LinuxCBT Enterprise Linux 4 Edition也称作
LinuxCBT EL-4 Edition,视频教程中使用RedHat Enterprise Linux 4讲解,全程65小时260个视频,是
LinuxCBT Classic Edition的继承与提高。
由于是企业级的RHEL 4的管理,其中内容涉及广泛且颇有深度,这套视频一步一步引领你步入RHEL的殿堂,让你轻松学会使用RedHat Enterprise Linux 4对你的关键业务进行组织、布置与管理。
内容涉及RHEL的安装布置、基础命令的使用(包括shell)、网络设置、系统设置、各种服务器的配置详解(NTP, DHCP, DNS, CRON, FTP, TFTP, LAMP, MySQL等)以及Linux系统安全实施诸多方面的高级应该技术。详情请看下载的英文说明。
此处下载(建议使用下载工具下载):
LinuxCBT.EL4.Edition
LinuxCBT Enterprise Linux 4 Edition focuses on the RedHat® Enterprise 4 GNU/Linux operating system. It is the successor to
LinuxCBT Classic Edition.
LinuxCBT EL-4 Edition, is unparalleled in content, depth and expertise. LinuxCBT EL-4 Edition prepares you or your organization for successfully deploying and managing business-critical RedHat® Enterprise 4-based solutions. Let LinuxCBT EL-4 Edition teach you what traditional training outlets and other CBTs do not; real GNU/Linux skills!
Workstation Focus - Module 1
* Installations and Usage on Dell PowerEdge Hardware
o Discuss features of RedHat® Enterprise Linux 4
o Prepare images for network installation
o Install RedHat Enterprise 4 Workstation on Dell Power Edge Server
o Explore GNOME graphical environment
o Introduction to Bourne Again Shell (BASH) - Globes/environment
o Input (STDIN), output (STDOUT) and standard error (STDERR) redirection
o Pipes
o Command chaining
o BASH for loops
* Common BASH Shell commands - Command Line Interface (CLI)
o pwd, touch, stat, ls - explore useful Linux system commands
o echo, cat - expose ASCII text and integrate with files
o cp - copy files
o mv - move files throughout the file system
o tar - explore features and advantages of tarballs
o gzip, bzip2 - intetgrate with tar and examine Internet archive
o diff - compare and contrast between 2 or 3 files - diff3
o file - discuss logic used to ascertain file type
o find - single and multiple expressions and criteria
o slocate - Compare and contrast with find and create system-wide DB
o w, wall, watch, whereis, which, who - Important w commands
o ps & pstree- explore process lists
o free & top - explore process management with top
o seq, top, jobs, fg, kill, killall, bg - Manage processes using standard tools
o Use grep to process lines
o Use awk to process fields - 30
* Common Network Clients & Utilities
o nano editor
o Convert Unix text files to Windows format using unix2dos
o Convert Windows text files to Unix format using dos2unix
o Retrieve local and remote mail with mutt Mail User Agent (MUA)
o mount - Mount CDs and ISO images - create ISOs with mkisofs
o FTP - explore the standard File Transfer Protocol (FTP) client
o gFTP - Usge GNOME FTP to interact with remote FTP server
o LFTP - basic usage, job control
o LFTP - mirror and reverse mirror content - resume transmission
o LFTP - batch, non-interactive, scripted mode
o Introduction to SSH concepts, implementation, etc.
o Use SSH Client to connect to remote Linux Systems using password authentication
o Identify key SSH-client files (.known_hosts, public/private key pairs,etc.)
o Authenticate to remote Linux systems using alternate credentials
o Use Secure Copy Protocol (SCP) to move data between systems non-interactively
o Use Secure File Transfer Protocol (SFTP) to move data between systems interactively
o Demonstrate how to generate Public/Private key (RSA/DSA) pairs using SSH-Keygen
o Demonstrate using SSH to authenticate to remote Linux hosts without passwords
o Install RedHat Enterprise Workstation on Dell Laptop using HTTP
o Generate Public Key/Private Key pairs for use with file and E-mail encryption
o Demonstrate using E-mail client with GNU Privacy Guard (GPG) Open PGP for E-Mail encryption
o Use Remote Desktop to connect to RDP & VNC remote Linux and Windows hosts
System Configuration - Module 2
* Installation on Dell Poweredge Server
o Prepare Sources on Apache HTTP server
o Burn bootable CD with network drivers for network-based installation
o Remove hardware-based RAID 0 configuration
o Configure hardware-based RAID 5 logical storage
o Commence software installation
o Create custom partitions and mount points during installation
o Configure X11 and confirm installation
* System Initialization
o Explore GRUB
o Explore system recovery mode
o Explore INIT
* System V Linux Runlevel implementation
o Identify key startup files, including scripts (inittab,Sscripts,Kscripts,etc.)
