MCSE & CCNA And Network consulting: SUN SOLARIS 10

UnixCBT feat. Solaris® 10 Edition focuses on the enterprise-trusted, Solaris® 10 Operating System (OS).

Published at Saturday 27 October 2007 @ 4:54 pm by dittys

UnixCBT feat. Solaris® 10 Edition focuses on the enterprise-trusted, Solaris® 10 Operating System (OS).

The coursework focuses on traditional Unix features including: Bourne/BASH shells, user/group management, file permissions, disk management, Cron, Network Time Protocol (NTP), Network File System (NFS), SendMail, and File Transfer Protocol (FTP).

UnixCBT feat. Solaris® 10 Edition also covers Solaris® 10-specific features, including but not limited to: Custom installations, Service Management Facility (SMF) framework, Package & Patch management, Unix File System (UFS) management, Volume management (RAID-0/1/5), Solaris® Management Console (SMC), Solaris® Zones, and the Zettabyte File System (ZFS).

Additionally, UnixCBT feat. Solaris® 10 Edition covers the integration of key Open Source technologies, including, but not limited to: Grand Unified Boot Loader (GRUB), GNOME Desktop, Samba, Apache HTTPD, MySQL, PHP (SAMP), BIND (DNS), Secure Shell Version 2 (SSHv2), GNU Privacy Guard (GPG (PGP-compliant encryption tools), TCPDump, Snort® NIDS, and Nmap.

Recommended Prerequisites for:

Any LinuxCBT OS Edition such as LinuxCBT feat. SUSE® Enterprise Edition
- Open mind & determination to master Linux and related open-source applications
- Basic MS Windows skills
- Basic understanding of networking concepts
- Access to a PC to perform all of the installations and exercises.

Installations

Local Media (CDROM) Text-based Installation on Dell PowerEdge Hardware
- Discuss features of Solaris® 10
- Explore system BIOS
- Configure BIOS for local media booting
- Boot local media and discuss default GRUB options for installation
- Boot installation and discuss installation options
- Discuss system requirements for text & GUI installations
- Discuss single-user mode access
- Boot text-based installation and explain hardware detection process & assignment
- Configure network parameters
- Configure time & locale parameters
- Explore software companion DVD components
- Select appropriate installation package group (Entire Distribution)
- Customize file system slices - /, /export/home, SWAP
- Complete installation of Entire Distribution
- Reboot and confirm boot to the GUI screen
Pre-Execution (PXE) Nework-based Installation on Dell PowerEdge Hardware
- Explain PXE installation requirements (TFTP, DHCP, etc.)
- Prepare an alternate Solaris® server to become an Install Server - ./setup_install_server
- Share Install Server source files using Network File System (NFS)
- Configure SuSE® Linux DHCP Server to support the PXE client (Solaris® server) using a reservation
- Configure Solaris® Install server to support the Solaris® client - ./add_install_client
- Explore files created by ./add_install_client to support PXE
- Explain PXE-boot process
- Boot PowerEdge server and configure BIOS to boot using PXE
- Reboot and install Solaris® 10 across the network without local media
- Install using Solaris® Interactive option
- Configure GUI (KVM) settings for graphical installation
- Configure network parameters
- Configure time & locale parameters
- Confirm additional parameters and NFS path to source files
- Customize file system slices - /, /export/home, /var, SWAP
- Complete installation of Entire Distribution
- Reboot and explore the Grand Unified Boot Loader (s) menu items
- Discuss Service Management Facility (SMF) initial starup process
- Confirm GUI Login
Console-based (Serial Cisco Firewall Rollover Cable) Installation
- Discuss requirements of serial installation
- Execute ./add_install_client to setup console installation option on appropriate com port
- Boot PowerEdge server and confirm PXE boot
- Select console boot option and confirm GRUB boot option
- Connect to SuSE® Linux and use kermit to connect via com1 to the PowerEdge server
- Continue PXE-Console(Serial) installation
- Alter kermit console to resemble a mainframe terminal
- Configure network parameters
- Configure time & locale parameters
- Customize file system slices - /, /export/home, /var, /usr, /opt, SWAP
- Complete installation of Entire Distribution
- Configure X.org GUI parameters using kdmconfig
Sysidcfg (phase 1) & JumpStart-based (phase 2) Installation - Unattended Installs
- Explain the directives(network,locale,etc.) and application of the ‘sysidcfg‘ file
- Define the ’sysidcfg’ file
- Execute ./add_install_client to provide support for ’sysidcfg’ file
- Reboot using PXE and install using ‘sysidcfg‘ file, confirming auto-population of directives - phase 1
- Discuss rules regarding JumpStart installation method - phase 2
- Introduction to the ‘rules.ok‘ file
- Discuss ‘rules.ok’ profile development for classes of users (marketing, development, etc.)
- Define ‘rules.ok’ profile file with appropriate criteria, validae, and store in NFS-accessible location
- Reboot server, and confirm ’sysidcfg’ and ‘rules.ok’ files in GRUB entry
- Continue JumpStart, unattended installation
Desktop Console-based Installation with PXE
- Boot using ’sysidcfg’ and ‘rules.ok’ files incorporated in JumpStart option
- Configure X.org using kdmconfig
- Complete unattended remainder of installation
Flash-based (Snapshot) Installation with PXE and JumpStart Integration
- Discuss ideal environment for implementing flash installations
- Identify the current runlevel and enter single-user mode to prepare flash archive
- Use the ‘flar‘ utility to take a snapshot of the system
- Use Secure Copy (scp) to copy flash archive to NFS server
- Reboot PowerEdge server and perform flash installation
- Compete installation, reboot and confirm initial startup
- Configure JumpStart and flash archive installation
- Configure X.org GUI parameters using kdmconfig
- Customize file system slices - /, SWAP
- Complete installation
- Confirm results - GUI Login

