Šta je novo?

UnixCBT - Sol10x Edition


UnixCBT - Sol10x Edition

Local Media (CDROM) Text-based Installation on Dell PowerEdge Hardware
Discuss features of Solaris® 10
Explore system BIOS
Configure BIOS for local media booting
Boot local media and discuss default GRUB options for installation
Boot installation and discuss installation options
Discuss system requirements for text & GUI installations
Discuss single-user mode access
Boot text-based installation and explain hardware detection process & assignment
Configure network parameters
Configure time & locale parameters
Explore software companion DVD components
Select appropriate installation package group (Entire Distribution)
Customize file system slices - /, /export/home, SWAP
Complete installation of Entire Distribution
Reboot and confirm boot to the GUI screen

Pre-Execution (PXE) Nework-based Installation on Dell PowerEdge Hardware
Explain PXE installation requirements (TFTP, DHCP, etc.)
Prepare an alternate Solaris® server to become an Install Server - ./setup_install_server
Share Install Server source files using Network File System (NFS)
Configure SuSE® Linux DHCP Server to support the PXE client (Solaris® server) using a reservation
Configure Solaris® Install server to support the Solaris® client - ./add_install_client
Explore files created by ./add_install_client to support PXE
Explain PXE-boot process
Boot PowerEdge server and configure BIOS to boot using PXE
Reboot and install Solaris® 10 across the network without local media
Install using Solaris® Interactive option
Configure GUI (KVM) settings for graphical installation
Configure network parameters
Configure time & locale parameters
Confirm additional parameters and NFS path to source files
Customize file system slices - /, /export/home, /var, SWAP
Complete installation of Entire Distribution
Reboot and explore the Grand Unified Boot Loader (s) menu items
Discuss Service Management Facility (SMF) initial starup process
Confirm GUI Login

Console-based (Serial Cisco Firewall Rollover Cable) Installation
Discuss requirements of serial installation
Execute ./add_install_client to setup console installation option on appropriate com port
Boot PowerEdge server and confirm PXE boot
Select console boot option and confirm GRUB boot option
Connect to SuSE® Linux and use kermit to connect via com1 to the PowerEdge server
Continue PXE-Console(Serial) installation
Alter kermit console to resemble a mainframe terminal
Configure network parameters
Configure time & locale parameters
Customize file system slices - /, /export/home, /var, /usr, /opt, SWAP
Complete installation of Entire Distribution
Configure X.org GUI parameters using kdmconfig

Sysidcfg (phase 1) & JumpStart-based (phase 2) Installation - Unattended Installs
Explain the directives(network,locale,etc.) and application of the 'sysidcfg' file
Define the 'sysidcfg' file
Execute ./add_install_client to provide support for 'sysidcfg' file
Reboot using PXE and install using 'sysidcfg' file, confirming auto-population of directives - phase 1
Discuss rules regarding JumpStart installation method - phase 2
Introduction to the 'rules.ok' file
Discuss 'rules.ok' profile development for classes of users (marketing, development, etc.)
Define 'rules.ok' profile file with appropriate criteria, validae, and store in NFS-accessible location
Reboot server, and confirm 'sysidcfg' and 'rules.ok' files in GRUB entry
Continue JumpStart, unattended installation

Desktop Console-based Installation with PXE
Boot using 'sysidcfg' and 'rules.ok' files incorporated in JumpStart option
Configure X.org using kdmconfig
Complete unattended remainder of installation

Flash-based (Snapshot) Installation with PXE and JumpStart Integration
Discuss ideal environment for implementing flash installations
Identify the current runlevel and enter single-user mode to prepare flash archive
Use the 'flar' utility to take a snapshot of the system
Use Secure Copy (scp) to copy flash archive to NFS server
Reboot PowerEdge server and perform flash installation
Compete installation, reboot and confirm initial startup
Configure JumpStart and flash archive installation
Configure X.org GUI parameters using kdmconfig
Customize file system slices - /, SWAP
Complete installation
Confirm results - GUI Login


Grand Unified Boot Loader (GRUB) Implementation
Describe the boot process (BIOS - GRUB - Solaris® Kernel - Sched - Init - SMF - Runlevel)
Discuss the default GRUB menu items
Explain how GRUB references bootable media
Boot into single-user mode by modifying GRUB
Explore the GRUB startup environment

