These resources will help you with every lab.
A chain is only a strong as it's weakest link and network is only as strong as it's weakest system. It is essential that every system you roll-out be configured correctly and completely. The best way to ensure this is to automate the installation and configuration process. In this module we will build the infrastructure required to perform automated installation and configuration of RedHat systems.
Note: This is a two week LabWe now have a working build server. Today we will customize our Kickstart file so that our newly built systems can fit smoothly into our production environment.
The secure shell (ssh) that you know and love is the standard tool for safely accessing remote nodes. In this module we will learn how to use ssh 'like the pros do', including how to use ssh as a makeshift VPN (Virtual Private Network).
The Security Enhanced Linux framework is a valuable tool for securing servers. It's primary function, as deployed by RedHat/CentOS is to limit the access of server processes, like httpd, to minimize exposure should the service be compromised. Many admins simply disable SELinux out of fear and ignorance.
In most organizations no node can be placed on the production network until it has passed a security scan. Security scans look for know vulnerability and configuration mistakes. In this module we will subject our systems to one of the worlds most popular security scanners and we will build our own scanner.
Intrusion detection systems (IDS) are the watchdogs of computer security. They monitor systems and alert administrators to activities and changes that might indicated nefarious actions. We will build our own IDS from scratch.
How do you know who to trust on the 'net? In almost every scenario where we trust a principal on the Internet, we use public key cryptography in one form or an other to do so. SSL certificates are based on public key cryptography, so are digital signatures. In this module we'll learn how to use GPG/PGP (GNU Privacy Guard/Pretty Good Privacy) to sign documents, verify signatures and encrypt documents.
We will use nftables to isolate a systemt we do not trust.
Back in 1995, it was typical for an admin to manage fewer than 5 servers. This is no longer the case. With tens or hundreds of O/S instances to manage, we need some help. System management tools like Ansible provide just that.
For decades version control software has been the backbone of the software development and release processes. Git is the current reigning champ of version control software on Linux.
Our end of term Bonus Banquet has been booked at the lovely Bistro '32. Select projects from the menu and earn up to 5 bonus marks.
Demonstrate your work to earn your bonus marks.