Search our courses
Training

This Enterprise Linux Network Services training course is an expansive course that covers a wide range of network services useful to every organization. Special attention is paid to the concepts needed to implement these services securely, and to the trouble-shooting skills which will be necessary for real-world administration of these network services. Like all Guru Labs courses, the course material is designed to provide extensive hands-on experience. Topics include: Security with SELinux and Netfilter, DNS concepts and implementation with Bind; LDAP concepts and implementation using OpenLDAP; Web services with Apache; FTP with vsftpd; caching, filtering proxies with Squid; SMB/CIFS (Windows networking) with Samba; and e-mail concepts and implementation with Postfix combined with either Dovecot or Cyrus.

 

Supported Distributions:

  •     Red Hat Enterprise Linux 7
  •     SUSE Linux Enterprise 12

Enterprise Linux Network Services

Course Code

GTU13

Duration

5 Days

Course Fee

POA

Accreditation

N/A

Target Audience

This Enterprise Linux Network Services training course is designed for system administrators, IT professionals and anyone who need to gain a hands-on knowledge of Linux network configuration and services.

Attendee Requirements

Students should already be comfortable with basic Linux or Unix administration. Fundamentals such as the Linux filesystem, process management, and how to edit files will not be covered in class. A good understanding of network concepts, the TCP/IP protocol suite is also assumed. These skills are taught in the GTLFS1 "Fundamentals of Linux" and GTU12 "Enterprise Linux System Administration" courses.

Expand all

Course Description

This Enterprise Linux Network Services training course is an expansive course that covers a wide range of network services useful to every organization. Special attention is paid to the concepts needed to implement these services securely, and to the trouble-shooting skills which will be necessary for real-world administration of these network services. Like all Guru Labs courses, the course material is designed to provide extensive hands-on experience. Topics include: Security with SELinux and Netfilter, DNS concepts and implementation with Bind; LDAP concepts and implementation using OpenLDAP; Web services with Apache; FTP with vsftpd; caching, filtering proxies with Squid; SMB/CIFS (Windows networking) with Samba; and e-mail concepts and implementation with Postfix combined with either Dovecot or Cyrus.

 

Supported Distributions:

  •     Red Hat Enterprise Linux 7
  •     SUSE Linux Enterprise 12
Course Outline

1. Securing Services

  1. Xinetd
  2. Xinetd Connection Limiting and Access Control
  3. Xinetd: Resource limits, redirection, logging
  4. TCP Wrappers
  5. The /etc/hosts.allow & /etc/hosts.deny Files
  6. /etc/hosts.{allow,deny} Shortcuts
  7. Advanced TCP Wrappers
  8. SUSE Basic Firewall Configuration
  9. FirewallD
  10. Netfilter: Stateful Packet Filter Firewall
  11. Netfilter Concepts
  12. Using the iptables Command
  13. Netfilter Rule Syntax
  14. Targets
  15. Common match_specs
  16. Extended Packet Matching Modules
  17. Connection Tracking

Lab Tasks

  1. Securing xinetd Services
  2. Enforcing Security Policy with xinetd
  3. Securing Services with TCP Wrappers
  4. Securing Services with SuSEfirewall2
  5. Securing Services with Netfilter
  6. FirewallD
  7. Troubleshooting Practice

2. SELinux and LSM

  1. AppArmor
  2. SELinux Security Framework
  3. Choosing an SELinux Policy
  4. SELinux Commands
  5. SELinux Booleans
  6. SELinux Policy Tools

Lab Tasks

  1. Exploring AppArmor Modes
  2. SELinux File Contexts

3. DNS Concepts

  1. Naming Services
  2. DNS – A Better Way
  3. The Domain Name Space
  4. Delegation and Zones
  5. Server Roles
  6. Resolving Names
  7. Resolving IP Addresses
  8. Basic BIND Administration
  9. Configuring the Resolver
  10. Testing Resolution

Lab Tasks

  1. Configuring a Slave Name Server

4. Configuring BIND

  1. BIND Configuration Files
  2. named.conf Syntax
  3. named.conf Options Block
  4. Creating a Site-Wide Cache
  5. rndc Key Configuration
  6. Zones In named.conf
  7. Zone Database File Syntax
  8. SOA – Start of Authority
  9. A, AAAA, & PTR – Address & Pointer Records
  10. NS – Name Server
  11. TXT, CNAME, & MX – Text, Alias, & Mail Host
  12. SRV – SRV Service Records
  13. Abbreviations and Gotchas
  14. $GENERATE, $ORIGIN, and $INCLUDE

