Curriculum Design and Instruction To Teach
Linux Administration:
Author: Charles Hayes:
This curriculum design and
instruction is for the Linux
administrator who must
efficiently solve technical
problems and maximize the
reliability and performance
of a production environment.
It addresses today's most
important Linux distributions
and most powerful new administrative
tools. It spells out detailed best
practices for every facet of system
administration, including storage
management, network design and
administration, web hosting,
software configuration management,
performance analysis, Windows
interoperability,m and much more.
Systems administrators will expecially
appreciate the thourough and up-to-date
subject of such topics such as DNS, LDAP,
secrutiy, and the Management of IT service
organizations:
Special Features Include:
* Phases For Conducting A Needs Assessment:
* Curriculum Design Supplement:
* Curriculum Design Plan:
* Lesson Plans:
* Instructional Goals:
* Instructional Objectives:
* Instructional Activities:
* Instructional Evaluation Techniques:
* Standard Vocabulary:
* A Limited Glimpse:
Topics Include:
* Basic Administration:
@ Where To Start:
A. Introduction:
B. Suggested background:
C. Linus's relationship to UNIX:
D. Linux in historical context:
E. Linux Distributions:
1. So What't the best distribution?
2. Distribution-specific administration
tools:
F. Notation and typographical conventions:
1. System-specific information:
G. Where to go for information:
1. Organization of the man pages:
2. Man: read manual pages:
3. Other sources of Linux information:
H. How to find and install software:
I. Essential tasks of the system
administrator:
1. Adding, removing, and managing user
accounts:
2. Adding and removing hardware:
3. Performing backups:
4. Installing and upgrading software:
5. Monitoring the system:
6. Troubleshooting:
7. Maintaining local documentation:
8. Vigilantly monitoring secruity:
9. Helping users:
10. System administration under duress:
1. System Administration Personality Syndrome:
2. Recommended reading:
@ Booting and Shutting Down:
A. Introduction:
B. Bootstrapping:
1. Automatic and manual booting:
2. Steps in the boot process:
3. Kernel initialization:
4. Hardware configuration:
5. Kernel threads:
6. Operator intervention
(manual boot only):
7. Execution of startup scripts:
8. Multiuser operation:
B. Booting PCs:
C. Using boot loaders LILO and GRUB:
1. GRUB: The GRand Unified Boot loader:
2. LILO: The traditional Linux boot loader:
3. Kernel options:
4. Multibooting on PCs:
5. GRUB multiboot configuration:
6. LILO multiboot configuration:
D. Booting single-user mode:
1. Single-user mode with GRUB:
2. Single-user mode with LILO:
E. Working with startup scripts:
1. init and run levels:
2. Red Hat and Fedora startup scripts:
3. Debian and Ubuntu startup scripts:
F. Rebooting and shutting down:
1. Turning off the power:
2. Shutdown: the genteel way to halt the system:
3. halt: a simpler way to shut down:
4. reboot: quick and dirty restart:
5. telinit: change init's run level:
6. poweroff: ask Linux to turn off the power:
@ Rootly Powers:
A. Introduction:
B. Ownership of files and
processes:
C. The superuser:
D. Choosing a root password:
E. Becoming root:
1. su: substitute user identity:
2. sudo: a limited su:
F. Other pseudo-users:
1. bin: legacy owner of system
commands:
2. daemon: owner of unprivileged
system software:
3. nobody: the generic NFS user:
@ Controlling Process:
A. Introduction:
B. Components of a process:
1. PID: process ID number:
2. PPID: parent PID:
3. UID and EUID: real and
effective user ID:
4. GID and EGID: real and effective
group ID:
5. Niceness:
6. Control terminal:
B. The life cycle of a process:
C. Signals:
D. Kill and Killall: send signals:
E. Process states:
F. nice and renice: influence
