LinuxCBT Firewall Edition feat. IPTables, Linux Training, Computer Based Training,Certification Preparation, Linux Administrator, Learn Linux

Price: $195 for Single-Computer License - licensing details
5-Computer License: $495
Academic Pricing Schedule (Students|Education): Pricing Schedule
Additional Licenses: For pricing contact sales@LinuxCBT.com
System Requirements: Windows NT/2000/XP/2003/Vista
Duration: 10 hours/40 Videos on 1-DVD
Available for Download:YES
MD5SUM: a73d6a26301246d273155511bde433e3
Demos: here
Certificate of Completion: YES - contact sales for details

LinuxCBT Firewall Edition feat. IPTables encompasses: 1. Firewall Security.

LinuxCBT Firewall Edition feat. IPTables is unparalleled in content, depth and expertise. It entails 10-hours, or over 1-day of classroom training. LinuxCBT Firewall Edition feat. IPTables prepares you or your organization for successfully securing GNU/Linux & Open Source-based solutions. As a by-product, many of the covered concepts, utilities and tricks are applicable to heterogeneous computing environments, ensuring your coverage of the fundamentals of securing corporate infrastructures.

Let LinuxCBT Firewall Edition feat. IPTables cost-effectively sharpen your GNU/Linux & Open Source Security skills!

Recommended Prerequisites for:

Any LinuxCBT Operating System Course (Classic/EL-4/SUSE/Debian Editions)
- Open mind & determination to master Linux and related open-source applications
- Basic understanding of networking concepts
- Access to a PC to follow the exercises

Firewall Security - Module 1

Intro IPTables
- Discuss key IPTables concepts
- OSI Model discussion
- Determine if IPTables support is available in the current kernel
- Identify key IPTables modules and supporting files
- Explore and examine the default tables
- Learn IPTables Access Control List (ACL) syntax
- Discuss ACL management
- Learn to Save & Restore IPTables ACLs
IPTables - Chain Management
- Explore the various chains in the default tables
- Discuss the purpose of each chain
- Examine packet counts & bytes traversing the various chains
- Focus on appending and inserting new ACLs into pre-defined chains
- Write rules to permit common traffic flows
- Delete & Replace ACLs to alter security policy
- Flush ACLs - reset the security policy to defaults
- Zero packet counts & bytes - bandwidth usage monitoring
- Create user-defined chains to perform additional packet handling
- Rename chains to suit the security policy/nomenclature
- Discuss & explore chain policy
IPTables - Packet Matching & Handling
- Explain the the basics of packet matching
- Identify key layer-3/4 match objects - (Source/Dest IPs, Source/Dest Ports, etc.)
- Explore the multi-homed configuration
- Block traffic based on untrusted (Internet-facing) interface
- Perform packet matching/handling based on common TCP streams
- Perform packet matching/handling based on common UDP datagrams
- Perform packet matching/handling based on common ICMP traffic
- Write fewer rules (ACLs) by specifying lists of interesting layer-4 ports
- Discuss layer-3/4 IPTables default packet matching
- Discuss default layer-2 behavior
- Increase security by writing rules to match packets based on layer-2 addresses
IPTables - State Maintenance - Stateful Firewall
- Discuss the capabilities of traditional packet-filtering firewalls
- Explain the advantages of stateful firewalls
- Examine the supported connection states
- Identify key kernel modules to support the stateful firewall
- Implement stateful ACLs & examine traffic flows
IPTables - Targets - Match Handling
- Discuss the purpose of IPTables targets for packet handling
- Write rules with the ACCEPT target
- Write rules with the DROP target
- Write rules with the REJECT target
- Write rules with the REDIRECT target
- Confirm expected behavior for all targets
IPTables - Logging
- Explore Syslog kernel logging configuration
- Define Access Control Entry (ACEs) to perform logging
- Explain the key fields captured by IPTables
- Log using user-defined chain for enhanced packet handling
- Log traffic based on security policy
- Define a catch-all ACE
- Use ACE negation to control logged packets
- Label log entries for enhanced parsing
IPTables - Packet Routing
- Describe subnet layout
- Enable IP routing in the kernel - committ changes to disk
- Update routing tables on the other Linux Hosts on the network
- Update the Cisco PIX Firewall's routing tables
- Test routing through the Linux router, from a remote Windows 2003 Host
- Focus on the forward chain
- Write ACEs to permit routing
- Test connectivity
IPTables - Network Address Translation (NAT)
- Discuss NAT features & concepts
- Discuss & implement IP masquerading
- Define Source NAT (SNAT) ACEs & test translations
- Create SNAT multiples
- Implement Destination NAT (DNAT) ACEs & test translations
- Define DNAT multiples
- Create NETMAP subnet mappings - one-to-one NATs
IPTables - Demilitarized Zone (DMZ) Configuration
- Describe DMZ configuration
- Write Port Address Translation (PAT) rules to permit inbound traffic
- Test connectivity from connected subnets
- Configure DMZ forwarding (Routing)
- Implement Dual-DMZs - ideal for n-tiered web applications
top

