Search our courses
Training

This Enterprise Linux Network Services training course is an expansive course that covers a wide range of network services useful to every organization. Special attention is paid to the concepts needed to implement these services securely, and to the trouble-shooting skills which will be necessary for real-world administration of these network services. Like all Guru Labs courses, the course material is designed to provide extensive hands-on experience. Topics include: Security with SELinux and Netfilter, DNS concepts and implementation with Bind; LDAP concepts and implementation using OpenLDAP; Web services with Apache; FTP with vsftpd; caching, filtering proxies with Squid; SMB/CIFS (Windows networking) with Samba; and e-mail concepts and implementation with Postfix combined with either Dovecot or Cyrus.

 

Supported Distributions:

  •     Red Hat Enterprise Linux 7
  •     SUSE Linux Enterprise 12

Enterprise Linux Network Services

Course Code

GTU13

Duration

5 Days

Course Fee

POA

Accreditation

N/A

Target Audience

This Enterprise Linux Network Services training course is designed for system administrators, IT professionals and anyone who need to gain a hands-on knowledge of Linux network configuration and services.

Attendee Requirements

Students should already be comfortable with basic Linux or Unix administration. Fundamentals such as the Linux filesystem, process management, and how to edit files will not be covered in class. A good understanding of network concepts, the TCP/IP protocol suite is also assumed. These skills are taught in the GTLFS1 "Fundamentals of Linux" and GTU12 "Enterprise Linux System Administration" courses.

Expand all

Course Description

This Enterprise Linux Network Services training course is an expansive course that covers a wide range of network services useful to every organization. Special attention is paid to the concepts needed to implement these services securely, and to the trouble-shooting skills which will be necessary for real-world administration of these network services. Like all Guru Labs courses, the course material is designed to provide extensive hands-on experience. Topics include: Security with SELinux and Netfilter, DNS concepts and implementation with Bind; LDAP concepts and implementation using OpenLDAP; Web services with Apache; FTP with vsftpd; caching, filtering proxies with Squid; SMB/CIFS (Windows networking) with Samba; and e-mail concepts and implementation with Postfix combined with either Dovecot or Cyrus.

 

Supported Distributions:

  •     Red Hat Enterprise Linux 7
  •     SUSE Linux Enterprise 12
Course Outline

1. Securing Services

  1. Xinetd
  2. Xinetd Connection Limiting and Access Control
  3. Xinetd: Resource limits, redirection, logging
  4. TCP Wrappers
  5. The /etc/hosts.allow & /etc/hosts.deny Files
  6. /etc/hosts.{allow,deny} Shortcuts
  7. Advanced TCP Wrappers
  8. SUSE Basic Firewall Configuration
  9. FirewallD
  10. Netfilter: Stateful Packet Filter Firewall
  11. Netfilter Concepts
  12. Using the iptables Command
  13. Netfilter Rule Syntax
  14. Targets
  15. Common match_specs
  16. Extended Packet Matching Modules
  17. Connection Tracking

Lab Tasks

  1. Securing xinetd Services
  2. Enforcing Security Policy with xinetd
  3. Securing Services with TCP Wrappers
  4. Securing Services with SuSEfirewall2
  5. Securing Services with Netfilter
  6. FirewallD
  7. Troubleshooting Practice

2. SELinux and LSM

  1. AppArmor
  2. SELinux Security Framework
  3. Choosing an SELinux Policy
  4. SELinux Commands
  5. SELinux Booleans
  6. SELinux Policy Tools

Lab Tasks

  1. Exploring AppArmor Modes
  2. SELinux File Contexts

3. DNS Concepts

  1. Naming Services
  2. DNS – A Better Way
  3. The Domain Name Space
  4. Delegation and Zones
  5. Server Roles
  6. Resolving Names
  7. Resolving IP Addresses
  8. Basic BIND Administration
  9. Configuring the Resolver
  10. Testing Resolution

