Course Code: 983

Enterprise Linux Network Services

Class Dates:
6/9/2025
7/21/2025
Length:
5 Days
Cost:
$2795.00
Class Time:
Technology:
Network
Delivery:
Instructor-Led Training, Virtual Instructor-Led Training

Overview

  • Course Overview
  • This is an expansive course that covers a wide range of network services useful to every organization. Special attention is paid to the concepts needed to implement these services securely, and to the trouble-shooting skills which will be necessary for real-world administration of these network services. Like all our classes, the course material is designed to provide extensive hands-on experience.
    Topics include:
    • Security with SELinux and Netfilter, DNS concepts and implementation with Bind
    • LDAP concepts and implementation using OpenLDAP; Web services with Apache
    • FTP with vsftpd; caching, filtering proxies with Squid
    • SMB/CIFS (Windows networking) with Samba
    • E-mail concepts and implementation with Postfix combined with either Dovecot or Cyrus.


    Current Version: A01
  • Audience
  • Jobs in enterprise Linux network services include Linux system administrator, Linux network administrator, and Linux engineer. These roles involve managing and maintaining Linux systems, servers, and networks.

    Supported Distributions: Red Hat Enterprise Linux 8, SUSE Linux Enterprise 15

    Job outlook
    There is a high demand for IT professionals skilled in managing and maintaining Linux systems. In May 2021, US computer and IT professionals, including those specializing in Linux, earned around $97,430.

Prerequisites

  • Students should already be comfortable with basic Linux or Unix administration. Fundamentals such as the Linux filesystem, process management, and how to edit files will not be covered in class. A good understanding of network concepts, the TCP/IP protocol suite is also assumed. These skills are taught in the Linux Fundamentals and Enterprise Linux Systems Administration courses.

  • Recommended Courses:

  • Linux Fundamentals
  • Enterprise Linux Security Administration

Course Disclaimer

*Course Cost listed does not include the cost of courseware or exam. Course is subject to a minimum enrollment to run. Course may run virtually as a Virtual Instructor-Led (VILT) class if the minimum enrollment is not met. If the course is under the minimum enrollment the course may run as 4 day class (Bootcamp Style).