Copyright © LinuxGenius, LLC. 2003-2008 - All Rights Reserved - Privacy | Site Map
Linux is a registered trademark of Linus Torvalds.
All brands, products or company names are trademarks or registered trademarks of their respective companies.

LinuxCBT feat. KornShell Edition - Released...(more)

Accenture
Actel
AccuWeather
AIG
Alcatel
Alliant Energy
Ameritrade
Avocent
AutoDesk
Bechtel Corp.
Bentley College
Boston Pub Health
Burlington Coat
Cadence
CalState PolyTech
CALTECH
Canada Space Agency
City of Orlando
Cisco Systems
Continental Airlines
CNET
Daimler Chrysler
Dublin AA
DisplayTech
Dept. of Labor
DELL
DISA
DORMAN
Duke Energy
EMC
ENTRUST
FBI.GOV
Filtration Group
FH Cancer Research
Fuji Film Canada
Georgia Lottery
Good Year
GrayBar Electric
Hewlett Packard
Ingersoll Rand
Iowa State U.
iPAY
JP Morgan Chase
Kramer Levin LLP
Louisville Tech
Maui HPCC
Maxtor Corporation
MBG
McGill University
Methodist University
Mt. Sinai Medical
Namasco
NASA.GOV - JPL
NAVY
NICHIA Corp
NIH.GOV
NOAA.GOV
NOKIA
Ontario Power Gen.
PABC Bank
Park Nicollet
Partners Healthcare
PA State Senate
Phelps Dodge
Piper Jaffray
REUTERS
ROGERS
SAIC
SafeNet, Inc.
Sanofi-Aventis
Sarah Lawrence
Seton Hall U.
SGI
Simon & Schuster
SLCC.EDU
Smiths Aerospace
Stafford Pub Schools
Symantec
TD Waterhouse
TeliaSonera
Texas Instruments
UC Irvine
UC San Francisco
UC Santa Cruz
U. of Afghanistan
Univ. of Alaska
Univ. of Colorado
University of Iowa
Univ. of Louisville
Univ. of New Haven
UMass School of Med.
Unilever
Unisys
US Courts
Veritas
VMWare
WebTrends
Weidlinger Associates
Woods Hole
XEROX

· EL-5 Edition
· IPv6 Edition
· Debian4x Edition
· SUSE10 Edition
· UnixCBT Edition
· DBMS Edition
· Security Edition
· Basic Security
· Proxy Security
· Firewall Security
· SELinux Security
· NIDS Security
· Packet Analysis
· PAM Security
· OpenSSHv2 Security
· OpenPGP Security
· Samba Edition
· EL-4 Edition
· Mail Edition
· Sendmail Edition
· Postfix Edition
· qmail Edition
· SUSE9 Edition
· Classic Edition
· Debian3x Edition
· Scripting Edition
· BASH Edition
· Perl Edition
· Python Edition
· PHP Edition
· RegEx Edition
· Awk & Sed Edition
· KornShell Edition
· Suite Edition
· Demo Edition
· Pricing & Licensing
· Purchase Orders
· FAQ
· Testimonials
· About us
· Demos
· Contact us
· Clients
· Tell a friend