Lab Tasks

  1. Use rndc to Control named
  2. Configuring BIND Zone Files

5. Creating DNS Hierarchies

  1. Subdomains and Delegation
  2. Subdomains
  3. Delegating Zones
  4. in-addr.arpa. Delegation
  5. Issues with in-addr.arpa.
  6. RFC2317 & in-addr.arpa.

Lab Tasks

  1. Create a Subdomain in an Existing Domain
  2. Subdomain Delegation

6. Advanced BIND DNS Features

  1. Address Match Lists & ACLs
  2. Split Namespace with Views
  3. Restricting Queries
  4. Restricting Zone Transfers
  5. Running BIND in a chroot
  6. Dynamic DNS Concepts
  7. Allowing Dynamic DNS Updates
  8. DDNS Administration with nsupdate
  9. Common Problems
  10. Common Problems
  11. Securing DNS With TSIG

Lab Tasks

  1. Configuring Dynamic DNS
  2. Securing BIND DNS

7. Using Apache

  1. HTTP Operation
  2. Apache Architecture
  3. Dynamic Shared Objects
  4. Adding Modules to Apache
  5. Apache Configuration Files
  6. httpd.conf – Server Settings
  7. httpd.conf – Main Configuration
  8. HTTP Virtual Servers
  9. Virtual Hosting DNS Implications
  10. httpd.conf – VirtualHost Configuration
  11. Port and IP based Virtual Hosts
  12. Name-based Virtual Host
  13. Apache Logging
  14. Log Analysis
  15. The Webalizer

Lab Tasks

  1. Apache Architecture
  2. Apache Content
  3. Configuring Virtual Hosts

8. Apache Security

  1. Virtual Hosting Security Implications
  2. Delegating Administration
  3. Directory Protection
  4. Directory Protection with AllowOverride
  5. Common Uses for .htaccess
  6. Symmetric Encryption Algorithms
  7. Asymmetric Encryption Algorithms
  8. Digital Certificates
  9. TLS Using mod_ssl.so

Lab Tasks

  1. Using .htaccess Files
  2. Using TLS Certificates with Apache
  3. Use SNI and TLS with Virtual Hosts

9. Apache Server-Side Scripting Administration

  1. Dynamic HTTP Content
  2. PHP: Hypertext Preprocessor
  3. Developer Tools for PHP
  4. Installing PHP
  5. Configuring PHP
  6. Securing PHP
  7. Security Related php.ini Configuration
  8. Java Servlets and JSP
  9. Apache's Tomcat
  10. Installing Java SDK
  11. Installing Tomcat Manually
  12. Using Tomcat with Apache

Lab Tasks

  1. CGI Scripts in Apache
  2. Apache's Tomcat
  3. Using Tomcat with Apache
  4. Installing Applications with Apache and Tomcat

10. Implementing an FTP Server

  1. The FTP Protocol
  2. Active Mode FTP
  3. Passive Mode FTP
  4. ProFTPD
  5. Pure-FTPd
  6. vsftpd
  7. Configuring vsftpd
  8. Anonymous FTP with vsftpd

Lab Tasks

  1. Configuring vsftpd

11. The Squid Proxy Server

  1. Squid Overview
  2. Squid File Layout
  3. Squid Access Control Lists
  4. Applying Squid ACLs
  5. Tuning Squid & Configuring Cache Hierarchies
  6. Bandwidth Metering
  7. Monitoring Squid
  8. Proxy Client Configuration

Lab Tasks

  1. Installing and Configuring Squid
  2. Squid Cache Manager CGI
  3. Proxy Auto Configuration
  4. Configure a Squid Proxy Cluster

12. SQL Fundamentals and MariaDB

  1. Popular SQL Databases
  2. SELECT Statements
  3. INSERT Statements
  4. UPDATE Statements
  5. DELETE Statements
  6. JOIN Clauses
  7. MariaDB
  8. MariaDB Installation and Security
  9. MariaDB User Account Management
  10. MariaDB Replication