System Initialization (INIT - PID 1)
Describe init's invocation
Peruse init's default configuration file /etc/inittab
Explain runlevels
Compare & contrast Solaris® & Linux runlevels
Explore /etc/init.d and /etc/rc* directories

Service Management Facility (SMF) Framework
Discuss the adavantages and features of SMF
Discuss the service configuration database
Explain support for legacy services
Discuss the role of service restarters - 'svc.startd' & 'inetadm'
Describe support for INETD-controlled daemons
Enumerate services configured on the system, including state information
Discuss & examine Fault Management Resource Identifiers (FMRIs)
Discuss service dependencies
Use 'svcadm' to manage (disable/enable) services
Break dependencies and evaluate the results
Use 'inetadm' to manage INETD-related services
Convert legacy INETD service to SMF-managed service

GNOME Desktop Environment
Explore GNOME Desktop
Identify key features
Explore the Control Panel interface
Browse the filie system using Nautilus explorer
Correlate GNOME Desktop items to files in the user's home directory
Customize GNOME Desktop
Create GNOME Desktop launchers (Shortcuts)
Save configuration

Shell-based User & Group Management
Enumerate key user & group management tools
Analyze the fields in /etc/passwd, /etc/shadow, /etc/group
Correlate /etc/passwd to /etc/shadow entries
Create and modify users and groups
Alter the default encryption algorithm used for passwords
Add users to groups and evaluate results

Solaris® Management Console (SMC) - Consolidated GUI System Management
Confirm that 'wbem' is running
Launch SMC and connect to local 'wbem' instance
Authenticate and explore the SMC GUI interface
Peruse key system metrics
Explore the log viewer interface
Manage users & groups using SMC
Define user templates and create users based on those templates
Examine scheduled jobs and correlate to crontab entries
Explore mounted file systems

Bourne Again Shell (BASH)/Bourne Shell Basics
Distinguish between privileged and non-privileged uses
Identify the default shell for a given user
Discuss features of BASH
Execute BASH
Discuss pseudo-terminals and how to identify connected terminals
Modify user's accounts to default to BASH using shell & SMC
Use 'su' to switch users
Explore key BASH commands
Focus on BASH input, output, and error redirection
Explore BASH command chaining
Use logical BASH operators (&&, ||) to control program logic
Discuss and alter BASH global and user-specific configuration files
Reveal key information using system info commands

Package Management
Discus options for managing packages
Discuss package nomenclature
Use 'installer' script in GUI & text modes to install packages
Install packages from the Software Companion DVD sources
Use 'prodreg' to display currently-installed software
Install packages using prodreg and evaluate results
Enumerate existing packages using 'pkginfo'
Echo package metadata using pkginfo
Use 'pkgchk' to enumerate package's contents
Use pkgchk to discover discrepancies in file locations and permissions - auditing
Determine package membership of files using pkgchk
Use 'pkgadd' to install packages
Add packages to the local pacakage repository for subsequent installs

Patch Management
Discuss options for managing patches
Register server with sun.com to obtain patches automatically
Resolve outstanding patches using Update Manager
Install selected patches and reboot if necessary
Confirm patch application
Analyze patch level using 'smpatch' from the BASH shell
Install specific patches using 'smpatch'

Unix File Permissions
Analyze permissions in 'ls -l' output
Discuss common Unix file types (files, directories, links, named-pipes, etc.)
Correlate symbolic permissions values to octal values
Use 'chmod' to alter file & directory permissions
Use 'chown & chgrp' to alter file & directory ownership
Apply SETUID & SETGID permissions to files & directories
Discuss the rules of symbolic & hard links
Create hard and soft links - symlinks
Discuss and examine inodes

Devices & Drivers Overview
Explore & correlate logical & physical device locations
Identify & discuss default driver locations