scheduling priority:
G. ps: monitor processes:
H. top: monitor processes even better:
I. The/proc filesystem:
J. strace: trace signals and system calls:
K. Runaway processes:
L. Recommended reading:
@ The Filesystem:
A. Introduction:
B. Pathnames:
C. Filesystem mounting and unmounting:
D. The organization of the file tree:
E. File types:
1. Regular files:
2. Directories:
3. Character and block device files:
4. Local domain sockets:
5. Named pipes:
6. Symbolic links:
E. File attributes:
1. The permission bits:
2. The setuid and setgid bits:
3. The sticky bit:
4. Viewing file attributes:
5. Chmod: change permissions:
6. Chown: change ownership and group:
7. umask: assign default permissions:
8. Bonus flags:
G. Access control lists:
1. ACL overview:
2. Default entries:
@ Adding New Users:
A. Introduction:
B. The/etc/passwd file:
1. Login name:
2. Encryted password:
3. UID (user ID) number:
4. Default GID number:
5. GECOS field:
6. Home directory:
7. Login shell:
C. The /etc/shadow file:
D. The /etc/group file:
E. Adding users:
1. Editing the passwd and shadow files:
2. Editing the /etc/group file:
3. Setting an initial password:
4. Creating the user's home directory:
5. Copying in the default startup files:
6. Verifying the new login:
7. Recording the user's status and contact
information:
F. Removing users:
G. Disabling logins:
H. Managing accounts:
@ Adding A Disk:
A. Introduction:
B. Disk interfaces:
1. The PATA interface:
2. The SATA interface:
3. The SCSI interface:
4. Which is better, SCSI or IDE?
C. Disk geometry:
D. Linus filesystems:
1. Ext2fs and ext3fs:
2. ReiserFS:
3. XFS and JFS:
E. An overview of the disk installation
procedure:
1. Connecting the disk:
2. Formatting the disk:
3. Labeling and partitioning the
disk:
4. Creating filelsystems within
disk partitions:
5. Mounting the filesystems:
6. Setting up automatic mounting:
7. Enabling swapping:
F. hdparm: set IDE interface parmeters:
G. Fsck: check and repair filesystems:
H. Adding a disk: a step-by-step guide:
I. Advanced disk management: RAID and LVM:
1. Linux software RAID:
2. Logical volume management:
3. An example configuration with LVM and RAID:
4. Dealing with a failed disk:
5. Reallocating Storage space:
J. Mounting USB drives:
@ Periodic Processes:
A. Introduction:
B. cron: Schedule commands:
C. The format of crontab files:
D. Crontab management:
E. Some common uses for cron:
1. Cleaning the filesystem:
2. Network distribution of configuration
files:
3. Rotating log files:
F. Other schedulers: anacron and fcron:
@ Backups:
A. Introduction:
B. Motherhood and apple pie:
1. Perform all dumps from one machine:
2. Label your media:
3. Pick a reasonable backup interval:
4. Choose filesystems carefully:
5. Make daily dumps fit on one
piece of media:
6. Make filesystems smaller than your
dump device:
7. Keep media off-site:
8. Protect your backups:
9. Limit activity during dumps:
10. Verify your media:
11. Develop a media life cycle:
12. Design your data for backups:
13. Prepare for the worst:
C. Backup devices and media:
1. Optical media: CD-R/RW, DVD+R/RW,
and DVD-RAM:
2. Removable hard disks
(USB and FireWire):
3. Small tape drives: Smm and DDS/DAT:
4. DLT/S-DLT:
5. AIT and SAIT:
6. VXA/VXA-X:
7. LTO:
8. Jukeboxes, stackers, and
tape libraries:
9. Hard disks:
10. Summary of media types:
11. What to buy:
D. Setting up an incremental backup
regime with dump:
1. Dumping filesystems:
2. Dump sequences:
E. Restoring from dumps with restore:
1. Restoring individual files:
2. Restoring entire filesystems:
F. Dumping and restoring for upgrades:
G. Using other archiving programs:
1. tar: package files:
2. cpio: archiving utility from ancient
times:
3. dd: twiddle bits:
H. Using multiple files on a single tape:
I. Bacula:
1. The Bacula model:
2. Setting up Bacula:
3. Installing the database and Bacula daemons:
4. Configuring the Bacula daemons:
5. bacula-dir.conf: director configuration:
6. bacula-sd.conf: storage daemon configuration:
7. bconsole.conf: console configuration:
8. Installing and configuring the client
file daemon:
9. Starting the Bacula daemons:
10. Adding media to pools:
11. Running a manual backup:
12. Running a restore job:
13. Monitoring and debugging Bacula
configurations:
14. Alternatives to Bacula:
J. Commerical backup products:
1. ADSM/TSM:
2. Veritas:
3. Other alternatives:
K. Recommended reading:
@ Syslog and Log Files:
A. Introduction:
B. Logging policies:
1. Throwing away log files:
2. Rotating log files:
3. Archiving log files:
C. Linux log files:
1. Special log files:
2. Kernel and boot-time logging:
D. Logrotate: manage log files:
E. Syslog: the system event logger:
1. Alternatives to syslog:
2. Syslog architecture:
3. Configuring syslogd:
4. Designing a logging scheme for your site:
5. Config file examples:
6. Sample syslog output:
7. Software that uses syslog:
8. Debugging syslog:
9. Using syslog from programs:
F. Condensing log files to useful
information:
@ Software and Configuration
Management::
A. Introduction:
B. Basic Linux installation:
1. Netbooting PCs:
2. Setting up PXE for Linux:
3. Netbooting non-PCs:
4. Kickstart: the Automated installer
for Enterprise Linux and Fedora:
5. AutoYaST: SUSE's automated installation
tool:
6. The Debian and Ubuntu installer:
7. Installing from a master system:
C. Diskless clients:
D. Package management:
1. Available package management systems:
2. rpm: manage RPM packages:
3. dpkg: manage Debian-style packages:
E. High-level package management systems:
1. Package repositories:
2. RHN: the Red Hat Network:
3. APT: the Advanced Package Tool:
4. Configuring apt-get:
5. An example /etc/apt/sources.list
file:
6. Using proxies to make apt-get
scale:
7. Setting up an internal Apt server:
8. Automating apt-get:
9. yum: release management for RPM:
F. Revision Control:
1. Backup file creation:
2. Formal revision control systems:
3. RCS: the Revision Control System:
4. CVS: the Concurrent Versions System:
5. Subversion: CVS done right:
G. Localization and configuration:
1. Organizaing your localization:
2. Testing:
3. Local compilation:
4. Distributing Localizations:
5. Resolving scheduling issues:
H. Configuration management tools:
1. cfengine: computer immune system:
2. LCFG: a large-scale configuration
system:
3. The Arusha Project (ARK):
4. Temple Tree 2: cfengine helper:
5. DMTF/CIM: the Common Information
Model:
I. Sharing software over NFS:
1. Package namespaces:
2. Dependency Management:
3. Wrapper scripts:
4. Implementation tools:
J. Recommended software:
K. Recommended reading:
* Networking:
@ TCP/IP Networking:
A. Introduction:
B. TCP/IP and the Internet:
1. A brief history lesson:
2. How the Internet is managed today:
3. Network standards and documentation:
C. Networking road map:
D. Packets and encapsulation:
1. The link layer:
2. Packet addressing:
3. Address types:
E. IP addresses: the gory details:
1. IP address classes:
2. Subnetting and netmasks:
3. The IP address crisis:
4. CIDR: Classless Inter-Domain Routing:
5. Address allocation:
6. Private addresses and NAT:
7. IPv6 addressing:
F. Routing:
1. Routing tables:
2. ICMP redirects:
G. ARP: the Address resolution protocol:
H. Addition of a machine to a network:
1. Hostname and IP address assignment:
2. ifconfig: configure network interfaces:
3. mii-tool: configure autonegotiation and
other media-specific options:
4. Default routes:
5. DNS configuration:
6. The Linux networking stack:
I. Distribution-specific network configuration:
1. Network configuration for Red Hat and Fedora:
2. Network configuration for SUSE:
3. Network configuration for Debian and Ubuntu:
J. DHCP: the Dynamic Host Configuration Protocol:
1. DHCP software:
2. How DHCP works:
3. ISC's DHCP server:
K. Dynamic reconfiguration and tuning:
L. Security issues:
1. IP forwarding:
2. ICMP redirects:
3. Source routing:
4. Broadcast pings and other forms of
directed broadcast:
5. IP spoofing:
6. Host-based firewalls:
7. Virtual private networks:
8. Security-related kernel variables:
M. Linux NAT:
N. PPP: the Point-to-Point Protocol:
1. Addressing PPP performance issues:
2. Connecting to a network with PPP:
3. Making your host speak PPP:
4. Controlling PPP Links:
5. Assigning an address:
6. Routing:
7. Ensuring security:
8. Using chat scripts:
9. Configuring Linux PPP:
O. Linux networking quirks:
P. Recommended reading:
@ Routing:
A. Introduction:
B. Packet forwarding: a closer look:
C. Routing daemons and routing protocols:
1. Distance-vector protocols:
2. Link-state protocols:
3. Cost metrics:
4. Interior and exterior protocols:
D. Protocols on parade:
1. RIP: Routing Information Protocol:
2. Rip-2: Routing Information protocol, verion 2:
3. OSPF: Open Shortest Path First:
4. IGRP and EIGRP: Interior Gateway Routing
Protocol:
5. Is-Is: the ISO "Standard":
6. MOSPF, DVMRP, and PIM: multicast routing
protocols:
7. Router Discovery Protocol:
E. routed: RIP yourself a new hole:
F. gated: gone to the dark side:
G. Routing strategy selection criteria:
H. Cisco routers:
I. Recommended reading:
@ Network Hardware:
A. Introduction:
B. LAN, WAN, or MAN?
C. Ethernet: the common LAN:
1. How Ethernet works:
2. Ethernet topology:
3. Unshielded twisted pair:
4. Connecting and expanding Ethernets:
D. Wireless: nomad's LAN:
1. Wireless security:
2. Wireless switches:
E. FDDI: the disappointing, expensive,
and outdated LAN:
F. ATM: the promised (but sorely
defeated) LAN:
G. Frame relay: the sacrificial WAN:
H. ISDN: the indigenous WAN:
I. DSL and cable modems: the people's
WAN:
J. Where is the network going?
K. Network testing and debugging:
L. Building wiring:
1. UTP cabling options:
2. Connections to office:
3. Wiring standards:
M. Network design issues:
1. Network architecture vs. building
architecture:
2. Existing networks:
3. Expansion:
4. Congestion:
5. Maintenance and documentation:
N. Management issues:
O. Recommended vendors:
1. Cables and connectors:
2. Test equipment:
3. Routers/switches:
P. Recommended reading:
@ DNS: The Domain Name System:
A. Introduction:
B. DNS for the impatient: adding a new machine:
C. The history of DNS:
1. BIND implementations:
2. Other implementations of DNS:
D. Who needs DNS?
E. The DNS namespace:
1. Masters of their domains:
2. Selecting a domain name:
3. Domain bloat:
4. Registering a second-level domain name:
5. Creating your own subdomains:
F. How DNS works:
1. Delegation:
2. Caching and efficiency:
3. The extended DNS protocol:
G. What's new in DNS:
H. The DNS database:
1. Resource records:
2. The SOA record:
3. NS records:
4. PTR records:
5. MX records:
6. CNAME records:
7. The CNAME hack:
8. LOC records:
9. SRV records:
10. TXT records:
11. IPv6 resource records:
12. IPv6 forward records:
13. IPv6 reverse records:
14. Security-related records:
15. Commands in zone files:
16. Glue records: links between zones:
I. The BIND software:
1. Versions of BIND:
2. Finding out what version you have:
3. Components of BIND:
4. named: the BIND name server:
5. Authoritative and caching-only servers:
6. The resolver library:
7. Shell interfaces to DNS:
J. Designing your DNS environment:
1. Namespace management:
2. Authoritative servers:
3. Caching servers:
4. Security:
5. Summing up:
6. A taxonomy of DNS/BIND chores:
K. BIND client issues:
1. Resolver configuration:
2. Resolver testing:
3. Impact on the rest of the system:
L. Bind server Configuration:
1. Hardware requirements:
2. Configuration files:
3. The include statement:
4. The options statement:
5. The acl statement:
6. The key statement:
7. The trusted-Keys statement:
8. The server statement:
9. The masters statement:
10. The Logging statement:
11. The zone statement:
12. The controls statement:
13. Split DNS and the view statement:
M. BIND configuration examples:
1. The localhost zone:
2. A small security company:
3. The Internet Systems Consortium, isc.org:
N. Starting named:
O. Updating zone files:
1. Zone transfers:
2. Dynamic updates:
P. Security issues:
1. Access control lists revisited:
2. Confining named:
3. Secure server-to-server communication
with TSIG and TKEY:
4. DNSSEC:
5. Negative answers:
6. Microsoft and DNS:
Q. Testing and debugging:
1. Logging:
2. Sample logging configuration:
3. Debug levels:
4. Debugging with rndc:
5. Lame delegations:
6. doc: domain obscenity control:
7. Other DNS sanity checking tools:
8. Performance issues:
R. Distribution specifics:
S. Recommended reading:
T. Mailing lists and newsgroups:
U. Books and other documentation:
V. On-line resources:
W. The RFCs:
@ The Network File System:
A. Introduction:
B. General information about NFS:
1. NFS protocol versions:
2. Choice of transport:
3. File locking:
4. Disk quotas:
5. Cookies and stateless mounting:
6. Naming conventions for shared filesystems:
7. Security and NFS:
8. Root access and the nobody account:
B. Server-side NFS:
1. The exports file:
2. nfsd: serve files:
C. Client-side NFS:
1. Mounting remote filesystems
at boot time:
2. Restricting exports to insecure ports:
D. nfsstat: dump NFS statistics:
E. Dedicated NFS file servers:
F. Automatic mounting:
1. automount: mount filesystems on demand:
2. The master file:
3. Map files:
4. Executable maps:
G. Recommended reading:
@ Sharing System Files:
A. Introduction:
B. What to Share:
C. nscd: cache the results of
lookups:
D. Copying files around:
1. rdist: push files:
2. rsync: transfer files more
securely:
3. Pulling files:
D. Nis: the Network Information
Service:
1. Understanding how NIS works:
2. Weighing advantages and disadvantages
of NIS:
3. Prioritizing sources of administrative
information:
4. Using netgroups:
5. Setting up an NIS domain:
6. Setting access control options in
/etc/ypserv.conf:
7. Configuring NIS clients:
8. NIS details by distribution:
E. LDAP: the Lightweight Directory
Access Protocol:
1. The structure of LDAP data:
2. The Point of LDAP:
3. LDAP documentation and specifications:
4. OpenLDAP: LDAP for Linux:
5. NIS replacement by LDAP:
6. LDAP and Security:
F. Recommended reading:
@ Electronic Mail:
A. Introduction:
B. Mail systems:
1. User agents:
2. Transport agents:
3. Delivery agents:
4. Message stores:
5. Access agents:
6. Mail submission agents:
C. The anatomy of a mail message:
1. Mail addressing:
2. Mail header interpretation:
D. Mail philosophy:
1. Using mail servers:
2. Using mail homes:
3. Using IMAP or POP:
E. Mail aliases:
1. Getting mailing lists from files:
2. Mailing to files:
3. Mailing to programs:
4. Aliasing by example:
5. Forwarding mail:
6. The hashed alias database:
F. Mailing lists and list wrangling
software:
1. Software packages for maintaining
mailing lists:
2. LDAP: the Lightweight Directory
Access protocol:
G. sendmail: ringmaster of the
electronic mail circus:
1. Versions of sendmail:
2. sendmail installation from
sendmail.org:
3. sendmail installation on Debian and
Ubuntu systems:
4. The switch file:
5. Modes of operation:
6. The mail queue:
H. sendmail configuration:
1. Using the m4 preprocessor:
2. The sendmail configuration pieces:
3. Building a configuration file from
a sample .mcfile:
4. Changing the sendmail configuration:
I. Basic sendmail configuration primitives:
1. The VERSIONID macro:
2. The OSTYPE macro:
3. The DOMAIN macro:
4. The MAILER macro:
J. Fancier sendmail configuration
primitives:
1. The FEATURE macro:
2. The USE_cw_file feature:
3. The redirect feature:
4. The Alway_add_domain feature:
5. The nocanonify feature:
6. Tables and databases:
7. The mailertable feature:
8. The genericstable feature:
9. The virtusertable feature:
10. The ldap_routing feature:
11. Masquerading and the MASQUERADE_AS macro:
12. The MAIL_HUB and SMART_HOST macros:
13. Masquerading and rounting:
14. The Nullclient feature:
15. The local_Imtp and smrsh features:
16. The local_procmail feature:
17. The Local_* macros:
18. Configuration options:
K. Spam-related features in sendmail:
1. Relaying:
2. The access database:
3. User or site blacklisting:
4. Header checking:
5. Rate and connection limits:
6. Slamming:
7. Miltering: mail filtering:
8. Spam handling:
9. Spam Assassin:
10. SPF and Sender ID:
L. Configuration file case study:
1. Client machines at sendmail.com:
2. Master machine at sendmail.com:
M. Security and sendmail:
1. Ownerships:
2. Permissions:
3. Safer mail to files and programs:
4. Privacy options:
5. Running a chrooted sendmail
(for the truly paranoid)
6. Denial of service attacks:
7. Forgeries:
8. Message privacy:
9. SASL: the Simple Authentication
and Security Layer:
N. sendmail performance:
1. Delivery modes:
2. Queue groups and envelope splitting:
3. Queue runners:
4. Load average controls:
5. Undeliverable messages in
the queue:
6. Kernel tuning:
O. sendmail statistics, testing, and
debugging:
1. Testing and debugging:
2. Verbose delivery:
3. Talking in SMTP:
4. Queue monitoring:
5. Logging:
P. The Exim Mail System:
1. History:
2. Exim on Linux:
3. Exim configuration:
4. Exim/sendmail similarities:
Q. Postfix:
1. Postfix architecture:
2. Receiving mail:
3. The queue manager:
4. Sending mail:
5. Security:
6. Postfix commands and documentation:
7. Configuring Postfix:
8. What to put in main.cf:
9. Basic settings:
10. Using Postconf:
11. Lookup tables:
12. Local delivery:
13. Virtual domains:
14. Virtual alias domains:
15. Virtual mailbox domains:
16. Access control:
17. Access tables:
18. Authentication of clients:
19. Fighting spam and viruses:
20. Black hole lists:
21. SpamAssassin and procmail:
22. Policy daemons:
23. Content filtering:
24. Debugging:
25. Looking at the queue:
26. Soft-bouncing:
27. Testing access control:
R. Recommended Reading:
@ Network Management and Debugging:
A. Introduction:
B. Network troubleshooting:
C. ping: check to see if a host is alive:
D. traceroute: trace IP packets:
E. netstat: get network statistics:
1. Inspecting interface configuration
information:
2. Monitoring the status of network
connections:
3. Identifying listening network services:
4. Examining the routing table:
5. Viewing operational statistics for network
protocols:
E. sar: inspect live interface activity:
F. Packet sniffers:
1. tcpdump: king of sniffers:
2. Wireshark: visual sniffer:
G. Network management protocols:
H. SNMP: the Simple Network Management
Protocol:
1. SNMP organization:
2. SNMP protocol operations:
3. RMON: remote monitoring MIB:
I. The NET-SMNP agent:
J. Network management applications:
1. The NET-SMNP tools:
2. SNMP data collection and graphing:
3. Nagios: event-based SNMP and service
Monitoring:
4. Commerical management platforms:
5. Recommended reading:
@ Security:
A. Introduction:
B. Is Linux secure?
C. How security is compromised:
1. Social engineering:
2. Software vulnerabilites:
3. Configuration errors:
D. Certifications and standards:
1. Certifications:
2. Standards:
E. Security tips and philosophy:
1. Packet filtering:
2. Unnecessary services:
3. Software patches:
4. Backups:
5. Passwords:
6. Vigilance:
7. General philosophy:
F. Security problems in /etc/passwd
and /etc/shadow:
1. Password checking and selection:
2. Password aging:
3. Group logins and shared logins:
4. User shells:
5. Rootly entries:
6. PAM: cooking spray or authentication
wonder?