System Administration

Grand Unified Boot Loader (GRUB) Implementation
- Describe the boot process (BIOS - GRUB - Solaris® Kernel - Sched - Init - SMF - Runlevel)
- Discuss the default GRUB menu items
- Explain how GRUB references bootable media
- Boot into single-user mode by modifying GRUB
- Explore the GRUB startup environment
System Initialization (INIT - PID 1)
- Describe init’s invocation
- Peruse init’s default configuration file /etc/inittab
- Explain runlevels
- Compare & contrast Solaris® & Linux runlevels
- Explore /etc/init.d and /etc/rc* directories
Service Management Facility (SMF) Framework
- Discuss the adavantages and features of SMF
- Discuss the service configuration database
- Explain support for legacy services
- Discuss the role of service restarters - ‘svc.startd’ & ‘inetadm‘
- Describe support for INETD-controlled daemons
- Enumerate services configured on the system, including state information
- Discuss & examine Fault Management Resource Identifiers (FMRIs)
- Discuss service dependencies
- Use ‘svcadm‘ to manage (disable/enable) services
- Break dependencies and evaluate the results
- Use ‘inetadm’ to manage INETD-related services
- Convert legacy INETD service to SMF-managed service
GNOME Desktop Environment
- Explore GNOME Desktop
- Identify key features
- Explore the Control Panel interface
- Browse the filie system using Nautilus explorer
- Correlate GNOME Desktop items to files in the user’s home directory
- Customize GNOME Desktop
- Create GNOME Desktop launchers (Shortcuts)
- Save configuration
Shell-based User & Group Management
- Enumerate key user & group management tools
- Analyze the fields in /etc/passwd, /etc/shadow, /etc/group
- Correlate /etc/passwd to /etc/shadow entries
- Create and modify users and groups
- Alter the default encryption algorithm used for passwords
- Add users to groups and evaluate results
Solaris® Management Console (SMC) - Consolidated GUI System Management
- Confirm that ‘wbem’ is running
- Launch SMC and connect to local ‘wbem’ instance
- Authenticate and explore the SMC GUI interface
- Peruse key system metrics
- Explore the log viewer interface
- Manage users & groups using SMC
- Define user templates and create users based on those templates
- Examine scheduled jobs and correlate to crontab entries
- Explore mounted file systems
Bourne Again Shell (BASH)/Bourne Shell Basics
- Distinguish between privileged and non-privileged uses
- Identify the default shell for a given user
- Discuss features of BASH
- Execute BASH
- Discuss pseudo-terminals and how to identify connected terminals
- Modify user’s accounts to default to BASH using shell & SMC
- Use ‘su‘ to switch users
- Explore key BASH commands
- Focus on BASH input, output, and error redirection
- Explore BASH command chaining
- Use logical BASH operators (&&, ||) to control program logic
- Discuss and alter BASH global and user-specific configuration files
- Reveal key information using system info commands
Package Management
- Discus options for managing packages
- Discuss package nomenclature
- Use ‘installer‘ script in GUI & text modes to install packages
- Install packages from the Software Companion DVD sources
- Use ‘prodreg‘ to display currently-installed software
- Install packages using prodreg and evaluate results
- Enumerate existing packages using ‘pkginfo‘
- Echo package metadata using pkginfo
- Use ‘pkgchk‘ to enumerate package’s contents
- Use pkgchk to discover discrepancies in file locations and permissions - auditing
- Determine package membership of files using pkgchk
- Use ‘pkgadd‘ to install packages
- Add packages to the local pacakage repository for subsequent installs
Patch Management
- Discuss options for managing patches
- Register server with sun.com to obtain patches automatically
- Resolve outstanding patches using Update Manager
- Install selected patches and reboot if necessary
- Confirm patch application
- Analyze patch level using ’smpatch’ from the BASH shell