Disk, Slice & File System Management
Explain disk terminology (Tracks/Cylinders/Sectors/Partitions/Slices)
Examine existing disk layout, including slices using prtvtoc
Discuss x86 partition constraints - Volume Table of Contents (VTOC) & FDISK
Illustrate the disk-FDISK-slice hierarchy
Explain the disk nomenclature: c0t0d0s* (controller, target, disk, slice)
Identify logical and physical disk/slice locations
Use 'format' to enumerate connected controllers & disks
Manipulate slices using 'format'
Rectify disk geometry issues using fdisk option of 'format'
Manipulate FDISK partitions with fdisk option of 'format'
Discuss 'newfs' rules
Create Unix File Systems (UFSs) using 'newfs'
Mount newly-created file systems at various locations
Confirm available storage
Updated /etc/vfstab, ensuring persistence
Recap file system provisioning process
Provision memory-based, Temporary File System (TEMPFS)
Provision and manage additional SWAP storage (files & file systems)

Volume Management - State Database Replicas, RAID-0/1/5, Volume Extenstion (growfs)
Introduction to volume management
Discuss Replicas, RAID Volumes, Hot Spare Pools, and Soft Partitions
Create required state database replicas on available slices, using SMC
Provision RAID-0 (Stripe) using SMC and available disks
Create UFS file system on RAID-0 volume, mount, and confirm results
Provision RAID-1 (Mirror) using SMC and available disks
Create UFS file system on RAID-1 volume, mount, and confirm results
Provision RAID-5 (Stripe with Parity) using SMC and available disks
Create UFS file system on RAID-5 volume, mount, and confirm results
Extend an in-use volume dynamically, using 'growfs'
Confirm extended volume results

Quota Implementation
Discuss the benefits of implementing quotas
Discuss soft & hard limits
Discuss inodes and blocks usage
Examine 'edquota'
Use 'quotacheck' to confirm quotas
Enable quotas on a per-file system basis & confirm results
Test soft & hard limits by generating I/O
Use 'repquota' to confirm current disk & slice usage

CRON - Process Scheduling - Automation
Discuss the benefits of automation & scheduling
Explore at, and Cron's directory layout
Explain Cron scheduling fields
Examine user's cron entries
Schedule per-user jobs and confirm execution

SYSLOG - Configuration
Discuss features & benefits
Identify key binaries and configuration files
Discuss Syslog rule components: selectors (facilities & levels) and actions
Peruse predefined selectors & actions
Explain options for facilities, levels and actions
Configure new selectors & actions for Cisco® PIX® firewall logging
Confirm logging results

Log Rotation - logadm
Discuss features & benefits
Identify key binaries and configuration files
Explore default log rotation schedule and items
Discuss available logadm criteria
Examine log rotation and effects on inodes

Zettabyte File System (ZFS) Implementation
Discuss the features (RAID-0/1/Z, Pools, etc.) and benefits of ZFS
Discuss ZFS prerequisites
Create ZFS pools using the Command Line Interface (CLI)
Set quotas on provisioned ZFS file systems atop the hierarchy and evaluate results
Manage ZFS storage pools from the CLI
Extend ZFS storage pools dynamically, while mounted
Manage ZFS storage pools using the web GUI


Explain 'netstat' applications
Identify key output features including: address families & protocols
Use 'netstat' to return the current IP routing table
Correlate service names in output to /etc/services
Return protocol-specific entries
Return active sockets and attached processes
Reveal DHCP-configured plumbed interfaces

Network Configuration
Discuss network configuration modes
use 'dladm' to reveal the status of connected network interfaces - layer 1
Explain network interface nomenclature
Use 'ifconfig' to return layer 2(MAC) & 3(IP) information for network interfaces
Identify key network services using Service Management Facility (SMF)
Enumerate key network configuration files for the configuration modes
Transition from DHCP to static configuration, creating the requisite files
Reboot and confirm static configuration
Reveal DHCP-configured plumbed interfaces using 'ifconfig'
Plumb(Initiate) physical interfaces, commit configuration for persistence & test comms
Plumb(Initiate) logical interfaces associated with physical interfaces & test comms from Linux
Explore '/etc/nsswitch.conf' name service configuration file

Network Time Protocol (NTP) Client/Server Implementation
Configure Network Time Protocol (NTP) to perform client/server time synchronization
Synchronize NTP with additional Stratum 2 NTP server
Synchronize against Stratum 1 NTP servers

Network File System (NFS) Implementation
Implement NFS Server
Export shares and discuss options
Mount NFS exports on remote Linux Hosts
Explore AutoFS configuration
Configure AutoFS mount points

