Advanced Unix Network Services and Security

Global Knowledge (UK) Inc.
Dublin,Maidenhead, United Kingdom

Course Format: Classroom | E-learning | Virtual Class | Online | On-site | Blended | Self-paced

Course Description:

'' This powerful hands-on course provides you with the necessary skills to configure a basic Unix WAN system and the associated LAN clients. Through step-by-step exercises you will learn to configure and troubleshoot the overall security level with a packet filtering firewall, DNS filtering service and a user level security management service. And, you will learn to configure and use port scanning and sniffing tools to verify your security settings and monitor your network.

Learn How To

Ensure Secure remote management of Unix hosts
Discover valuable disaster recovery techniques
Scan network traffic for specific problems
Check your network port security
Improve total Unix security with 3 layers of defense
Harden your local and remote access management

Course Outline
1.Security Related Installation Tips
What are security related installation points of interest?
Expanding file systems with additional disk space
Configuring your partitions for better security management

2. TCP/IP Services

The TCP/IP protocol picture
What are all these services, how do they fit together?
Where are the typical security hot points?
Configuring multiple IP addresses on the same NIC
Understanding well-known protocols and ports
Configuring a WAN connection, server and clients
Dealing with complex routing setups

3. Configuring DHCP on a WAN

Installing the DHCP software
Configuring a network range of IP values with options
Monitoring the usage of leases
Security issues within DHCP
Optionally include Dynamic DNS with DHCP

4. Configuring TCP Wrappers

The superdaemon can listen for multiple network services
Configuring the superdaemon services
Configuring security around the superdaemon with TCP Wrappers

5. Scanning Ports on Hosts

What are ports?
What does the scanner do when scanning?
What do the responses mean?
Use irregularly scheduled scans to check for vulnerabilities

6. Sniffing Specific Packet Types

What are packets? How does one sniff them?
How does one filter out unwanted packet types/sources?
How to analyse a packet for information
What information is available from sniffing an insecure service?

7. Firewall Configuration

What are the services that make up the firewall?
What are the limitations of the firewall?
What are the strengths of the firewall?
How to add/delete/change firewall rules
What is the difference between medium and high security?

8. Configuring PAM

Overview the design of PAM
Investigate the various modules and configurations
How to get the best security and features from PAM
What happens when it breaks? Fix it

9. Monitoring and Troubleshooting Tips

How to be vigilant with monitoring: Script it!
What is normal; what and how to look for not normal
Ways to automate this procedure
Breakin, what steps to perform

Hands-On Labs
Lab 1: Install a Unix compliant OS with better security options.
Lab 2: Create a second IP alias address on the one network card. Use common tools to view network information and analyze its use.
Lab 3: Configure a DHCP service and test with a partner client machine.
Lab 4: Implement a master DNS service, enable DNS-based network restrictions.
Lab 5: Enabling and disabling common insecure services, enabling control with hosts.allow.
Lab 6: Enabling and disabling ports, scanning open ports, enabling secure shell. Scanning NT and Unix hosts with various ports open and closed.
Lab 7: Capturing packets for ssh, ftp, and telnet sessions, looking for the passwords.
Lab 8: Configure access for specialised ports. Create scripts to customise firewall security for emergency situations. Enable specific service ports and monitor them. Close all ports during an investigation of breakin.
Lab 9: Implement a PAM security feature that fails, then fix it. Implement and test a user restriction with PAM.
Lab 10: Real-world troubleshooting scenarios: Users cannot login, where to start. Network service is not responding; how to sniff and test repaired service. Bootup fails due to misconfiguration of one or more setup files.







Who Needs to Attend
Any IT professional with limited administrative experience will greatly benefit from this course as a significant preparation step for locking down and configuring the security of their own Unix networks.






Suggested Prerequisites



UNIX Level 1 Fundamentals
Advanced UNIX Command Line Concepts
Introduction to UNIX Administration


...''

Phone:+00 353 (0) 1 613 0340 /+44 (0) 1628 594 700

School Address:

Global Knowledge Training Centre Dublin
27 Lower Mount Street
Dublin 2
Phone: +00 353 (0) 1 613 0340
Fax: +00 353 (0) 1 613 0341
Email: salesdesk.ie@globalknowledge.ie

Global Knowledge Training Centre Maidenhead
Cincom House
1 Grenfell Road
Maidenhead
SL6 1HN Berkshire
Phone: 0845 304 0044
Phone: +44 (0) 1628 594 700
Fax: +44 (0)1628 776 600
Email: salesdesk.uk@globalknowledge.co.uk


Jobs & Resumes: Dublin, Maidenhead
Houses & Roommates: Dublin, Maidenhead

Contivity - Advanced Configuration and Management
Cisco SAFE Implementation v2.0
Cisco Secure Intrusion Detection System v4.1 (CI-CSIDS)
Cisco Secure PIX Firewall Advanced v3.2 (CI-CSPFA)
Cisco Secure Virtual Private Networks v4.0 (CI-CSVPN)
Securing Hosts Using Cisco Security Agent v1.0 (CI-HIPS)
Securing Cisco IOS Networks v1.1 (CI-SECUR)
Red Hat Enterprise Network Security (RH-S333)
Developing Red Hat Firewall Solutions (RH-S342)
Developing Red Hat Firewall Solutions
Understanding Networking Fundamentals
Network+ Boot Camp
Internet & Network Communications
Mastering TCP/IP
Internetworking Foundations
Internetworking Routers & Switches
Introduction to Telecommunications
Troubleshooting Wireless Networks
Integrating Wireless Networks

Notice: The course description on this page was captured from the Internet as historical reference or submitted by visitors. It was archived statically and not updated from day to day.
 

Tips: Try the search form on top of each page to find the latest course information, using course topic and location as keywords. Keep the course topic keyword short to get more results.