- Install specific patches using ‘smpatch‘
Unix File Permissions
- Analyze permissions in ‘ls -l’ output
- Discuss common Unix file types (files, directories, links, named-pipes, etc.)
- Correlate symbolic permissions values to octal values
- Use ‘chmod‘ to alter file & directory permissions
- Use ‘chown & chgrp‘ to alter file & directory ownership
- Apply SETUID & SETGID permissions to files & directories
- Discuss the rules of symbolic & hard links
- Create hard and soft links - symlinks
- Discuss and examine inodes
Devices & Drivers Overview
- Explore & correlate logical & physical device locations
- Identify & discuss default driver locations
Disk, Slice & File System Management
- Explain disk terminology (Tracks/Cylinders/Sectors/Partitions/Slices)
- Examine existing disk layout, including slices using prtvtoc
- Discuss x86 partition constraints - Volume Table of Contents (VTOC) & FDISK
- Illustrate the disk-FDISK-slice hierarchy
- Explain the disk nomenclature: c0t0d0s* (controller, target, disk, slice)
- Identify logical and physical disk/slice locations
- Use ‘format‘ to enumerate connected controllers & disks
- Manipulate slices using ‘format’
- Rectify disk geometry issues using fdisk option of ‘format’
- Manipulate FDISK partitions with fdisk option of ‘format‘
- Discuss ‘newfs’ rules
- Create Unix File Systems (UFSs) using ‘newfs‘
- Mount newly-created file systems at various locations
- Confirm available storage
- Updated /etc/vfstab, ensuring persistence
- Recap file system provisioning process
- Provision memory-based, Temporary File System (TEMPFS)
- Provision and manage additional SWAP storage (files & file systems)
Volume Management - State Database Replicas, RAID-0/1/5, Volume Extenstion (growfs)
- Introduction to volume management
- Discuss Replicas, RAID Volumes, Hot Spare Pools, and Soft Partitions
- Create required state database replicas on available slices, using SMC
- Provision RAID-0 (Stripe) using SMC and available disks
- Create UFS file system on RAID-0 volume, mount, and confirm results
- Provision RAID-1 (Mirror) using SMC and available disks
- Create UFS file system on RAID-1 volume, mount, and confirm results
- Provision RAID-5 (Stripe with Parity) using SMC and available disks
- Create UFS file system on RAID-5 volume, mount, and confirm results
- Extend an in-use volume dynamically, using ‘growfs‘
- Confirm extended volume results
Quota Implementation
- Discuss the benefits of implementing quotas
- Discuss soft & hard limits
- Discuss inodes and blocks usage
- Examine ‘edquota‘
- Use ‘quotacheck‘ to confirm quotas
- Enable quotas on a per-file system basis & confirm results
- Test soft & hard limits by generating I/O
- Use ‘repquota‘ to confirm current disk & slice usage
CRON - Process Scheduling - Automation
- Discuss the benefits of automation & scheduling
- Explore at, and Cron’s directory layout
- Explain Cron scheduling fields
- Examine user’s cron entries
- Schedule per-user jobs and confirm execution
SYSLOG - Configuration
- Discuss features & benefits
- Identify key binaries and configuration files
- Discuss Syslog rule components: selectors (facilities & levels) and actions
- Peruse predefined selectors & actions
- Explain options for facilities, levels and actions
- Configure new selectors & actions for Cisco® PIX® firewall logging
- Confirm logging results
Log Rotation - logadm
- Discuss features & benefits
- Identify key binaries and configuration files
- Explore default log rotation schedule and items
- Discuss available logadm criteria
- Examine log rotation and effects on inodes
Zettabyte File System (ZFS) Implementation
- Discuss the features (RAID-0/1/Z, Pools, etc.) and benefits of ZFS
- Discuss ZFS prerequisites
- Create ZFS pools using the Command Line Interface (CLI)
- Set quotas on provisioned ZFS file systems atop the hierarchy and evaluate results
- Manage ZFS storage pools from the CLI
- Extend ZFS storage pools dynamically, while mounted
- Manage ZFS storage pools using the web GUI