Samba Implementation
Focus on key Samba (SMB/CIFS) clients
Integrate with Windows via Samba
Explore Samba Configuration files
Enable Samba Server support
Explore Samba Web-based Administration Tool (SWAT)
Configure Samba file sharing
Configure Samba with multiple NETBIOS aliases

WUFTPD File Transfer Protocol (FTP) services
Implement anonymous FTPD
Implement user-level FTPD access
Implement FTPD banners
Disable anonymous access
Configure WUFTPD to chroot jail users into their home directories
Configure virtual FTP hosts

Dynamic Host Configuration Protocol (DHCP)
Explain DHCP Concepts & Applications
Explore DHCP confiuration files
Configure DHCP subnet with applicable options
Configure DHCP Reservation based on layer-2 address

Domain Name System (DNS)
Identify BIND packages & key files
Construct a standard 'named.conf' configuration file with root hints, forward, and reverse zones
Download latest root hints file as 'db.cache' using 'wget'
Construct appropriate zone files to match defined zones in '/etc/named.conf'
Configure BIND as a caching-only DNS server
Implement Master DNS Zone
Configure Master/Slave Zones with Linux Server
Evaluate results of BIND configuration using DIG & host

Sendmail Message Transfer Agent (MTA)
Introduction to Sendmail Implementation
Explore the directives in the Sendmail configuration files
Explre aliases
Test messaging using 'sendmail' binary
Identify relay-related configuration files
Configure Virtual Domains

Internet Message Access Protocol (IMAP) Implementation
Explain POP3 & IMAP applications
Download & Install IMAP server using 'wget' , 'gunzip' & 'pkgadd'
Configure IMAP server to be managed by INETADM (SMF)
Invoke & test mail retrieval

Apache Web Server Implementation
Identify the versions of Apache included with Solaris® 10 using SMF & pkg* tools
Discuss Apache server's features and concepts
Explore key binaries, configuration files, and documentation
Discuss key sections & directives in the Apache 'httpd.conf' file
Setup Apache 2 support
Implement Apache Mod Alias and ScriptAlias
Discuss and implement the File, Location & Directory directives
Explore Apache logging semantics
Configure IP-based Virtual Hosts
Configure Name-based Virtual Hosts
Implement Apache logging system per virtual host
Webalizer Log Analysis software Implementation
Generate web reports using Webalizer

Trivial File Transfer Protocol (TFTP) Implementation
Install TFTP server
Backup Cisco PIX firewall configuration using TFTP
Update Cisco PIX firewall configuration using TFTP

MySQL® Relational Database Management System
Install MySQL® Relational Database Management System
Explore key configuration files
Secure access to MySQL®
Discuss security framework
Discuss default table storage engine, MyISAM, file types
Explore MySQL® monitor shell-based interface

PHPMyAdmin - MySQL® Web-based Management Interface
Install PHPMyAdmin for web-based management of MySQL instances
Explain & Secure access to PHPMyAdmin
Explore PHPMyAdmin's interface

Postfix Message Transfer Agent (MTA)
Configure Postfix as default MTA
Introduction to Postfix Message Transfer Agent (MTA)
Explore the directives in the Postfix configuration files
Define default values for the FQDN
Alter myorigin and examine results
Configure Postfix to route messages using a Smarthost
Examine how Postfix delivers mail locally
Configure SMTP Relaying in Postfix
Use Mutt to demonstrate outbound mail handling using Postfix
Define SMTP Virtual domains for hosting multiple DNS domains
Configure Postfix with a production UnixCBT DNS domain
Examine Virtual domain routing with production and non-production DNS domains


System Security Overview
Discuss key areas related to security in a vanilla Solaris® 10 installation
Peruse the 'sulog' log file to identify 'su' instances & explain fields
Test using 'su' and examine results in '/var/adm/sulog'
Record failed logins in the '/var/adm/loginlog' file
Test login failures and examine results in 'loginlog'
Peruse the directives in '/etc/default/login'
Adjust 'login' file directive to capture failed login attempts
Test failed logins using SSH - Compare SSH threshold to system threshold
Explore system-wide account-policy information using 'logins' command
Identify the default password encryption algorithm
Upgrade default password encryption algorithm to MD5 and Blowfish
Test user-account modifcation of passwords and evaluate encryption strings