Follow Up

Course Details

  • Module 1. Securing Services
  • Xinetd, Xinetd Connection Limiting and Access Control
  • Xinetd: Resource limits, redirection, logging
  • TCP Wrappers, The /etc/hosts.allow & /etc/hosts.deny Files
  • /etc/hosts.{allow,deny} Shortcuts
  • Advanced TCP Wrappers, SUSE Basic Firewall Configuration
  • FirewallD, Netfilter: Stateful Packet Filter Firewall, Netfilter Concepts
  • Using the iptables Command, Netfilter Rule Syntax
  • Targets, Common match_specs,
  • Extended Packet Matching Modules, Connection Tracking
  • Lab Tasks - Securing xinetd Services, Enforcing Security Policy with xinetd
  • Securing Services with Netfilter
  • FirewallD, Troubleshooting Practice
  • Module 2: SELINUX And LSM
  • AppArmor
  • SELinux Security Framework
  • Choosing an SELinux Policy
  • SELinux Commands
  • SELinux Booleans
  • SELinux Policy Tools
  • Lab Tasks
  • Exploring AppArmor Modes
  • SELinux File Contexts
  • Module 3: DNS Concepts
  • Naming Services
  • DNS A Better Way
  • The Domain Name Space
  • Delegation and Zones
  • Server Roles
  • Resolving Names
  • Resolving IP Addresses
  • Basic BIND Administration
  • Configuring the Resolver
  • Testing Resolution
  • Lab Tasks - Configuring a Slave Name Server
  • Module 4: Configuring BIND
  • BIND Configuration Files, named.conf Syntax
  • named.conf Options Block, Creating a Site-Wide Cache
  • rndc Key Configuration
  • Zones In named.conf, Zone Database File Syntax
  • SOA Start of Authority
  • A, AAAA, & PTR Address & Pointer Records
  • NS Name Server
  • TXT, CNAME, & MX Text, Alias, & Mail Host
  • SRV – SRV Service Records, Abbreviations and Gotchas
  • $GENERATE, $ORIGIN, and $INCLUDE
  • Lab Tasks - Use rndc to Control named
  • Configuring BIND Zone Files
  • Module 5: Creating DNS Hierarchies
  • Subdomains and Delegation
  • Subdomains
  • Delegating Zones
  • in-addr.arpa. Delegation
  • Issues with in-addr.arpa.
  • RFC2317 & in-addr.arpa.
  • Lab Tasks
  • Create a Subdomain in an Existing Domain
  • Subdomain Delegation
  • Module 6: Advanced BIND DNS Features
  • Address Match Lists & ACLs
  • Split Namespace with Views
  • Restricting Queries
  • Restricting Zone Transfers
  • Running BIND in a chroot
  • Dynamic DNS Concepts
  • Allowing Dynamic DNS Updates
  • DDNS Administration with nsupdate
  • Common Problems
  • Securing DNS With TSIG
  • Lab Tasks - Configuring Dynamic DNS
  • Securing BIND DNS
  • Module 7: Using Apache
  • HTTP Operation, Apache Architecture
  • Dynamic Shared Objects, Adding Modules to Apache
  • Apache Configuration Files
  • httpd.conf Server Settings, httpd.conf – Main Configuration
  • HTTP Virtual Servers
  • Virtual Hosting DNS Implications, httpd.conf – VirtualHost Configuration
  • Port and IP based Virtual Hosts
  • Name-based Virtual Host
  • Apache Logging, Log Analysis,
  • Lab Tasks - Apache Architecture
  • Apache Content
  • Configuring Virtual Hosts
  • Module 8: Apache Security
  • Virtual Hosting Security Implications
  • Delegating Administration
  • Directory Protection
  • Directory Protection with AllowOverride
  • Common Uses for .htaccess
  • Symmetric Encryption Algorithms
  • Asymmetric Encryption Algorithms
  • Digital Certificates, TLS Using mod_ssl.so
  • Lab Tasks
  • Using .htaccess Files
  • Using TLS Certificates with Apache
  • Use SNI and TLS with Virtual Hosts
  • Module 9: Apache Security
  • Dynamic HTTP Content
  • PHP: Hypertext Preprocessor
  • Developer Tools for PHP
  • Installing PHP, Configuring PHP, Securing PHP
  • Security Related php.ini Configuration
  • Java Servlets and JSP
  • Apache's Tomcat, Installing Java SDK
  • Installing Tomcat Manually
  • Using Tomcat with Apache
  • Lab Tasks
  • CGI Scripts in Apache, Apache Tomcat
  • Using Tomcat with Apache
  • Module 10: Implementing an FTP Server
  • The FTP Protocol
  • Active Mode FTP
  • Passive Mode FTP
  • ProFTPD
  • Pure-FTPd