Lab Tasks

  1. Configuring a Slave Name Server

4. Configuring BIND

  1. BIND Configuration Files
  2. named.conf Syntax
  3. named.conf Options Block
  4. Creating a Site-Wide Cache
  5. rndc Key Configuration
  6. Zones In named.conf
  7. Zone Database File Syntax
  8. SOA – Start of Authority
  9. A, AAAA, & PTR – Address & Pointer Records
  10. NS – Name Server
  11. TXT, CNAME, & MX – Text, Alias, & Mail Host
  12. SRV – SRV Service Records
  13. Abbreviations and Gotchas
  14. $GENERATE, $ORIGIN, and $INCLUDE

Lab Tasks

  1. Use rndc to Control named
  2. Configuring BIND Zone Files

5. Creating DNS Hierarchies

  1. Subdomains and Delegation
  2. Subdomains
  3. Delegating Zones
  4. in-addr.arpa. Delegation
  5. Issues with in-addr.arpa.
  6. RFC2317 & in-addr.arpa.

Lab Tasks

  1. Create a Subdomain in an Existing Domain
  2. Subdomain Delegation

6. Advanced BIND DNS Features

  1. Address Match Lists & ACLs
  2. Split Namespace with Views
  3. Restricting Queries
  4. Restricting Zone Transfers
  5. Running BIND in a chroot
  6. Dynamic DNS Concepts
  7. Allowing Dynamic DNS Updates
  8. DDNS Administration with nsupdate
  9. Common Problems
  10. Common Problems
  11. Securing DNS With TSIG

Lab Tasks

  1. Configuring Dynamic DNS
  2. Securing BIND DNS

7. Using Apache

  1. HTTP Operation
  2. Apache Architecture
  3. Dynamic Shared Objects
  4. Adding Modules to Apache
  5. Apache Configuration Files
  6. httpd.conf – Server Settings
  7. httpd.conf – Main Configuration
  8. HTTP Virtual Servers
  9. Virtual Hosting DNS Implications
  10. httpd.conf – VirtualHost Configuration
  11. Port and IP based Virtual Hosts
  12. Name-based Virtual Host
  13. Apache Logging
  14. Log Analysis
  15. The Webalizer

Lab Tasks

  1. Apache Architecture
  2. Apache Content
  3. Configuring Virtual Hosts

8. Apache Security

  1. Virtual Hosting Security Implications
  2. Delegating Administration
  3. Directory Protection
  4. Directory Protection with AllowOverride
  5. Common Uses for .htaccess
  6. Symmetric Encryption Algorithms
  7. Asymmetric Encryption Algorithms
  8. Digital Certificates
  9. TLS Using mod_ssl.so

Lab Tasks

  1. Using .htaccess Files
  2. Using TLS Certificates with Apache
  3. Use SNI and TLS with Virtual Hosts

9. Apache Server-Side Scripting Administration

  1. Dynamic HTTP Content
  2. PHP: Hypertext Preprocessor
  3. Developer Tools for PHP
  4. Installing PHP
  5. Configuring PHP
  6. Securing PHP
  7. Security Related php.ini Configuration
  8. Java Servlets and JSP
  9. Apache's Tomcat
  10. Installing Java SDK
  11. Installing Tomcat Manually
  12. Using Tomcat with Apache

Lab Tasks

  1. CGI Scripts in Apache
  2. Apache's Tomcat
  3. Using Tomcat with Apache
  4. Installing Applications with Apache and Tomcat

10. Implementing an FTP Server

  1. The FTP Protocol
  2. Active Mode FTP
  3. Passive Mode FTP
  4. ProFTPD
  5. Pure-FTPd
  6. vsftpd
  7. Configuring vsftpd
  8. Anonymous FTP with vsftpd

Lab Tasks

  1. Configuring vsftpd

11. The Squid Proxy Server

  1. Squid Overview
  2. Squid File Layout
  3. Squid Access Control Lists
  4. Applying Squid ACLs
  5. Tuning Squid & Configuring Cache Hierarchies
  6. Bandwidth Metering
  7. Monitoring Squid
  8. Proxy Client Configuration

Lab Tasks

  1. Installing and Configuring Squid
  2. Squid Cache Manager CGI
  3. Proxy Auto Configuration
  4. Configure a Squid Proxy Cluster

