Search our courses
Training

This Enterprise Linux Network Services training course is an expansive course that covers a wide range of network services useful to every organization. Special attention is paid to the concepts needed to implement these services securely, and to the trouble-shooting skills which will be necessary for real-world administration of these network services. Like all Guru Labs courses, the course material is designed to provide extensive hands-on experience. Topics include: Security with SELinux and Netfilter, DNS concepts and implementation with Bind; LDAP concepts and implementation using OpenLDAP; Web services with Apache; FTP with vsftpd; caching, filtering proxies with Squid; SMB/CIFS (Windows networking) with Samba; and e-mail concepts and implementation with Postfix combined with either Dovecot or Cyrus.

 

Supported Distributions:

  •     Red Hat Enterprise Linux 7
  •     SUSE Linux Enterprise 12

Enterprise Linux Network Services

Course Code

GTU13

Duration

5 Days

Course Fee

POA

Accreditation

N/A

Target Audience

This Enterprise Linux Network Services training course is designed for system administrators, IT professionals and anyone who need to gain a hands-on knowledge of Linux network configuration and services.

Attendee Requirements

Students should already be comfortable with basic Linux or Unix administration. Fundamentals such as the Linux filesystem, process management, and how to edit files will not be covered in class. A good understanding of network concepts, the TCP/IP protocol suite is also assumed. These skills are taught in the GTLFS1 "Fundamentals of Linux" and GTU12 "Enterprise Linux System Administration" courses.

Expand all

Course Description

This Enterprise Linux Network Services training course is an expansive course that covers a wide range of network services useful to every organization. Special attention is paid to the concepts needed to implement these services securely, and to the trouble-shooting skills which will be necessary for real-world administration of these network services. Like all Guru Labs courses, the course material is designed to provide extensive hands-on experience. Topics include: Security with SELinux and Netfilter, DNS concepts and implementation with Bind; LDAP concepts and implementation using OpenLDAP; Web services with Apache; FTP with vsftpd; caching, filtering proxies with Squid; SMB/CIFS (Windows networking) with Samba; and e-mail concepts and implementation with Postfix combined with either Dovecot or Cyrus.

 

Supported Distributions:

  •     Red Hat Enterprise Linux 7
  •     SUSE Linux Enterprise 12
Course Outline

1. Securing Services

  1. Xinetd
  2. Xinetd Connection Limiting and Access Control
  3. Xinetd: Resource limits, redirection, logging
  4. TCP Wrappers
  5. The /etc/hosts.allow & /etc/hosts.deny Files
  6. /etc/hosts.{allow,deny} Shortcuts
  7. Advanced TCP Wrappers
  8. SUSE Basic Firewall Configuration
  9. FirewallD
  10. Netfilter: Stateful Packet Filter Firewall
  11. Netfilter Concepts
  12. Using the iptables Command
  13. Netfilter Rule Syntax
  14. Targets
  15. Common match_specs
  16. Extended Packet Matching Modules
  17. Connection Tracking

Lab Tasks

  1. Securing xinetd Services
  2. Enforcing Security Policy with xinetd
  3. Securing Services with TCP Wrappers
  4. Securing Services with SuSEfirewall2
  5. Securing Services with Netfilter
  6. FirewallD
  7. Troubleshooting Practice

2. SELinux and LSM

  1. AppArmor
  2. SELinux Security Framework
  3. Choosing an SELinux Policy
  4. SELinux Commands
  5. SELinux Booleans
  6. SELinux Policy Tools

Lab Tasks

  1. Exploring AppArmor Modes
  2. SELinux File Contexts

3. DNS Concepts

  1. Naming Services
  2. DNS – A Better Way
  3. The Domain Name Space
  4. Delegation and Zones
  5. Server Roles
  6. Resolving Names
  7. Resolving IP Addresses
  8. Basic BIND Administration
  9. Configuring the Resolver
  10. Testing Resolution