  • vsftpd
  • Configuring vsftpd
  • Anonymous FTP with vsftpd
  • Lab Tasks
  • Configuring vsftpd
  • Module 11: The Squid Proxy Server
  • Squid Overview
  • Squid File Layout
  • Squid Access Control Lists
  • Applying Squid ACLs
  • Tuning Squid & Configuring Cache Hierarchies
  • Bandwidth Metering
  • Monitoring Squid, Proxy Client Configuration
  • Lab Tasks
  • Installing and Configuring Squid
  • Squid Cache Manager CGI
  • Proxy Auto Configuration
  • Configure a Squid Proxy Cluster
  • Module 12: SQL Fundamentals and MariaDB
  • Popular SQL Databases
  • SELECT Statements, INSERT Statements
  • UPDATE Statements, DELETE Statements
  • JOIN Clauses, MariaDB
  • MariaDB Installation and Security
  • MariaDB User Account Management
  • MariaDB Replication
  • Lab Tasks
  • SQL with Sqlite3
  • Installing and Securing MariaDB
  • Creating a Database in MariaDB
  • Create a Database Backed Application
  • Module 13: LDAP Cconcepts and Clients
  • LDAP: History and Uses
  • LDAP: Data Model Basics
  • LDAP: Protocol Basics
  • LDAP: Applications
  • LDAP: Search Filters
  • LDIF: LDAP Data Interchange Format
  • OpenLDAP Client Tools
  • Alternative LDAP Tools
  • Lab Tasks
  • Querying LDAP
  • Module 14: OpenLDAP Servers
  • Popular LDAP Server Implementations
  • OpenLDAP: Server Architecture
  • OpenLDAP: Backends, OpenLDAP: Replication
  • Managing slapd
  • OpenLDAP: Configuration Sections & Global Parameters
  • OpenLDAP: Database Parameters
  • OpenLDAP Server Tools
  • Native LDAP Authentication and Migration
  • Enabling LDAP-based Login
  • System Security Services Daemon (SSSD)
  • Lab Tasks
  • Installing and Configuring 389DS
  • Module 15: Samba Concepts and Configuration
  • Introducing Samba, NetBIOS and NetBEUI
  • Samba Daemons
  • Accessing Windows/Samba Shares from Linux
  • Samba Utilities, Samba Configuration Files
  • Mapping Permissions and ACLs, Mapping Linux Concepts
  • Share Authentication, User-Level Access
  • Samba Account Database, User Share Restrictions
  • Lab Tasks
  • Samba Share-Level Access, Samba User-Level Access
  • Samba Group Shares
  • Handling Symbolic Links with Samba
  • Samba Home Directory Shares
  • Module 16: SMTP Theory
  • SMTP
  • SMTP Terminology
  • SMTP Architecture
  • SMTP Commands
  • SMTP Extensions
  • SMTP AUTH
  • SMTPSTARTTLS
  • SMTP Session
  • Module 17: Postfix
  • Postfix Components, Architecture, Components, Configuration
  • master.cf, main.cf, Postfix Map Types, Postfix Pattern Matching, Advanced Postfix Options
  • Virtual Domains, Postfix Mail Filtering, Configuration Commands,
  • Management Commands, Postfix Logging
  • Logfile Analysis, Postfix, Relaying and SMTP AUTH
  • SMTP AUTH Server and Relay Control
  • SMTP AUTH Clients, Postfix / TLS
  • TLS Server Configuration, Postfix Client Configuration for TLS
  • Other TLS Clients, Ensuring TLS Security
  • Lab Tasks - Configuring Postfix, Postfix Virtual Host, Network Configuration
  • Postfix SMTP AUTH, STARTTLS Configuration
  • SUSE Postfix Configuration Cleanup
  • Module 18: Mail Services and Retrieval
  • Filtering Email, Procmail, SpamAssassin
  • Bogofilter, amavisd-new Mail Filtering, Accessing Email
  • The IMAP4 Protocol, Dovecot POP3/IMAP Server
  • Cyrus IMAP/POP3 Server, Cyrus IMAP MTA Integration
  • Cyrus Mailbox Administration
  • Fetchmail, Cyrus Mailbox Administration
  • Roundcube Webmail, GNU Mailman, Mailman Configuration
  • Lab Tasks - Configuring Procmail & SpamAssassin
  • Configuring Cyrus IMAP, Dovecot TLS Configuration
  • Configuring Roundcube, Base Mailman Configuration
  • Basic Mailing List
  • Private Mailing List
  • NIS
  • NIS Overview
  • NIS Limitations and Advantages
  • NIS Client Configuration
  • NIS Server Configuration
  • NIS Troubleshooting Aids
  • Lab Tasks
  • Using NIS for Centralized User Accounts
  • Configuring NIS
  • NIS Slave Server
  • NIS Failover
  • Troubleshooting Practice: NIS