12. SQL Fundamentals and MariaDB

  1. Popular SQL Databases
  2. SELECT Statements
  3. INSERT Statements
  4. UPDATE Statements
  5. DELETE Statements
  6. JOIN Clauses
  7. MariaDB
  8. MariaDB Installation and Security
  9. MariaDB User Account Management
  10. MariaDB Replication

Lab Tasks

  1. SQL with Sqlite3
  2. Installing and Securing MariaDB
  3. Creating a Database in MariaDB
  4. Create a Database Backed Application

13. LDAP Concepts and Clients

  1. LDAP: History and Uses
  2. LDAP: Data Model Basics
  3. LDAP: Protocol Basics
  4. LDAP: Applications
  5. LDAP: Search Filters
  6. LDIF: LDAP Data Interchange Format
  7. OpenLDAP Client Tools
  8. Alternative LDAP Tools

Lab Tasks

  1. Querying LDAP

14. OpenLDAP Servers

  1. Popular LDAP Server Implementations
  2. OpenLDAP: Server Architecture
  3. OpenLDAP: Backends
  4. OpenLDAP: Replication
  5. Managing slapd
  6. OpenLDAP: Configuration Options
  7. OpenLDAP: Configuration Sections
  8. OpenLDAP: Global Parameters
  9. OpenLDAP: Database Parameters
  10. OpenLDAP Server Tools
  11. Native LDAP Authentication and Migration
  12. Enabling LDAP-based Login
  13. System Security Services Daemon (SSSD)

Lab Tasks

  1. Building An OpenLDAP Server
  2. Enabling TLS For An OpenLDAP Server
  3. Enabling LDAP-based Logins

15. Samba Concepts and Configuration

  1. Introducing Samba
  2. NetBIOS and NetBEUI
  3. Samba Daemons
  4. Accessing Windows/Samba Shares from Linux
  5. Samba Utilities
  6. Samba Configuration Files
  7. The smb.conf File
  8. Mapping Permissions and ACLs
  9. Mapping Linux Concepts
  10. Mapping Users
  11. Sharing Home Directories
  12. Sharing Printers
  13. Share Authentication
  14. Share-Level Access
  15. User-Level Access
  16. Samba Account Database
  17. User Share Restrictions

Lab Tasks

  1. Samba Share-Level Access
  2. Samba User-Level Access
  3. Samba Group Shares
  4. Handling Symbolic Links with Samba
  5. Samba Home Directory Shares

16. SMTP Theory

  1. SMTP
  2. SMTP Terminology
  3. SMTP Architecture
  4. SMTP Commands
  5. SMTP Extensions
  6. SMTP AUTH
  7. SMTP STARTTLS
  8. SMTP Session

17. Postfix

  1. Postfix Features
  2. Postfix Architecture
  3. Postfix Components
  4. Postfix Configuration
  5. master.cf
  6. main.cf
  7. Postfix Map Types
  8. Postfix Pattern Matching
  9. Advanced Postfix Options
  10. Virtual Domains
  11. Postfix Mail Filtering
  12. Configuration Commands
  13. Management Commands
  14. Postfix Logging
  15. Logfile Analysis
  16. Postfix, Relaying and SMTP AUTH
  17. SMTP AUTH Server and Relay Control
  18. SMTP AUTH Clients
  19. Postfix / TLS
  20. TLS Server Configuration
  21. Postfix Client Configuration for TLS
  22. Other TLS Clients
  23. Ensuring TLS Security

Lab Tasks

  1. Configuring Postfix
  2. Postfix Virtual Host Configuration
  3. Postfix Network Configuration
  4. Postfix SMTP AUTH Configuration
  5. Postfix STARTTLS Configuration
  6. SUSE Postfix Configuration Cleanup

18. Mail Services and Retrieval

  1. Filtering Email
  2. Procmail
  3. SpamAssassin
  4. Bogofilter
  5. amavisd-new Mail Filtering
  6. Accessing Email
  7. The IMAP4 Protocol
  8. Dovecot POP3/IMAP Server
  9. Cyrus IMAP/POP3 Server
  10. Cyrus IMAP MTA Integration
  11. Cyrus Mailbox Administration
  12. Fetchmail
  13. Roundcube Webmail
  14. Mailing Lists
  15. GNU Mailman
  16. Mailman Configuration