Lab Tasks

  1. Configuring a Slave Name Server

4. Configuring BIND

  1. BIND Configuration Files
  2. named.conf Syntax
  3. named.conf Options Block
  4. Creating a Site-Wide Cache
  5. rndc Key Configuration
  6. Zones In named.conf
  7. Zone Database File Syntax
  8. SOA – Start of Authority
  9. A, AAAA, & PTR – Address & Pointer Records
  10. NS – Name Server
  11. TXT, CNAME, & MX – Text, Alias, & Mail Host
  12. SRV – SRV Service Records
  13. Abbreviations and Gotchas
  14. $GENERATE, $ORIGIN, and $INCLUDE

Lab Tasks

  1. Use rndc to Control named
  2. Configuring BIND Zone Files

5. Creating DNS Hierarchies

  1. Subdomains and Delegation
  2. Subdomains
  3. Delegating Zones
  4. in-addr.arpa. Delegation
  5. Issues with in-addr.arpa.
  6. RFC2317 & in-addr.arpa.

Lab Tasks

  1. Create a Subdomain in an Existing Domain
  2. Subdomain Delegation

6. Advanced BIND DNS Features

  1. Address Match Lists & ACLs
  2. Split Namespace with Views
  3. Restricting Queries
  4. Restricting Zone Transfers
  5. Running BIND in a chroot
  6. Dynamic DNS Concepts
  7. Allowing Dynamic DNS Updates
  8. DDNS Administration with nsupdate
  9. Common Problems
  10. Common Problems
  11. Securing DNS With TSIG

Lab Tasks

  1. Configuring Dynamic DNS
  2. Securing BIND DNS

7. Using Apache

  1. HTTP Operation
  2. Apache Architecture
  3. Dynamic Shared Objects
  4. Adding Modules to Apache
  5. Apache Configuration Files
  6. httpd.conf – Server Settings
  7. httpd.conf – Main Configuration
  8. HTTP Virtual Servers
  9. Virtual Hosting DNS Implications
  10. httpd.conf – VirtualHost Configuration
  11. Port and IP based Virtual Hosts
  12. Name-based Virtual Host
  13. Apache Logging
  14. Log Analysis
  15. The Webalizer

Lab Tasks

  1. Apache Architecture
  2. Apache Content
  3. Configuring Virtual Hosts

8. Apache Security

  1. Virtual Hosting Security Implications
  2. Delegating Administration
  3. Directory Protection
  4. Directory Protection with AllowOverride
  5. Common Uses for .htaccess
  6. Symmetric Encryption Algorithms
  7. Asymmetric Encryption Algorithms
  8. Digital Certificates
  9. TLS Using mod_ssl.so

Lab Tasks

  1. Using .htaccess Files
  2. Using TLS Certificates with Apache
  3. Use SNI and TLS with Virtual Hosts

9. Apache Server-Side Scripting Administration

  1. Dynamic HTTP Content
  2. PHP: Hypertext Preprocessor
  3. Developer Tools for PHP
  4. Installing PHP
  5. Configuring PHP
  6. Securing PHP
  7. Security Related php.ini Configuration
  8. Java Servlets and JSP
  9. Apache's Tomcat
  10. Installing Java SDK
  11. Installing Tomcat Manually
  12. Using Tomcat with Apache

Lab Tasks

  1. CGI Scripts in Apache
  2. Apache's Tomcat
  3. Using Tomcat with Apache
  4. Installing Applications with Apache and Tomcat

10. Implementing an FTP Server

  1. The FTP Protocol
  2. Active Mode FTP
  3. Passive Mode FTP
  4. ProFTPD
  5. Pure-FTPd
  6. vsftpd
  7. Configuring vsftpd
  8. Anonymous FTP with vsftpd

Lab Tasks

  1. Configuring vsftpd

11. The Squid Proxy Server

  1. Squid Overview
  2. Squid File Layout
  3. Squid Access Control Lists
  4. Applying Squid ACLs
  5. Tuning Squid & Configuring Cache Hierarchies
  6. Bandwidth Metering
  7. Monitoring Squid
  8. Proxy Client Configuration

Lab Tasks

  1. Installing and Configuring Squid
  2. Squid Cache Manager CGI
  3. Proxy Auto Configuration
  4. Configure a Squid Proxy Cluster