o Explain GNU/Linux System V Init Runlevel (0 - 6) concepts & applications
o chkconfig & ntsysv
o Identify startup log files & entries using DMESG & exploration
* Manage Users and Groups & Permissions
o User and group creation & management concepts - passwd, shadow, group, gshadow files
o Use system-config-users to create and manage users and groups
o chmod/chown/chgrp
o SETGID - Group collaboration
o Explore Hard and Symbolic links including across disparate file systems
* File System Management
o FDISK
o Create Standard Linux Partition
o Make EXT2 File System & mount for general usage
o Use tune2fs to upgrade EXT2 to EXT3 File System
o Remove EXT2 partition and create EXT3-based parition
o FSTAB - explore File System Table
o Use FDISK to create a swap partition
o Create Swap partition using MKSWAP & SWAPON
o Provision additional swap space using swapon & swapoff
o Explore GNU Parted as a partition and file-system management tool
o Use Parted to create EXT?-based and Swap partitions
o Logical Volume Management (LVM) - Discuss concepts and applications
o Allocate partitions for usage with LVM
o Create Physical Volumes
o Create Volume Groups based on Physical Volumes
o Create Logical Volumes based on Volume Groups
o Prepare EXT3-based file systems on LVM-managed storage
o Mount and use LVM Volumes
o Resize LVM Volumes
* Kickstart-based RAID Installation
o Use Kickstart tool to configure automated kickstart process
o Installation via HTTP using Kickstart
o Discuss RAID concepts and configuration
o Configure RAID disk partitions
* RPM Package Management Tool Concepts & Usage
o Query existing packages & file-based packages
o Identify offline and online package repositories
o Install packages
o Upgrade packages
o Freshen packages
o Remove packages
* Kernel Concepts and Management
o Identify and discuss kernel implementation
o Use kernel utils to identify modules and supported hardware
o Discuss proper kernel update procedures
o Download and Install the latest SMP-based kernel
o Confirm results
o Remove outdated kernel and confirm results
o Download and Install the latest Uniprocessor-based kernel
o Examine changes to GRUB and other key directory trees
o SYSCTL - use to view and modify run-time variables
Core Networking Services - Module 3
* Network - Physical & Logical Configuration
o Identify key directories & files for static & dynamic communications
o Configure Linux client with static TCP/IP parameters for network communication
o Explore hotplug -> hwup -> ifup logic
o Use ifconfig to ascertain logical TCP/IP configuration
o Use hwinfo to ascertain installed hardware
o Configure Aliased Ethernet Interfaces to faciliate multiple IP addresses
* Explore System Logging via SYSLOG and Logrotate
o Explore Boot log & System Log
o Explore dmesg
o Explanation of syslog facilities & levels
o Demonstrate syslog administration
o Enable SYSLOG network listener
o Demonstrate Cisco PIX Firewall to Linux SYSLOG functionality
o Explore automatic log rotation and customization via Logrotate
o Configure Logrotate to rotate & compress sample log files
* Implement Network Time Protocol (NTP) Client/Server
o Configure Network Time Protocol (NTP) to perform client/server time synchronization
o Synchronize SUSE Enterprise Linux NTP with additional Linux Stratum 2 NTP server
o Synchronize against Stratum 1 NTP servers
* Dynamic Host Configuration Protocol (DHCP)
o Explain DHCP Concepts & Applications
o Explore DHCP confiuration files
o Configure DHCP subnet with applicable options
o Configure DHCP Reservation based on layer-2 address
* Domain Name System (DNS)
o Configure BIND as a caching-only DNS server
o Implement Master DNS Zone
o Configure Reverse Zone for local subnet
o Implement Dynamic Domain Name System (DDNS) Zones (Forward/Reverse)
o Explain DHCP and DNS update integration options
o Integrate DHCP with DNS via Encypted Transaction Signatures (TSigs)
o Configure Windows 2003 Active Directory to publish DNS Records to Linux Server
o Examine Windows 2003 SRV Records
o Configure Master/Slave Zones with Linux Server
o Evaluate results of BIND configuration using DIG & host
o Implement DNS sub-domains (Third-level domains)
* CRON - System Scheduler
o Explore Cron Implementation
o Explain scheduling options
o Global and scope-based Cron options
o Schedules jobs to run & examine the output
o Configure individual Crontab entries
* Samba Implementation
o Implement Linux & Windows Integration via Samba
o Explore Samba Configuration files
