Course 604: Linux Network Server:
Installing, Setup, and Securing

(5 days)

 

Course Description

Five intensive days of learning how to create and manage network services using Linux. There is an advanced review of TCP/IP for the purposes of understanding stack hardening and iptables protections. This is followed by a hands-on setup to prepare a Linux host to become a network server. Attendees then set up dns, dhcp, ldap, samba, nfs, web server, and mail services. This is followed by setting up SSH with port forwarding and stunnel, to have secure communications between servers and clients. The course concludes with techniques for logging, troubleshooting, and performance monitoring.

Learning Objectives

  • How to do TCP/IP stack hardening
  • How to set up and manage iptables
  • Install, set up, and monitor snort
  • Install and modify dns, dhcp with dynamic update, ldap, samba, nfs, web server, and mail services
  • Set up and use SSH, port forwarding, and stunnel for secure communication between servers and clients
  • How to use and manage logs for troubleshooting
  • Approaches to performance enhancements

Who Should Attend

Anyone interested in setting up network services on Linux hosts.

Prerequisites

A background equivalent to that provided by Course 603: Linux Workstation: Installing, Customizing, and Securing, is assumed.

Course Outline

Unit 1: TCP/IP Review

  • Overview of TCP/IP
  • TCP/IP Setup for Linux

Unit 2: Installation

  • Steps Before Installation
  • Selection of Software and Hardware
  • Installation Options

Unit 3: First Tasks

  • Disaster Preparedness
  • iptables Setup
  • Setting Up Logging
  • Setting Up Snort as an IDS

Unit 4: Software Maintenance

  • Managing with YUM
  • Managing with RPMs
  • How to Incorporate a deb
  • How to Incorporate an FSF Tarball

Unit 5: DNS

  • Setting Up a New Domain
  • Adding DNSSec
  • Overview of Dynamic DNS

Unit 6: DHCP

  • Setting Up Floating IP Addresses
  • Setting Up Fixed IP Addresses
  • Other Values Made Available
  • Integration with DNS

Unit 7: LDAP

  • Overview of LDAP
  • Designing and Setting Up Servers
  • Security of Data
  • Client-Side Actions
  • Integration with Win32 Products

Unit 8: Network File Services (NFS, CIFS, FTP)

  • NFS Setup
  • Working with NFS
  • CIFS Setup
  • Working with CIFS
  • FTP Setup

Unit 9: Mail Services

  • Overview of Mail
  • Setting Up Mail

Unit 10: Security Services

  • SSH
  • SELinux
  • OpenVPN
  • Fine-Tuning iptables

Unit 11: Server Performance

  • What Can Be Monitored?
  • Tools for Monitoring
  • An Approach to Performance Tuning

Unit 12: KVM Virtualization

  • Use Cases
  • Creating an Image
  • Managing an Image

Unit 13: Linux Containers

  • Use Cases
  • Creating a Container
  • Managing a Container
  • Comparison with KVM

Unit 14: Docker (Optional)

  • Use Cases
  • Working with an Image
  • Managing an Image
  • Comparison with KVM and Linux Containers

Please Contact Your ROI Representative to Discuss Course Tailoring!