12. SQL Fundamentals and MariaDB

  1. Popular SQL Databases
  2. SELECT Statements
  3. INSERT Statements
  4. UPDATE Statements
  5. DELETE Statements
  6. JOIN Clauses
  7. MariaDB
  8. MariaDB Installation and Security
  9. MariaDB User Account Management
  10. MariaDB Replication

Lab Tasks

  1. SQL with Sqlite3
  2. Installing and Securing MariaDB
  3. Creating a Database in MariaDB
  4. Create a Database Backed Application

13. LDAP Concepts and Clients

  1. LDAP: History and Uses
  2. LDAP: Data Model Basics
  3. LDAP: Protocol Basics
  4. LDAP: Applications
  5. LDAP: Search Filters
  6. LDIF: LDAP Data Interchange Format
  7. OpenLDAP Client Tools
  8. Alternative LDAP Tools

Lab Tasks

  1. Querying LDAP

14. OpenLDAP Servers

  1. Popular LDAP Server Implementations
  2. OpenLDAP: Server Architecture
  3. OpenLDAP: Backends
  4. OpenLDAP: Replication
  5. Managing slapd
  6. OpenLDAP: Configuration Options
  7. OpenLDAP: Configuration Sections
  8. OpenLDAP: Global Parameters
  9. OpenLDAP: Database Parameters
  10. OpenLDAP Server Tools
  11. Native LDAP Authentication and Migration
  12. Enabling LDAP-based Login
  13. System Security Services Daemon (SSSD)

Lab Tasks

  1. Building An OpenLDAP Server
  2. Enabling TLS For An OpenLDAP Server
  3. Enabling LDAP-based Logins

15. Samba Concepts and Configuration

  1. Introducing Samba
  2. NetBIOS and NetBEUI
  3. Samba Daemons
  4. Accessing Windows/Samba Shares from Linux
  5. Samba Utilities
  6. Samba Configuration Files
  7. The smb.conf File
  8. Mapping Permissions and ACLs
  9. Mapping Linux Concepts
  10. Mapping Users
  11. Sharing Home Directories
  12. Sharing Printers
  13. Share Authentication
  14. Share-Level Access
  15. User-Level Access
  16. Samba Account Database
  17. User Share Restrictions

Lab Tasks

  1. Samba Share-Level Access
  2. Samba User-Level Access
  3. Samba Group Shares
  4. Handling Symbolic Links with Samba
  5. Samba Home Directory Shares

16. SMTP Theory

  1. SMTP
  2. SMTP Terminology
  3. SMTP Architecture
  4. SMTP Commands
  5. SMTP Extensions
  6. SMTP AUTH
  7. SMTP STARTTLS
  8. SMTP Session

17. Postfix

  1. Postfix Features
  2. Postfix Architecture
  3. Postfix Components
  4. Postfix Configuration
  5. master.cf
  6. main.cf
  7. Postfix Map Types
  8. Postfix Pattern Matching
  9. Advanced Postfix Options
  10. Virtual Domains
  11. Postfix Mail Filtering
  12. Configuration Commands
  13. Management Commands
  14. Postfix Logging
  15. Logfile Analysis
  16. Postfix, Relaying and SMTP AUTH
  17. SMTP AUTH Server and Relay Control
  18. SMTP AUTH Clients
  19. Postfix / TLS
  20. TLS Server Configuration
  21. Postfix Client Configuration for TLS
  22. Other TLS Clients
  23. Ensuring TLS Security

Lab Tasks

  1. Configuring Postfix
  2. Postfix Virtual Host Configuration
  3. Postfix Network Configuration
  4. Postfix SMTP AUTH Configuration
  5. Postfix STARTTLS Configuration
  6. SUSE Postfix Configuration Cleanup