Lab Tasks

  1. SQL with Sqlite3
  2. Installing and Securing MariaDB
  3. Creating a Database in MariaDB
  4. Create a Database Backed Application

13. LDAP Concepts and Clients

  1. LDAP: History and Uses
  2. LDAP: Data Model Basics
  3. LDAP: Protocol Basics
  4. LDAP: Applications
  5. LDAP: Search Filters
  6. LDIF: LDAP Data Interchange Format
  7. OpenLDAP Client Tools
  8. Alternative LDAP Tools

Lab Tasks

  1. Querying LDAP

14. OpenLDAP Servers

  1. Popular LDAP Server Implementations
  2. OpenLDAP: Server Architecture
  3. OpenLDAP: Backends
  4. OpenLDAP: Replication
  5. Managing slapd
  6. OpenLDAP: Configuration Options
  7. OpenLDAP: Configuration Sections
  8. OpenLDAP: Global Parameters
  9. OpenLDAP: Database Parameters
  10. OpenLDAP Server Tools
  11. Native LDAP Authentication and Migration
  12. Enabling LDAP-based Login
  13. System Security Services Daemon (SSSD)

Lab Tasks

  1. Building An OpenLDAP Server
  2. Enabling TLS For An OpenLDAP Server
  3. Enabling LDAP-based Logins

15. Samba Concepts and Configuration

  1. Introducing Samba
  2. NetBIOS and NetBEUI
  3. Samba Daemons
  4. Accessing Windows/Samba Shares from Linux
  5. Samba Utilities
  6. Samba Configuration Files
  7. The smb.conf File
  8. Mapping Permissions and ACLs
  9. Mapping Linux Concepts
  10. Mapping Users
  11. Sharing Home Directories
  12. Sharing Printers
  13. Share Authentication
  14. Share-Level Access
  15. User-Level Access
  16. Samba Account Database
  17. User Share Restrictions

Lab Tasks

  1. Samba Share-Level Access
  2. Samba User-Level Access
  3. Samba Group Shares
  4. Handling Symbolic Links with Samba
  5. Samba Home Directory Shares

16. SMTP Theory

  1. SMTP
  2. SMTP Terminology
  3. SMTP Architecture
  4. SMTP Commands
  5. SMTP Extensions
  6. SMTP AUTH
  7. SMTP STARTTLS
  8. SMTP Session

17. Postfix

  1. Postfix Features
  2. Postfix Architecture
  3. Postfix Components
  4. Postfix Configuration
  5. master.cf
  6. main.cf
  7. Postfix Map Types
  8. Postfix Pattern Matching
  9. Advanced Postfix Options
  10. Virtual Domains
  11. Postfix Mail Filtering
  12. Configuration Commands
  13. Management Commands
  14. Postfix Logging
  15. Logfile Analysis
  16. Postfix, Relaying and SMTP AUTH
  17. SMTP AUTH Server and Relay Control
  18. SMTP AUTH Clients
  19. Postfix / TLS
  20. TLS Server Configuration
  21. Postfix Client Configuration for TLS
  22. Other TLS Clients
  23. Ensuring TLS Security

Lab Tasks

  1. Configuring Postfix
  2. Postfix Virtual Host Configuration
  3. Postfix Network Configuration
  4. Postfix SMTP AUTH Configuration
  5. Postfix STARTTLS Configuration
  6. SUSE Postfix Configuration Cleanup

18. Mail Services and Retrieval

  1. Filtering Email
  2. Procmail
  3. SpamAssassin
  4. Bogofilter
  5. amavisd-new Mail Filtering
  6. Accessing Email
  7. The IMAP4 Protocol
  8. Dovecot POP3/IMAP Server
  9. Cyrus IMAP/POP3 Server
  10. Cyrus IMAP MTA Integration
  11. Cyrus Mailbox Administration
  12. Fetchmail
  13. Roundcube Webmail
  14. Mailing Lists
  15. GNU Mailman
  16. Mailman Configuration

Lab Tasks

  1. Configuring Procmail & SpamAssassin
  2. Configuring Cyrus IMAP
  3. Dovecot TLS Configuration
  4. Configuring Roundcube
  5. Base Mailman Configuration
  6. Basic Mailing List
  7. Private Mailing List

A. NIS

  1. NIS Overview
  2. NIS Limitations and Advantages
  3. NIS Client Configuration
  4. NIS Server Configuration
  5. NIS Troubleshooting Aids

Lab Tasks

  1. Using NIS for Centralized User Accounts
  2. Configuring NIS
  3. NIS Slave Server
  4. NIS Failover
  5. Troubleshooting Practice: NIS
Learning Path

You are welcome to discuss which course is most suitable for you with a member of our team. Please contact us for suggestions.