Network Administration

NETSTAT
- Explain ‘netstat‘ applications
- Identify key output features including: address families & protocols
- Use ‘netstat’ to return the current IP routing table
- Correlate service names in output to /etc/services
- Return protocol-specific entries
- Return active sockets and attached processes
- Reveal DHCP-configured plumbed interfaces
Network Configuration
- Discuss network configuration modes
- use ‘dladm‘ to reveal the status of connected network interfaces - layer 1
- Explain network interface nomenclature
- Use ‘ifconfig‘ to return layer 2(MAC) & 3(IP) information for network interfaces
- Identify key network services using Service Management Facility (SMF)
- Enumerate key network configuration files for the configuration modes
- Transition from DHCP to static configuration, creating the requisite files
- Reboot and confirm static configuration
- Reveal DHCP-configured plumbed interfaces using ‘ifconfig’
- Plumb(Initiate) physical interfaces, commit configuration for persistence & test comms
- Plumb(Initiate) logical interfaces associated with physical interfaces & test comms from Linux
- Explore ‘/etc/nsswitch.conf‘ name service configuration file
Network Time Protocol (NTP) Client/Server Implementation
- Configure Network Time Protocol (NTP) to perform client/server time synchronization
- Synchronize NTP with additional Stratum 2 NTP server
- Synchronize against Stratum 1 NTP servers
Network File System (NFS) Implementation
- Implement NFS Server
- Export shares and discuss options
- Mount NFS exports on remote Linux Hosts
- Explore AutoFS configuration
- Configure AutoFS mount points
Samba Implementation
- Focus on key Samba (SMB/CIFS) clients
- Integrate with Windows via Samba
- Explore Samba Configuration files
- Enable Samba Server support
- Explore Samba Web-based Administration Tool (SWAT)
- Configure Samba file sharing
- Configure Samba with multiple NETBIOS aliases
WUFTPD File Transfer Protocol (FTP) services
- Implement anonymous FTPD
- Implement user-level FTPD access
- Implement FTPD banners
- Disable anonymous access
- Configure WUFTPD to chroot jail users into their home directories
- Configure virtual FTP hosts
Dynamic Host Configuration Protocol (DHCP)
- Explain DHCP Concepts & Applications
- Explore DHCP confiuration files
- Configure DHCP subnet with applicable options
- Configure DHCP Reservation based on layer-2 address
Domain Name System (DNS)
- Identify BIND packages & key files
- Construct a standard ‘named.conf‘ configuration file with root hints, forward, and reverse zones
- Download (Check the links before you download)
  
  latest root hints file as ‘db.cache‘ using ‘wget‘
- Construct appropriate zone files to match defined zones in ‘/etc/named.conf’
- Configure BIND as a caching-only DNS server
- Implement Master DNS Zone
- Configure Master/Slave Zones with Linux Server
- Evaluate results of BIND configuration using DIG & host
Sendmail Message Transfer Agent (MTA)
- Introduction to Sendmail Implementation
- Explore the directives in the Sendmail configuration files
- Explre aliases
- Test messaging using ‘sendmail‘ binary
- Identify relay-related configuration files
- Configure Virtual Domains
Internet Message Access Protocol (IMAP) Implementation
- Explain POP3 & IMAP applications
- Download (Check the links before you download)
  