Secure Shell Version 2 (SSHv2)
Discuss the features and benefits of SSHv2
Identify SSHv2 SMF FMRI
Identify global and per-user configuration files
Explain SSHv2 config file precedence order
Identify key directives in global and per-user configuration files
Discuss '~/.ssh/known_hosts' file
Execute 'ssh' in debug mode and evaluate output, including psuedo-terminal (pty) assignment
Execute remote commands and return output to local system using 'ssh'
Use Secure Copy (SCP) to copy files securely and non-interactively between systems
Use Secure File Transfer Program (SFTP) to copy files securely interactively between systems
Generate SSHv2 DSA & RSA usage keys for PKI login
Configure SSHv2 to support PKI (password-less) logins
Test password-less login to remote systems
Execute 'ssh' in debug mode and evaluate output, including PKI, password-less login
Implement '~/.ssh/authorized_keys' file
Discuss using SSHv2 as a psuedo-VPN via port forwarding
Use SSHv2 to forward local TCP ports & test communications
Use SSHv2 to forward remote TCP ports & test communications
Enable the sharing of locally & remotely forwarded TCP ports

GNU Privacy Guard (GPG) - Pretty Good Privacy (PGP)-compatible Facility
Discuss the features and benefits of GPG
Download GPG package from sunfreeware.com
Install GPG
Explore GPG files
Generate DSA public/private key pair
Identify available, per-user public/private key pairs on keychains
Import G/PGP public key and evaluate results
Sign imported public key and verify signature associated with downloaded content
Encrypt ASCII text file with appropriate public key and evaluate output
Decrypt ASCII text with appropriate private key and evaluate output

Snoop - Packet Sniffing
Discuss the features and benefits of snoop
Explain default interface behavior
Execute 'snoop' and evaluate packet headers
Capture snoop output to log file
Use 'snoop' to playback captured packets
Playback ranges of packets
Return layers 2-7 of OSI model and evaluate output
Apply filters, similar to Berkelye Packet Filters (BPFs), and evaluate results
Adjust time output, relative to current, and first packet captured
Source FTP traffic from Windows 2003 and snoop credentials passed in clear-text
Evaulate results

TCPDump - Packet Sniffing
Discuss the features and benefits of tcpdump
Install tcpdump from the Software Companion DVD
Identify installed package & man pages
Discuss tcpdump-supported qualifiers for creating expressions & capturing packets
Execute 'tcpdump' and evaluate captured packets
Bind tcpdump to specific interfaces for capturing packets
Apply Berkeley Packet Filters (BPFs) to capture sessions to suppress traffic
Dump 'tcpdump' capture to log file and evaluate results
Use 'tcpdump' to playback captured packets
Source FTP traffic from Windows® 2003 host and sniff credentials passed in clear-text
Source Telnet traffic from Windows® 2003 host and sniff credentials passed in clear-text
Evaluate results

Snort® 2.x Network Intrusion Detection System (NIDS) - Packet Sniffing & Logging
Discuss the features and benefits of Snort® NIDS
Discuss Snort® NIDS pre-requisites (libpcap/libpcre/compiler/etc.)
Obtain, compile and install the Snort® Network Intrusion Detection System (NIDS)
Identify and explain key operating modes (Sniffer/Logger/NIDS)
Invoke Snort® in network sniffer mode
Explore Snort® in Binary (TCPDUMP) logging mode
Output logs to binary format and examine the results
Implement Snort® with BPF to filter traffic
Generate traffic from remote Windows 2003 and Linux hosts
Use Snort® with Berkeley Packet Filter (BPF) to parse logs

Network Mapper (Nmap)
Discuss the features and benefits of Nmap
Download Nmap bzip2 source package from insecure.org
Compile & install Nmap
Discuss default TCP-connect scan mode
Discuss SYN-based scanning
Use Nmap to perform reconnaisance testing
Evaluate results

Solaris® Zones - Containers - Virtualization - Instances
Discuss the features, benefits and limitations of Solaris® Zones
Discuss Global and Non-Global zones
Identify file system location to house non-global zones
Use 'zonecfg' to provision non-global zones
Verify zone configuration using 'zonecfg'
Install non-global zones using 'zoneadm' and evaluate results
Login to non-global zones and explore
Evaluate results
Manage zones using 'zoneadm'

With a Premium account you can download files having Fullspeed !
Download from Uploaded
Download from Lumfile