MCCCD Official Course Competencies:

CIS226AL  2006 Fall – 2012 Spring

Internet/Intranet Server Administration-Linux

1.

Explain the various protocols used by internet/intranet server systems. (I)

2.

Describe the hardware requirements and limitations as they apply to the Linux server system. (II)

3.

Install and configure a Linux Internet/Intranet server distribution. (III)

4.

Install and configure the Apache web server. (IV)

5.

Install and configure open source web scripting languages and relational database(s). (V)

6.

Explain and configure web services support. (VI)

7.

Installation of additional services and the consequences to security, including SMTP, FTP, and NTP. (VII)

8.

Analyze and manage web sites. (VIII)

9.

Explain methods of attacking Internet/Intranet servers and common weaknesses. (IX)

10.

Perform basic installation and configuration of security software and testing server for weaknesses. (X)

MCCCD Official Course Outline:

CIS226AL  2006 Fall – 2012 Spring

Internet/Intranet Server Administration-Linux

I. Fundamentals of Internet/Intranet Protocol Services

A. Understanding the basic protocol structure

1. UDP (User Datagram Protocol) and TCP/IP (Transmission Control Protocol/Internet Protocol)

2. DNS (Domain Name Service)

3. Server Architecture

B. Web and other servers

1. Types

2. Features

3. Standards

II. Linux Hardware Issues

A. Platforms

B. Compatibility/Features

1. Hard drive Technology

2. USB (Universal Serial Bus)/Firewire

3. Ethernet

4. Wireless

5. Peripherals

C. Other Hardware Issues

III. Install and Configure a Linux Internet/Intranet Server Distribution

A. Linux Distribution issues relating to Internet/Intranet server use

B. Partitioning

C. Initial Security Setup

D. Identify and remove packages that are not needed

E. Updates to packages

F. Setting up root and a user account for root

G. File System Journaling

IV. Install and Configure the Apache Web Server

A. Modules and features

B. Configure to prevent bandwidth stealing

C. Passwords for particular sections

D. Virtual host configuration

V. Install and Configure Web Components

A. Open Source options

B. Web Scripting Languages

C. Relational Databases

D. SSI (Server Side Includes)

E. SSL (Secure Sockets Layer)

F. Make test pages to verify configuration

VI. Explain and Configure Web Services support

A. SOAP (Simple Object Application Protocol)

B. XML/XMLRPC (Extensible Markup Language/Remote Procedure Calls)

VII. Installation of additional services and the consequences to security

A. FTP (File Transfer Protocol) server

B. SMTP (Simple Mail Transfer Protocol) server

C. IMAP (Internet Mail Access Protocol) server

D. NTP (Network Time Protocol) server

E. CUPS (Common Unix Printing Server)

VIII. Analyze and Manage Web Sites

A. Checking for broken links

B. Monitoring Bandwidth Usage

C. Checking Error Logs

D. Using statistical software to graph web traffic

IX. Discuss Popular Methods of Attacking Internet/Intranet Servers

A. Common Weaknesses

1. DDOS (Distributed Denial of Service)

2. Buffer Overflow

3. Lack of Policy Enforcement/creation for customer accounts

a. passwords

b. protecting personal/account information

B. SSH (Secure Shell) Brute Force Attacks

C. Web Scripting Attacks

D. SQL Injection Attacks

E. Additional Attack Vectors

X. Basic Installation and configuration of security software

A. Introduction to Intrusion Detection Software

B. Firewalls

1. iptables

2. stateless vs. stateful

3. Configuration tools

4. Discuss differences with Hardware based firewalls

C. Hardening scripts

D. Discuss Implementation of System Configuration to enhance security

1. Permissions

2. PAM (Pluggable Authentication Modules)

3. LDAP (Lightweight Directory Access Protocol)

4. Server configuration options

5. Logwatch

6. SELinux (Security Enhanced Linux)

E. Testing your security

1. Web Based firewall probing utility

2. Nmap (Network Mapper) and NMapFE (Network Mapper graphical Front End)

3. Nessus

4. Run utilities to probe systems for weaknesses