  & Install IMAP server using ‘wget‘ , ‘gunzip‘ & ’pkgadd‘
- Configure IMAP server to be managed by INETADM (SMF)
- Invoke & test mail retrieval
Apache Web Server Implementation
- Identify the versions of Apache included with Solaris® 10 using SMF & pkg* tools
- Discuss Apache server’s features and concepts
- Explore key binaries, configuration files, and documentation
- Discuss key sections & directives in the Apache ‘httpd.conf‘ file
- Setup Apache 2 support
- Implement Apache Mod Alias and ScriptAlias
- Discuss and implement the File, Location & Directory directives
- Explore Apache logging semantics
- Configure IP-based Virtual Hosts
- Configure Name-based Virtual Hosts
- Implement Apache logging system per virtual host
- Webalizer Log Analysis software Implementation
- Generate web reports using Webalizer
Trivial File Transfer Protocol (TFTP) Implementation
- Install TFTP server
- Backup Cisco PIX firewall configuration using TFTP
- Update Cisco PIX firewall configuration using TFTP
MySQL® Relational Database Management System
- Install MySQL® Relational Database Management System
- Explore key configuration files
- Secure access to MySQL®
- Discuss security framework
- Discuss default table storage engine, MyISAM, file types
- Explore MySQL® monitor shell-based interface
PHPMyAdmin - MySQL® Web-based Management Interface
- Install PHPMyAdmin for web-based management of MySQL instances
- Explain & Secure access to PHPMyAdmin
- Explore PHPMyAdmin’s interface
Postfix Message Transfer Agent (MTA)
- Configure Postfix as default MTA
- Introduction to Postfix Message Transfer Agent (MTA)
- Explore the directives in the Postfix configuration files
- Define default values for the FQDN
- Alter myorigin and examine results
- Configure Postfix to route messages using a Smarthost
- Examine how Postfix delivers mail locally
- Configure SMTP Relaying in Postfix
- Use Mutt to demonstrate outbound mail handling using Postfix
- Define SMTP Virtual domains for hosting multiple DNS domains
- Configure Postfix with a production UnixCBT DNS domain
- Examine Virtual domain routing with production and non-production DNS domains

Security Implementation Techniques

System Security Overview
- Discuss key areas related to security in a vanilla Solaris® 10 installation
- Peruse the ‘sulog‘ log file to identify ’su’ instances & explain fields
- Test using ’su’ and examine results in ‘/var/adm/sulog’
- Record failed logins in the ‘/var/adm/loginlog‘ file
- Test login failures and examine results in ‘loginlog’
- Peruse the directives in ‘/etc/default/login’
- Adjust ‘login’ file directive to capture failed login attempts
- Test failed logins using SSH - Compare SSH threshold to system threshold
- Explore system-wide account-policy information using ‘logins‘ command
- Identify the default password encryption algorithm
- Upgrade default password encryption algorithm to MD5 and Blowfish
- Test user-account modifcation of passwords and evaluate encryption strings
Secure Shell Version 2 (SSHv2)
- Discuss the features and benefits of SSHv2
- Identify SSHv2 SMF FMRI
- Identify global and per-user configuration files
- Explain SSHv2 config file precedence order
- Identify key directives in global and per-user configuration files
- Discuss ‘~/.ssh/known_hosts‘ file
- Execute ‘ssh‘ in debug mode and evaluate output, including psuedo-terminal (pty) assignment
- Execute remote commands and return output to local system using ’ssh’
- Use Secure Copy (SCP) to copy files securely and non-interactively between systems
- Use Secure File Transfer Program (SFTP) to copy files securely interactively between systems
- Generate SSHv2 DSA & RSA usage keys for PKI login
- Configure SSHv2 to support PKI (password-less) logins
- Test password-less login to remote systems
- Execute ’ssh’ in debug mode and evaluate output, including PKI, password-less login
- Implement ‘~/.ssh/authorized_keys‘ file
- Discuss using SSHv2 as a psuedo-VPN via port forwarding
- Use SSHv2 to forward local TCP ports & test communications
- Use SSHv2 to forward remote TCP ports & test communications
- Enable the sharing of locally & remotely forwarded TCP ports
GNU Privacy Guard (GPG) - Pretty Good Privacy (PGP)-compatible Facility
- Discuss the features and benefits of GPG
- Download (Check the links before you download)
  