Ways to Attend
  • Attend a public course, if there is one available. Please check our schedule, or register your interest in joining a course in your area.
  • Private onsite Team training also available, please contact us to discuss. We can customise this course to suit your business requirements.

Private Team Training is available for this course

We deliver this course either on or off-site in various regions around the world, and can customise your delivery to suit your exact business needs. Talk to us about how we can fine-tune a course to suit your team's current skillset and ultimate learning objectives.

Private Team Training | Contact us

Technical ICT learning & mentoring services

Private Team Training

Our instructors are specialist consultants with vast real world experience and expertise allowing them to design and deliver client-focused courses for your organisation.

Learn more about our Private Team Training

What Our Clients Say

"Absolutely fantastic training. Thoroughly enjoyed it thanks to our highly enthusiastic tutor.  It wouldn't be an understatement to say that it was the best professional training that I have ever received."

 

Customised Linux with Networking

Live Online -  February 2022

 


“It was very positive. This course was 4 days but covered a semester worth of work if it was done in college. The labs were relevant and delegates were provided the lab/coursebook for further study and practice after the course finished. GuruTeam's course was excellent and provides a deeper understanding of the architecture and how it all works. The hands-on aspect was very helpful as it helped solidify the concepts as I went along."

 

Kubernetes Administration Certification - GTLFK

Live Online September 2024

 

 

 

“The Instructor was very knowledgeable, laid back and very approachable during the course. The environment setup was second to none.  Very easy to jump in and follow along with minimal pre-req setup."

Kubernetes Administration Certification - GTLFK

Onsite May 2024

 

“Very engaging and practical course so hope to be able to put the learning into practice.”

 

Being Agile in Business - GTBAB

Live Online September 2021

 

“Great instructor, who encouraged active participation. The breakout groups and exercises kept the group engaged and the content relevant to our own products”.

 

Site Reliability Engineering Foundation - GTDSRE

Live Online January 2022

 

 

 

"Intelligence is the ability to avoid doing work, yet
getting the work done"

Linus Torvalds, creator of Linux and GIT

Technical ICT learning & mentoring services

About GuruTeam

GuruTeam is a high-level ICT Learning, Mentoring and Consultancy services company. We specialise in delivering instructor-led on and off-site training in Blockchain, Linux, Cloud, Big Data, DevOps, Kubernetes, Agile, Software & Web Development technologies. View our Testimonials

Download our eBrochure
Our Accreditation Partners
  •  
  •  
  •  

 

Upcoming Courses

Kubernetes Administration

4th - 7th November 2024

 Live Online

 

Learn More

RUST PROGRAMMING

4th - 7th November 2024

Live Online

GMT +01:00  09:30 - 17:00 hrs

This course will help you understand what Rust applications look like, how to write Rust applications properly, and how to get the most out of the language and its libraries.

 

 

 

 

 

Learn More

INTRO TO PYTHON 3 

ADVANCED PYTHON 3

15th - 17th October 2024
29th - 31st October 2024

Live Online

   GMT +01:00  09:30 - 17:00 hrs

  Python is a powerful and 
  popular object-oriented 
  programming/scripting
 language with many high q
uality  libraries.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 


 

 

 

 

 

 

 

Learn More

 GO LANG TRAINING

4th to 7th November 2024

Live Online      

GMT +01:00  09:30 - 17:00 hrs

This Go language programming training course will help you understand how Go works, and immediately be more productive. If you are building a team using Go, this will be a great opportunity to get your team on the same page and speaking the same language. Innovative lab exercises and code samples are provided to reinforce skills and quickly master the topics.

Learn More

Newsletter

Stay up to date, receive updates on scheduled dates, new courses, offers, and events.

Subscribe to our Newsletter