SUMMARY:   This course is designed to give delegates practical experience in the network and security and performance administration of a Linux System. This course will enable the student to work towards the RedHat RHCE/RHCT qualifications. AUDIENCE:   The course is designed for System Administrators and Programmers and other technical IT staff who need to acquire knowledge of the key networking and security tasks required to administer a Linux system. The course assumes knowledge of the LINUX Operating System to the level covered in the LINUX System Administration 1 course. DURATION:   5 Days. OBJECTIVES:   On completion of the course the delegate will have acquired practical experience of networking and securing Linux systems. COURSE CONTENT:   Introduction Administration and course materials Course Structure and Agenda Delegate and trainer introductions Session 1 NETWORK CONFIGURATION Networking Basics overview Configuring network interfaces Controlling network devices:ifup/ifdown/mii-tool/ethtool Creating virtual interfaces Using DHCP to assign interface parameters Network diagnosis tools : tcpdump, netstat etc. Session 2 NETWORK SERVICES Ports and Socket connections The xinetd daemon operation Controlling xinetd services and access Limiting access to services using TCP wrappers The FTP service using vsftpd The DHCP service Logging and troubleshooting services Session 3 THE DOMAIN NAME SYSTEM The DNS/BIND system The Name Server hierarchy Master/Slave zones Reverse lookup zones Record types and their syntax Name Daemon control utility (rndc) Address match lists (acl) BIND checking utilities Session 4 NETWORK FILE SYSTEM (NFS) NFS operation : daemons, portmapper etc. Configuring an NFS server NFS share options : /etc/exports UID re-mapping NFS client operation Using the automounter to access NFS mounts Session 5 SAMBA CONFIGURATION The Samba system. The Samba services provided Samba Daemons and operation. Configuring Samba : various tools available Samba authentication methods Samba client tools Using smbmount to access Windows shares Session 6 HTTP services : Apache/Tux and Squid The Apache and Tux web servers Apache Server configuration files Apache configuration directives Virtual host management : name and IP based access CGI programs and Apache modules Apache Encrypted Web server The squid web proxy cache Configuring squid Configuring client access to squid. Session 7 NETWORK INTEGRATION SERVICE (NIS) The NIS System : centralised administration NIS Topology Master, Slave and client configuration Rebuilding NIS Maps Password management under NIS Troubleshooting your NIS configuration Session 8 ELECTRONIC MAIL Sendmail and Postfix Mail User, Mail Transport and Mail User Agents Sendmail configuration files Sendmail configuration with the m4 Macro language m4 Macro file Debugging sendmail Switching to postfix, a sendmail replacement. Postfix configuration. Procmail configuration Session 9 SECURITY AND AUTHENTICATION SERVICES Types of attack usually experienced Packet sniffing/attacks : the tools System and user security policies Authentication services : PAM PAM operation The core PAM configuration files Configuring resource limits & access control through PAM Privileged access : sudo Authentication troubleshooting Session 10 SECURING NETWORKS : FIREWALLS Netfilter overview Tables and chains Packet filtering using iptables Rule targets Basic chain rules and their operation Connection tracking Network address translation Source and Destination NAT configuration RedHat supplied tools for iptables configuration Session 11 DATA SECURITY Encryption methods Single key encryption (symmetric) Public/private key encryption (asymmetric) Certificate encryption and digital signatures OpenSSH Overview Client and server side configuration of OpenSSH Kerberos security principals Configuring Kerberos Session 12 SYSTEM MONITORING/PERFORMANCE MANAGEMENT System Log files Syslogd & klogd configuration Advanced syslogd configuration Analysing logfiles System performance monitoring System activity reporting Simple process accounting Session 13 CUSTOMISING AND USING X WINDOWS Windowing System available The X windowing system managers Configuring using redhat-config and Xfree86 Customising X start-up The X window protocol and X security xauth and ssh operation. The font server GC/05