Upload
jordon-hassell
View
214
Download
0
Tags:
Embed Size (px)
Citation preview
Objectives
• Deploy ifconfig and Linuxconf to reconfigure a NIC in Linux
• Use the netconfig and netcfg commands• Identify the /etc/sysconfig/network-scripts file• Use ping options• List the uses of the arp, netstat, and route
commands• Use the traceroute command to discover network
paths• Enable IP forwarding
TCP/IPConfiguration Parameters
• Basic configuration information– Computer name– IP address– Subnet mask– Default gateway– DNS information– DHCP client information
TestingNetwork Connectivity
• The ping command• Address resolution and ARP• The netstat command• The route command• Traceroute
Using MultipleEthernet Adapters
• Adding multiple adapters• IP forwarding
– Enabling IP forwarding– Editing the network scripts directly
Summary
Deploy ifconfig and Linuxconf to reconfigure a NIC in Linux
Use the netconfig and netcfg commands Identify the /etc/sysconfig/network-scripts file Use ping options List the uses of the arp, netstat, and route
commands Use the traceroute command to discover network
paths Enable IP forwarding
Objectives
• Explain the DNS• Identify DNS components• List the common DNS record types• Define reverse DNS lookup• Use nslookup and other DNS troubleshooting
tools• Implement DNS on Linux
Probing DNSwith nslookup
• BIND• Basic nslookup operation
– Interactive operation• Finding other record types• Changing servers• Listing domains (zone file transfers)
Summary
Explain the DNS Identify DNS components List the common DNS record types Define reverse DNS lookup Use nslookup and other DNS troubleshooting
tools Implement DNS on Linux
Objectives
• Identify tools to configure a PPP interface• Configure a PPP interface to make outbound
connections• Configure a modem to listen for and service
inbound connections• Configure a PPP logon script• List steps for initiating an ISDN connection
Modemsand Interfaces
• PPP• ISDN• Additional types of dial-up interfaces
– Dummy– SLIP– CSLIP
• Selecting the correct modem• Inbound and outbound access
The ModemChat Sequence
• Hayes commands• Unsuccessful sessions• Authentication and the chat sequence
Troubleshootingthe Modem
• Minicom utility• PPP HOWTO• auth required /lib/security/pam_pwdb.so
module
Summary
Identify tools to configure a PPP interface Configure a PPP interface to make outbound
connections Configure a modem to listen for and service
inbound connections Configure a PPP logon script List steps for initiating an ISDN connection
How DHCP Works
• Discover message• Initializing• Offer message• Selecting state• Request message• Requesting state• Acknowledgment message
Objectives
• Stop and start Apache Server• Create aliases• Redirect URLs• Understand CGI and Perl• Enable access control• Create a virtual server
AdministeringApache Server
• Apache Server processes• Stopping and starting httpd• Configuring Apache Server• Merging all three files• Graphical user interfaces and Apache
Summary
Stop and start Apache Server Create aliases Redirect URLs Understand CGI and Perl Enable access control Create a virtual server
Objectives
• Describe how Sendmail uses SMTP• Differentiate between SMTP, POP3, and IMAP• Stop and start Sendmail and configure parameters• Create mail aliases• Configure mail forwarding• Control access to Sendmail• Troubleshoot Sendmail
E-MailServer Terminology
• Masquerading• Aliasing• Relaying• E-mail hub• Combining aliasing and forwarding• MX records
MiscellaneousConfiguration Issues
• Modifying sendmail.cf• Common client modifications• Aliasing with Sendmail
– Machine aliases
The /etc/mailDirectory
• The access file• Forwarding e-mail to a local user• Forwarding e-mail to a remote user• The .forward file
Summary
Describe how Sendmail uses SMTP Differentiate between SMTP, POP3, and IMAP Stop and start Sendmail and configure parameters Create mail aliases Configure mail forwarding Control access to Sendmail Troubleshoot Sendmail
Objectives
• Use tcpdump to examine all network traffic• Obtain a graphical display of all network traffic• View a network activity matrix• Gather network use statistics for your own
interface• Identify the type and amount of traffic passing
through a network
Packet Sniffing
• Ethereal Network Analyzer– Dependencies
• Sniffit• Promiscuous mode
– Switches– Running tcpdump
Summary
Use tcpdump to examine all network traffic Obtain a graphical display of all network traffic View a network activity matrix Gather network use statistics for your own
interface Identify the type and amount of traffic passing
through a network
Objectives
• Discuss authentication and encryption• Explain how PAMs work in Linux• Search for commonly exploited file permissions• Identify system scanning tools• Use shadow passwords• Deploy TCPWrapper• Control user access to system processes
Encryption
• Categories– Symmetric– Asymmetric– Hash
• Benefits– Data confidentiality– Data integrity– Authentication– Nonrepudiation
Authentication
• Methods– Prove what you know– Show what you have– Demonstrate who you are– Identify where you are
Logon Security and Pluggable Authentication Modules
• Configuring PAM• Remote access and the root account• Denying remote access to specific users• Time-based access• Controlling processor and memory usage• The ulimit command
IncidentResponse
• Notify management• Break the link or create a “jail”• Call the police• Contact the hacker• Conduct trace routes• Delete and replace affected binaries
Summary
Discuss authentication and encryption Explain how PAMs work in Linux Search for commonly exploited file permissions Identify system scanning tools Use shadow passwords Deploy TCPWrapper Control user access to system processes
Objectives
• Describe public key encryption• Obtain and install SSH to replace Telnet• Use Linux clients to connect to an SSH server• Authenticate using public key encryption
Secure Shell
• Security services provided by SSH• Obtaining SSH• Encryption in SSH• Authentication in SSH• SSH2 components• SSH clients
PreparingSSH Components
• Installing components and starting the server• Logging on using SSH• Compatibility with SSH1• SSH and DNS
Secure Shelland Authentication
• Exchanging public keys• Establishing trust relationships• Using the secure FTP client
Summary
Describe public key encryption Obtain and install SSH to replace Telnet Use Linux clients to connect to an SSH server Authenticate using public key encryption
Administering Linux Internet Services
TCP/IP Configuration The Domain Name System Modem Configuration Configuring a DHCP Server Configuring Apache Server