Topic 208 Web Services

208.1 Implementing a web server

Key Knowledge Areas

• Apache 2.x configuration files, terms and utilities

• Apache log files configuration and content

• Access restriction methods and files

• mod_perl and PHP configuration

• Client user authentication files and utilities

• Configuration of maximum requests, minimum and maximim servers and clients

The following is a partial list of the used files, terms and utilities:

• access logs and error logs

• .htaccess

• httpd.conf

• mod_auth

• htpasswd

• htgroup

• apache2ctl

• httpd

208.2 Maintaining a web server

Key Knowledge Areas

• SSL configuration files, tools and utilities

• SSL certificate handling

• Apache 2.x virtual host implementation (with and without dedicated IP addresses)

• Using redirect statements in Apache's configuration files to customise file access

The following is a partial list of the used files, terms and utilities:

• Apache2 configuration files

• /etc/ssl/*

• openssl

208.3 Implementing a proxy server

Key Knowledge Areas

• Squid 2.x configuration files, terms and utilities

• Access restriction methods

• Client user authentication methods

• Layout and content of ACL in the Squid configuration files

The following is a partial list of the used files, terms and utilities:

• squid.conf

• acl

• http_access

Topic 209: File Sharing

209.1 SAMBA Server Configuration

| Description | Candidates should be able to set up a SAMBA server for various clients. This objective includes setting up Samba for login clients and setting up the workgroup in which a server participates and defining shared directories and printers. Also covered is a configuring a Linux client to use a Samba server. Troubleshooting installations is also tested.

Key Knowledge Areas

• Samba 3 documentation

• Samba configuration files

• Samba tools and utilities

• Mounting Samba shares on Linux

• Samba daemons

• Mapping Windows usernames to Linux usernames

• User-Level and Share-Level security

The following is a partial list of the used files, terms and utilities:

• smbd, nmbd

• smbstatus, testparm, smbpasswd, nmblookup

• smbclient

• net

• /etc/smb/*

• /var/log/samba/

209.2 NFS Server Configuration

Key Knowledge Areas

• NFS configuration files

• NFS tools and utilities

• Access restrictions to certain hosts and/or subnets

• Mount options on server and client

• tcpwrappers

The following is a partial list of the used files, terms and utilities:

• /etc/exports

• exportfs

• showmount

• nfsstat

• /proc/mounts

• /etc/fstab

• rpcinfo

• mountd

• portmapper

Topic 210 Network Client Management

210.1 DHCP configuration

Key Knowledge Areas

• DHCP configuration files, terms and utilities

• Subnet and dynamically-allocated range setup

The following is a partial list of the used files, terms and utilities:

• dhcpd.conf

• dhcpd.leases

• /var/log/daemon.log and /var/log/messages

• arp

• dhcpd

210.2 PAM authentication

Key Knowledge Areas

• PAM configuration files, terms and utilities

• passwd and shadow passwords

The following is a partial list of the used files, terms and utilities:

• /etc/pam.d

• pam.conf

• nsswitch.conf

• pam_unix, pam_cracklib, pam_limits, pam_listfile

210.3 LDAP client usage

Key Knowledge Areas

• LDAP utilities for data management and queries

• Change user passwords

• Querying the LDAP directory

The following is a partial list of the used files, terms and utilities:

• ldapsearch

• ldappasswd

• ldapadd

• ldapdelete

Topic 211: E-Mail Services

211.1 Using e-mail servers

Key Knowledge Areas

• Configuration files for postfix

• Basic knowledge of the SMTP protocol, sendmail, and exim

The following is a partial list of the used files, terms and utilities:

• Configuration files and commands for postfix

• Basic configuration of sendmail

• /etc/aliases

• /etc/mail/*

• /etc/postfix/*

• sendmail emulation layer commands

• /var/spool/mail

• mail-related logs in /var/log/

211.2 Managing Local E-Mail Delivery

Key Knowledge Areas

• procmail configuration files, tools and utilities

• Usage of procmail on both server and client side

The following is a partial list of the used files, terms and utilities:

• ~/.procmail

• /etc/procmailrc

• procmail

• mbox and Maildir formats

211.3 Managing Remote E-Mail Delivery

Key Knowledge Areas

• Courier IMAP and Courier POP configuration

• Dovecot configuration

The following is a partial list of the used files, terms and utilities:

• /etc/courier/*

• dovecot.conf

Topic 212: System Security

212.1 Configuring a router

Key Knowledge Areas

• iptables configuration files, tools and utilities

• Tools, commands and utilities to manage routing tables.