  GPG package from sunfreeware.com
- Install GPG
- Explore GPG files
- Generate DSA public/private key pair
- Identify available, per-user public/private key pairs on keychains
- Import G/PGP public key and evaluate results
- Sign imported public key and verify signature associated with downloaded content
- Encrypt ASCII text file with appropriate public key and evaluate output
- Decrypt ASCII text with appropriate private key and evaluate output
Snoop - Packet Sniffing
- Discuss the features and benefits of snoop
- Explain default interface behavior
- Execute ‘snoop‘ and evaluate packet headers
- Capture snoop output to log file
- Use ‘snoop‘ to playback captured packets
- Playback ranges of packets
- Return layers 2-7 of OSI model and evaluate output
- Apply filters, similar to Berkelye Packet Filters (BPFs), and evaluate results
- Adjust time output, relative to current, and first packet captured
- Source FTP traffic from Windows 2003 and snoop credentials passed in clear-text
- Evaulate results
TCPDump - Packet Sniffing
- Discuss the features and benefits of tcpdump
- Install tcpdump from the Software Companion DVD
- Identify installed package & man pages
- Discuss tcpdump-supported qualifiers for creating expressions & capturing packets
- Execute ‘tcpdump‘ and evaluate captured packets
- Bind tcpdump to specific interfaces for capturing packets
- Apply Berkeley Packet Filters (BPFs) to capture sessions to suppress traffic
- Dump ‘tcpdump’ capture to log file and evaluate results
- Use ‘tcpdump’ to playback captured packets
- Source FTP traffic from Windows® 2003 host and sniff credentials passed in clear-text
- Source Telnet traffic from Windows® 2003 host and sniff credentials passed in clear-text
- Evaluate results
Snort® 2.x Network Intrusion Detection System (NIDS) - Packet Sniffing & Logging
- Discuss the features and benefits of Snort® NIDS
- Discuss Snort® NIDS pre-requisites (libpcap/libpcre/compiler/etc.)
- Obtain, compile and install the Snort® Network Intrusion Detection System (NIDS)
- Identify and explain key operating modes (Sniffer/Logger/NIDS)
- Invoke Snort® in network sniffer mode
- Explore Snort® in Binary (TCPDUMP) logging mode
- Output logs to binary format and examine the results
- Implement Snort® with BPF to filter traffic
- Generate traffic from remote Windows 2003 and Linux hosts
- Use Snort® with Berkeley Packet Filter (BPF) to parse logs
Network Mapper (Nmap)
- Discuss the features and benefits of Nmap
- Download (Check the links before you download)
  
  Nmap bzip2 source package from insecure.org
- Compile & install Nmap
- Discuss default TCP-connect scan mode
- Discuss SYN-based scanning
- Use Nmap to perform reconnaisance testing
- Evaluate results
Solaris® Zones - Containers - Virtualization - Instances
- Discuss the features, benefits and limitations of Solaris® Zones
- Discuss Global and Non-Global zones
- Identify file system location to house non-global zones
- Use ‘zonecfg‘ to provision non-global zones
- Verify zone configuration using ‘zonecfg’
- Install non-global zones using ‘zoneadm‘ and evaluate results
- Login to non-global zones and explore
- Evaluate results
- Manage zones using ‘zoneadm‘

Rapidshare Download (Check the links before you download)

Link’s :-

MCSE & CCNA And Network consulting

Monday, January 19, 2009

SUN SOLARIS 10

UnixCBT feat. Solaris® 10 Edition focuses on the enterprise-trusted, Solaris® 10 Operating System (OS).

No comments:

Followers

Blog Archive

About ME

MCSE & CCNA And Network consulting

Monday, January 19, 2009

SUN SOLARIS 10

UnixCBT feat. Solaris® 10 Edition focuses on the enterprise-trusted, Solaris® 10 Operating System (OS).

No comments:

http://techcarriersconsult.blogspot.com/

Followers

Blog Archive

About ME