Account
- Disallowing root Access
- Limiting Access to root via su
- Enabling Automatic Logouts
- Granting root Access via the sudo Command
- Securing System Accounts
Securing The Filesystem
- File Permissions and Ownership
- Disk Space Usage
- Securing crontab and at
- File Attributes
- File System mount Options
- Tools
PAM
- What is PAM?
- Syntax of PAM configuration files
- PAM categories
- PAM controls
- PAM Modules
- Using PAM to alter the password policy
- Using PAM to provide resource limits
- Using PAM to limit services
- Using PAM to limit access time to services
- Disabling console privileges
- Other PAM features
TCP Wrappers
- The configuration files
- Syntax of /etc/hosts.allow and /etc/hosts.deny
- Using tcp_wrappers banners
- Logging tcp_wrappers connections
- Avoiding using two configuration files
- Using spawn and twist
- Additional tcp_wrappers options
Firewalls
- Kernel level firewalls in Linux
- Overview of iptables
- Overview of filtering packets
- Filtering incoming packets on the local system
- Filtering outgoing packets on the local system
- Using NAT
- Saving tables
The xinetd Service
- The /etc/xinetd.conf File
- The /etc/xinetd.d Directory
- Important Attributes for xinetd-based Services
- Additional xinetd Considerations
Intrusion Detection
- Performing the intrusion detection
- Monitoring network activity
- Probing for modified files
- Third party tools
Appendix A - Preparing for Certification Exams
Appendix B - Preparing for RHCE and RHCT Exams
Appendix C - Preparing for the LPI Exams
Appendix D - Preparing for the Linux+ Exam
|