• Private address ranges

• Port redirection and IP forwarding

• List and write filtering and rules that accept or block datagrams based on source or destination protocol, port and address

• Save and reload filtering configurations

The following is a partial list of the used files, terms and utilities:

• /proc/sys/net/ipv4

• /etc/services

• iptables

• routed

212.2 Securing FTP servers

Key Knowledge Areas

• Configuration files, tools and utilities for Pure-FTPd and vsftpd

• Awareness of ProFTPd?

• Understanding of passive vs. active FTP connections

The following is a partial list of the used files, terms and utilities:

• vsftpd.conf

• important Pure-FTPd command line options

212.3 Secure shell (SSH)

Key Knowledge Areas

• OpenSSH configuration files, tools and utilities

• Login restrictions for the superuser and the normal users

• Managing and using server and client keys to login with and without password

• Usage of XWindow and other application protocols through SSH tunnels

• Configuration of ssh-agent

• Usage of multiple connections from multiple hosts to guard against loss of connection to remote host following configuration changes

The following is a partial list of the used files, terms and utilities:

• ssh

• sshd

• /etc/ssh/sshd_config

• Private and public key files

• ~/.ssh/authorized_keys

• PermitRootLogin?, PubKeyAuthentication?, AllowUsers?, PasswordAuthentication?, Protocol

212.4 TCP Wrapper

Key Knowledge Areas

• TCP Wrapper configuration files, tools and utilities

• inetd configuration files, tools and utilities

The following is a partial list of the used files, terms and utilities:

• /etc/inetd.conf

• /etc/hosts.allow

• /etc/hosts.deny

• libwrap

• tcpd

212.5 Security tasks

Key Knowledge Areas

• Tools and utilities to scan and test ports on a server

• Locations and organisations that report security alerts as Bugtraq, CERT, CIAC or other sources

• Tools and utilities to implement an intrusion detection system (IDS)

• Awareness of OpenVAS?

The following is a partial list of the used files, terms and utilities:

• telnet

• nmap

• snort

• fail2ban

• nc

• iptables

Topic 213: Troubleshooting

213.1 Identifying boot stages and troubleshooting bootloaders

Key Knowledge Areas

• boot loader start and hand off to kernel

• kernel loading

• hardware initialisation and setup

• daemon/service initialisation and setup

• Know the different bootloader install locations on a hard disk or removable device

• Overwriting standard bootloader options and using bootloader shells

The following is a partial list of the used files, terms and utilities:

• The contents of /boot/ and /boot/grub/

• GRUB

• grub-install

• initrd, initramfs

• Master boot record

• /etc/init.d

• lilo

• /etc/lilo.conf

213.2 General troubleshooting

Key Knowledge Areas

• /proc filesystem

• Various system and daemon log files

• Content of /, /boot , and /lib/modules

• Screen output during bootup

• Kernel syslog entries in system logs (if entry is able to be gained)

• Tools and utilities to analyse information about the used hardware

• Tools and utilities to trace software and their system and library calls

The following is a partial list of the used files, terms and utilities:

• dmesg

• /sbin/lspci

• /usr/bin/lsdev

• /sbin/lsmod

• /sbin/modprobe

• /sbin/insmod

• /bin/uname

• strace

• strings

• ltrace

• lsof

• lsusb

213.3 Troubleshooting system resources

Key Knowledge Areas

• Core system variables

• The contents of:

  • /etc/profile && /etc/profile.d/

  • /etc/init.d/

  • /etc/rc.*

  • /etc/sysctl.conf

  • /etc/bashrc

  • /etc/ld.so.conf

  • or other appropriate global shell configuration files

• Any standard editor

• Standard tools, utilites and commands to manipulate the above files and variables

The following is a partial list of the used files, terms and utilities:

• /bin/ln

• /bin/rm

• /sbin/ldconfig

• /sbin/sysctl

213.4 Troubleshooting environment configurations

Key Knowledge Areas

• Core system variables

• init configuration files

• init start process

• cron configuration files

• Login process

• User-password storage files

• Determine user group associations

• SHELL configuration files of bash

• Analysing which processes or daemons are running

The following is a partial list of the used files, terms and utilities:

• /etc/inittab

• /etc/rc.local

• /etc/rc.boot

• /var/spool/cron/crontabs/

• The default shell configuration file(s) in /etc/

• /etc/login.defs

• /etc/syslog.conf

• /etc/passwd

• /etc/shadow

• /etc/group

• /sbin/init

• /usr/sbin/cron

• /usr/bin/crontab