Lab Tasks

  1. Configuring Procmail & SpamAssassin
  2. Configuring Cyrus IMAP
  3. Dovecot TLS Configuration
  4. Configuring Roundcube
  5. Base Mailman Configuration
  6. Basic Mailing List
  7. Private Mailing List

A. NIS

  1. NIS Overview
  2. NIS Limitations and Advantages
  3. NIS Client Configuration
  4. NIS Server Configuration
  5. NIS Troubleshooting Aids

Lab Tasks

  1. Using NIS for Centralized User Accounts
  2. Configuring NIS
  3. NIS Slave Server
  4. NIS Failover
  5. Troubleshooting Practice: NIS
Learning Path

You are welcome to discuss which course is most suitable for you with a member of our team. Please contact us for suggestions.

Ways to Attend
  • Attend a public course, if there is one available. Please check our schedule, or register your interest in joining a course in your area.
  • Private onsite Team training also available, please contact us to discuss. We can customise this course to suit your business requirements.

Private Team Training is available for this course

We deliver this course either on or off-site in various regions around the world, and can customise your delivery to suit your exact business needs. Talk to us about how we can fine-tune a course to suit your team's current skillset and ultimate learning objectives.

Private Team Training | Contact us

Technical ICT learning & mentoring services

Private Team Training

Our instructors are specialist consultants with vast real world experience and expertise allowing them to design and deliver client-focused courses for your organisation.

Learn more about our Private Team Training

What Our Clients Say

“Given the breadth of the course, I think it was very well structured and organised, I got a lot
out of it.”     

 

JVM Tuning - Bespoke Course

Live Online - May 2020

 

“This was an excellent course and was lots of fun to attend. Instructor started with basic intro to
containerization, then explained Kubernetes and the different components (Container
engine, orchestrator, control plane) which all made sense because of the containerization
intro. The parts of the course layered on top of one another to give a good understanding of
Kubernetes.”

 

Kubernetes for App Developers - GTLFKAD

Live Online - Nov 2020

 

“Really enjoyed the course, it has been an eye opener on opportunities to steer how we approach the cloud from a IT Service Management perspective.”

 

Professional Cloud Service Manager - GTC13

Live Online May 2020

 

''Fantastic course, looking forward to applying this in my work and home life. Excellent, practical approach, very motivational. I think the entire company should attend training.''

 

Being Agile in Business - GTBAB

Sept 2019

“The instructor was great! I didn't expect such a good level of teaching with what some may
consider a dry subject. This was simply great!”  

 

Linux LPIC-1 - GTU8

Live Online - August 2020

 

"Intelligence is the ability to avoid doing work, yet
getting the work done"

Linus Torvalds, creator of Linux and GIT

Technical ICT learning & mentoring services

About GuruTeam

GuruTeam is a high-level ICT Learning, Mentoring and Consultancy services company. We specialise in delivering instructor-led on and off-site training in Blockchain, Linux, Cloud, Big Data, DevOps, Kubernetes, Agile, Software & Web Development technologies. View our Testimonials

Download our eBrochure
Our Accreditation Partners
  •  
  •  
  •  

 

Upcoming Courses

Kubernetes Administration

1 - 4 March 2021

Live Online

This Kubernetes Administration Certification training course is suitable for anyone who wants to learn the skills necessary to build and administer a Kubernetes cluster

Learn More

Go Lang training

9 - 12 March 2021 

Live Online

This Go language programming training course will help you understand how Go works, and immediately be more productive.

Learn More

SRE CERTIFICATION TRAINING

1 - 2 Feb 2021    

Live Online

Intro to the principles & practices that enable an organization to reliably and economically scale critical services.

Learn More

INTRO TO PYTHON 3

Feb 16 - 18

March 2 - 4

Live Online        

A comprehensive introduction to the core syntax and functions provided by Python, including coverage of its object-oriented and functional programming features.

Learn More

Newsletter

Stay up to date, receive updates on scheduled dates, new courses, offers, and events.

Subscribe to our Newsletter