18. Mail Services and Retrieval

  1. Filtering Email
  2. Procmail
  3. SpamAssassin
  4. Bogofilter
  5. amavisd-new Mail Filtering
  6. Accessing Email
  7. The IMAP4 Protocol
  8. Dovecot POP3/IMAP Server
  9. Cyrus IMAP/POP3 Server
  10. Cyrus IMAP MTA Integration
  11. Cyrus Mailbox Administration
  12. Fetchmail
  13. Roundcube Webmail
  14. Mailing Lists
  15. GNU Mailman
  16. Mailman Configuration

Lab Tasks

  1. Configuring Procmail & SpamAssassin
  2. Configuring Cyrus IMAP
  3. Dovecot TLS Configuration
  4. Configuring Roundcube
  5. Base Mailman Configuration
  6. Basic Mailing List
  7. Private Mailing List

A. NIS

  1. NIS Overview
  2. NIS Limitations and Advantages
  3. NIS Client Configuration
  4. NIS Server Configuration
  5. NIS Troubleshooting Aids

Lab Tasks

  1. Using NIS for Centralized User Accounts
  2. Configuring NIS
  3. NIS Slave Server
  4. NIS Failover
  5. Troubleshooting Practice: NIS
Learning Path

You are welcome to discuss which course is most suitable for you with a member of our team. Please contact us for suggestions.

Ways to Attend
  • Attend a public course, if there is one available. Please check our schedule, or register your interest in joining a course in your area.
  • Private onsite Team training also available, please contact us to discuss. We can customise this course to suit your business requirements.

Private Team Training is available for this course

We deliver this course either on or off-site in various regions around the world, and can customise your delivery to suit your exact business needs. Talk to us about how we can fine-tune a course to suit your team's current skillset and ultimate learning objectives.

Private Team Training | Contact us

Technical ICT learning & mentoring services

Private Team Training

Our instructors are specialist consultants with vast real world experience and expertise allowing them to design and deliver client-focused courses for your organisation.

Learn more about our Private Team Training

What Our Clients Say

“I particularly liked the heavy hands on sessions that went on with the training. Other than that, really liked Mark's training style. His experience in the field really shines through.”

 

Docker - GTDK1

Feb ‘19

“Instructor's ability to demonstrate new features that are not part of the course help show his mastery as well as prepare us for changes in the technology. Great work.

 

Using Docker & Kubernetes in Production - GTK8SG

Oct ‘18


“This course was an excellent insight into the Cloud Service Management world and equips me with the tools to go back to my company and build upon it.”

 

Cloud Service Manager - GTC13

Jan ‘19

 


“The course was great. The instructor is true Kubernetes Ninja. Loved the hands on approach. Very happy with the course.”

 

Using Docker & Kubernetes in Production - GTK8SG

Oct ‘18

“Excellent instructor. You can tell he really understands the concepts he's presenting and is very passionate about his work. He answered every question we asked and presented the course in an interesting and involving manner.”

 

Spring Boot Development - GTIT40

Nov ‘18

"Intelligence is the ability to avoid doing work, yet
getting the work done"

Linus Torvalds, creator of Linux and GIT

Technical ICT learning & mentoring services

About GuruTeam

GuruTeam is a high-level ICT Learning, Mentoring and Consultancy services company. We specialise in delivering instructor-led on and off-site training in Blockchain, Linux, Cloud, Big Data, DevOps, Kubernetes, Agile, Software & Web Development technologies. View our Testimonials

Download our eBrochure
Our Accreditation Partners
Upcoming Courses

Kubernetes Administration

1 - 4 Apr - DUBLIN

This Kubernetes Administration Certification training course is suitable for anyone who wants to learn the skills necessary to build and administer a Kubernetes cluster

Learn More

CompTIA Network+ FastTrack

More dates coming soon

This fast-paced course teaches the essentials of networking and helps to prepare the student for the CompTIA Network+ certification.

Learn More

Applied Data Science with Python

More dates coming soon

Learn about the theoretical and practical aspects of using Python in the realm of Data Science, Business Analytics, and Data Logistics

Learn More

Introduction to Python 3

More dates coming soon

Python is a powerful and popular object-oriented programming/scripting language with many high quality libraries.

Learn More

Newsletter

Stay up to date, receive updates on scheduled dates, new courses, offers, and events.

Subscribe to our Newsletter