o Implement SMBFS integration with SUSE Enterprise Linux File System
o Mount Windows shares seamlessly using Samba File System (SMBFS)
o Configure FSTAB to support repetitive mounts
o Implement secure SMBFS credentials for mounting
o Install Samba Server support
o Install Samba Web-based Administration Tool (SWAT)
o Configure Samba file sharing
o Configure Samba with multiple NETBIOS aliases
o Install Active Directory (AD) on Windows 2003 Host
o Configure Samba-Active Directory Integration
* Very Secure VSFTPD File Transfer Protocol (FTP) services
o Implement anonymous FTPD
o Implement user-level FTPD access
o Implement FTPD banners
o Disable anonymous access
o Configure VSFTPD to chroot jail users into their home directories
o Implement bandwidth rate-limiting to control bandwidth usage
* Network File System (NFS) Implementation
o Implement NFS Server
o Export shares and discuss options
o Mount NFS exports on remote Linux Host
o Implement AutoFS
* Trivial File Transfer Protocol (TFTP) Implementation
o Install TFTP server
o Backup Cisco PIX firewall configuration using TFTP
o Update Cisco PIX firewall configuration using TFTP
Apache - MySQL® - PHP (LAMP) - Disc 4
* Apache Web Server Implementation
o Discuss Apache server's features and concepts
o Examine Apache-RedHat HTTPD CONF hierarchy
o Examine various configuration files
o Implement Apache Mod Alias and ScriptAlias
o Follow SYMLINKS
o Discuss and implement the Directory directive
o Restrict access to content based on IPs and subnets
o Implement user home (public_html) directories for personal web-publishing
o Configure .htacess file with directives
o Configure IP-based Virtual Hosts
o Configure Name-based Virtual Hosts
o Implement Basic and digest authentication schemes
o Explore Apache logging semantics
o Implement Apache logging system per virtual host
o Webalizer Log Analysis software Implementation
o Generate web reports using Webalizer
o Perl CGI - Implementation
* MySQL® Relational Database Management System
o Install MySQL® Relational Database Management System
o Secure access to MySQL®
o Explore MySQL® monitor shell-based interface
o Create sample MySQL® databases
o Load external data-set from Linux
o Load external data-set from Windows
* PHPMyAdmin - MySQL® Web-based Management Interface
o Install PHPMyAdmin for web-based management of MySQL instances
o Explain & Secure access to PHPMyAdmin
o Explore PHPMyAdmin's interface
* Postfix Message Transfer Agent (MTA)
o Introduction to Sendmail Implementation
o Configure Postfix as default MTA
o Introduction to Postfix Message Transfer Agent (MTA)
o Explore the directives in the Postfix configuration files
o Define default values for the FQDN
o Alter myorigin and examine results
o Configure Postfix to route messages using a Smarthost
o Examine how Postfix delivers mail locally
o Configure SMTP Relaying in Postfix
o Use Mutt to demonstrate outbound mail handling using Postfix
o Define SMTP Virtual domains for hosting multiple DNS domains
o Configure Postfix with a production LinuxCBT DNS domain
o Examine Virtual domain routing with production and non-production DNS domains
* Internet Messaging Access Protocol (IMAP) - Dovecot
o Explain IMAP concepts and applications in comparison to POP3
o Implement IMAP services
o Connect to IMAP services from remote Windows Outlook Express client
o Implement IMAPS
o Generate new self-signed SSL certificate for use with IMAPS
* Squirrel-mail Web-based Mail Interface Implementation
o Describe required squirrel mail components for web-mail integration
o Install squirrel mail on SUSE Enterprise Linux system
o Configure Apache virtual directory for squirrel mail integration
o Configure Apache Virtual Host for squirrel mail integration
o Configure BIND DNS services for squirrel mail integration
o Explore squirrel mail's web-based interface
* XMPP - Enterprise Instant Messenger - Jive Messenger
o Download and Install Jive Messenger
o Configure Jive Messenger for usage
o Evaluate IM-connectivity from Linux Jabber-compliant client
o Evaluate IM-connectivity from Windows Jabber-compliant client
Security Implementation Techniques - Module 5
* System Audit & Lockdown
o Identify tools to perform system audit
o Ascertain and document current system state
o Close all superflous services
o Bind necessary services (daemons) to necessary interfaces and logical addresses
o Establish security configuration baseline
* NMAP - Port Scanner and Vulnerability Assessment Tool
o Obtain, and install current version of NMAP
o Identify commonly used NMAPoptions/switches/parameters
o Explain typical TCPhandshake protocol while using NMAP
o Identifiy key NMAP configuration files
o Use NMAP to perform operating system fingerprinting
o Peform subnet-wide ethical scans
o Perform default TCPSYN-based ethical scans of local and remote resources
o Examine the results of scans on remote Cisco firewall with debugging mode enabled
o Perform default TCPConnect-based ethical scans of local and remote resources
o Examine the results of scans on remote Cisco PIXFirewall with debugging mode enabled
o Use NMAPto scan using aliased and spoofed IP addresses
o Peform local ethical scans
o Explore NMAP Front-End Graphical User Interface (GUI)
o Discuss NMAP's features and applications
o Perform Connect/Syn/Fin and various ethical port-scans
o Perform service exposure scans
* XINETD (Enhanced & Secure INETD Super Server Implementation)
o Identify key XINETD configuration files
o Explain the contents and structure of xinetd.conf
o Restrict access to various daemons/services based on hosts & subnets
o Lockdown XINETD-controlled services
o Configure XINETD to restrict number of spawned instances of daemons/services
o Configure XINETD to bind daemons/services to specific sub-interfaces (Virtual IP addresses)
o XINETD logging
o Explore additional XINETD features
* TCP Wrappers concepts & applications
o Identify primary package and key TCP Wrappers configuration files
o Demonstrate disabled TCP Wrappers configurations by attempting connectivity
o Examine pre and post TCP Wrappers configuration effects
o Implement TCP Wrappers for common services
o Test local & remote access to TCP Wrappers-protected host & services
* IPTABLES (Netfilter Linux Kernel-based Firewall)
o Discuss IPTABLES/Netfilter Concepts
o Explore default tables and chains
o Define and test INPUT chains
o Define and test OUTPUT chains
o Create user-defined chain and evaluate results
o Explain IPTABLES default chains/filters and policies
o Examine TCP/ICMP communications pre-IPTABLES chains
o Implement ICMP inbound filtration based on various hosts
o Use Cisco PIX Firewall to verify ICMP debugging
o Filter traffic based on Layer-4 TCP/UDP (Source/Destination Ports) information
o Restrict access to various daemons (SSH/FTP/HTTP/etc.)
o Test connectivity locally and remotely (RedHat/Windows/etc.)
o Implement IP Forwarding between disparate subnets
o Implement Network Address Translation (NAT)
* Nessus Vulnerability Scanner
o Download and Install Nessus Vulnerability Scanner
o Install missing system dependencies
o Generate self-signed SSL certificates
o Perform basic Nessus system configuration and start the daemon
o Use Nessus Linux client to connect to Nessus Server and perform scans
o Examine resuls of scanning Windows 2003 Host
o Examine resuls of scanning Cisco PIX Firewall Appliance
* Secure Shell Daemon - Secure Communications Implementation
o Explore SSHD key configuration files
o Restrict access to SSHD
o Explore SSHD logging
o Configure PVPNs with local port forwarding
o Configure PVPNs with remote port forwarding
o Execute remote commands in non-interactive mode using SSH
o Discuss forced-commands framework
o Configure SUSE Enterprise to accomodate forced-commands
o Test forced-commands for pre-configured accounts for push/pull secure transactions
o Integrate SSHD with Windows 2003 Server and PuTTY SSH client
o Implement PKI with PuTTY SSH
o Use PSCP and PSFTP to communicate securely from Windows® 2003 to SUSE® Linux
* Snort® 2.x Network Intrusion Detection System (NIDS)
o Obtain, and install pre-requisites (libpcap/libpcre/etc.)
o Obtain, compile and install the Snort® Network Intrusion Detection System (NIDS)
o Identify and explain key operating modes (Sniffer/Logger/NIDS)
o Explore in network sniffer mode
o Explain OSI Model and relevant sniffing options
o Explore Snort® in ASCII and Binary (TCPDUMP) logging modes
o Output logs to ASCII text format and examine the results
o Output logs to binary format and examine the results
o Implement Snort® with BPF to filter traffic
o Generate traffic from remote Windows 2003 and Linux hosts
o Use Snort® with Berkeley Packet Filter (BPF) to parse logs
o Implement Snort® in NIDS modes
o Explore the snort.conf file and discuss rules
o Explain Logging and Alerting output options
o Perform port-scans from remote Linux systems and analyze Alerts
o Configure Snort® to log to SYSLOG