G. POSIX capabilities:
H. Setuid programs:
I. Important file permissions:
J. Miscellaneous security issues:
1. Remote event logging:
2. Secure terminals:
3. /etc/hosts.equiv and ~/.rhosts:
4. Security and NIS:
5. Security and NFS:
6. Security and sendmail:
7. Security and backups:
8. Viruses and worms:
9. Trojan horses:
10. Rootkits:
K. Security power tools:
1. Nmap: scan network ports:
2. Nessus: next generation network
scanner:
3. John the Ripper: find insecure
passwords:
4. hosts_access: host access control:
5. Samhain: host-based intrusion detection:
6. Security-Enhanced Linux (SELinux):
L. Cryptographic security tools:
1. Kerberos: a unified approach to network
security:
2. PGP: Pretty Good Privacy:
3. SSHL the secure shell:
4. One-time passwords:
5. Stunnel:
M. Firewalls:
1. Packer-filtering firewalls:
2. Service proxy firewalls:
3. Firewalls: how safe are they?
N. Linux firewall features: IP tables:
O. Virtual private networks (VPNs):
1. IPsec tunnels:
2. All I need is a VPN, right?
Q. Hardened Linux distributions:
R. What to do when your site has been
attacked:
S. Sources of security information:
1. CERT: a registered service mark of
Carnegie Mellon University:
2. SecurityFocus.com and the Bug Traq
mailing list:
3. Crypto-Gram newsletter:
4. SANS: the system Administration,
Networking, and Security Institute:
5. Distribution-specific security resources:
6. Other mailing lists and web sites:
T. Recommended reading:
@ Web Hosting and Internet Servers:
A. Introduction:
B. Web Hosting basics:
1. Uniform resource locators:
2. How HTTP works:
3. Content generation on the fly:
4. Load balancing:
C. HTTP server installation:
1. Choosing a server:
2. Installing Apache:
3. Configuring Apache:
4. Running Apache:
5. Analyzing log files:
6. Optimizing for high-performance
hosting of static content:
D. Virtual interfaces:
1. Using name-based virtual hosts:
2. Configuring virtual interfaces:
3. Telling Apache about virtual interfaces:
E. The Secure Sockets Layer (SSL):
1. Generating a certificate signing request:
2. Configuring Apache to use SSL:
F. Caching and proxy servers:
1. The Squid cache and proxy server:
2. Setting up Squid:
G. Anonymous FTP server setup:
* Bunch O' Stuff:
@ The X Window System:
A. Introduction:
B. The X display manager:
C. Running an X Application:
1. The DISPLAY environment variable:
2. Client authentication:
3. X connection forwarding with SSH:
E. X server configuration:
1. Device sections:
2. Monitor sections:
3. Screen sections:
4. InputDevice sections:
5. ServerLayout sections:
F. Troubleshooting and debugging:
1. Special keyboard combinations for X:
2. When good X servers go bad:
G. A brief note on desktop environments:
1. KDE:
2. GNOME:
3. Which is better, GNOME or KDE?
H. Recommended Reading:
@ Printers:
A. Introduction:
B. Printers are complicated:
C. Printer languages:
1. PostScript:
2. PCL:
3. PDF:
4. XHTML:
5. PJL:
6. Printer drivers and their
handling of PDLs:
D. CUPS architecture:
1. Document printing:
2. Print queue viewing and manipulation:
3. Multiple printers:
4. Printer instances:
5. Network printing:
6. The CUPS underlying protocol: HTTP:
7. PPD files:
8. Filters:
E. CUPS server administration:
1. Network print server setup:
2. Printer autoconfiguration:
3. Network printer configuration:
4. Pringer configuration examples:
5. Printer class setup:
6. Service shutoff:
7. Other configuration tasks:
8. Paper sizes:
9. Compatibility commands:
10. Common printing software:
11. CUPS documentation:
F. Troubleshooting tips:
1. CUPS logging:
2. Problems with direct printing:
3. Network printing problems:
4. Distribution-specific problems:
G. Printer practicalities:
1. Printer selection:
2. GDI printers:
3. Double-sided printing:
4. Other printer accessories:
5. Serial and parallel printers:
6. Network printers:
H. Other printer advice:
1. Use banner pages only if you have to:
2. Provide recycling bins:
3. Use previewers:
4. Buy cheap printers:
5. Keep extra toner cartridges on hand:
6. Pay attention to the cost per page:
7. Consider printer accounting:
8. Secure your printers:
I. Printing under KDE:
1. Kprinter: printing documents:
2. Konqueror and printing:
J. Recommended reading:
@ Maintenance and Environment:
A. Introduction:
B. Hardware maintenance basics:
C. Maintenance contracts:
1. On-site maintenance:
2. Board swap maintenance:
3. Warranties:
D. Electronics-handling lore:
1. Static electricity:
2. Reseating boards:
E. Monitors:
F. Memory Modules:
G. Preventive maintenance:
H. Environment:
1. Temperature:
2. Humidity:
3. Office cooling:
4. Machine room cooling:
5. Temperature monitoring:
I. Power:
J. Racks:
K. Data center standards:
L. Tools:
M. Recommended reading:
@ Cooperating With Windows:
A. Introduction:
B. Logging in to a Linux system from Windows:
C. Accessing remote desktops:
1. Running an X server on a Windows computer:
2. VNC: Virtual Network Computing:
3. Windows RDP: Remote Desktop Protocol:
D. Running Windows and Windows-like
applications:
1. Dual booting, or why you shouldn't:
2. The OpenOffice.org alternative:
E. Using command-line tools with windows:
F. Windows compliance with email and web
standards:
G. Sharing files with Samba and CIFS:
1. Samba: CIFS server for UNIX:
2. Samba Installation:
3. Filename encoding:
4. Network Neighborhood browsing:
5. User authentication:
6. Basic file sharing:
7. Group shares:
8. Transparent redirection with
MS DFS:
9. smbclient: a simple CIFS client:
10. The Smbfs filesystem:
H. Sharing printers with Samba:
1. Installing a printer driver from
Windows:
2. Installing a printer driver from the
command line:
J. Debugging Samba:
K. Recommended reading:
@ Serial Devices:
A. Introduction:
B. Thr RS-232C standard:
C. Alternative connectors:
1. The mini DIN-8 Variant:
2. The DB-9 variant:
3. The RJ-45 variant:
4. The Yost standard for RJ-45 wiring:
C. Hard and soft carrier:
D. Hardware flow control:
E. Cable length:
F. Serial device files:
G. Setserial: setserial port parameters:
H. Software configuration for serial devices:
1. The login process:
2. The /etc/inittab file:
3. Terminal support: the termcap and
terminfor databases:
I. Special characters and the terminal driver:
J. stty: set terminal options:
K. tset: set options automatically:
L. Terminal unwedging:
M. Modems:
1. Modulation, error correction, and data
compression protocols:
2. minicom: dial out:
3. Bidirectional modems:
N. Debugging a serial line:
O. Other common I/O ports:
1. USB: the Universal Serial Bus:
@ Drivers and The Kernel:
A. Introduction:
B. Kernel adaptation:
C. Drivers and device files:
1. Device files and device numbers:
2. Creating device files:
3. Sysfs: a window into the souls of devices:
4. Naming conventions for devices:
D. Why and how to configure the kernel:
E. Tuning Linux kernel parmeters:
F. Building a Linux kernel:
1. If it ain't broke, don/t fix it:
2. Configuring kernel options:
3. Building the kernel binary:
G. Adding a Linux device driver:
1. Device awareness:
H. Loadable kernel modules:
I. Hot-plugging:
J. Setting bootsrap options:
K. Recommended reading:
@ Daemons:
A. Introduction:
B. init: the primordial process:
C. cron and atd: schedule commands:
D. xinetd and inetd: manage daemons:
1. Configuring xinetd:
2. Configuring inetd:
3. The services file:
4. portmap: map RPC services to TCP
and UDP ports:
E. Kernel daemons:
1. klogd: read kernel messages:
F. Printing daemons:
1. cupsd: scheduler for the Common
UNIX Printing System:
2. lpd: manage printing:
G. File service daemons:
1. rpc.nfsd: serve files:
2. rpc.mountd: respond to mount
requests:
3. amd and automount: mount
filesystems on demand:
4. rpc.lockd and rpc.statd: manage
NFS locks:
5. rpciod: cache NFS blocks:
6. smbd: provide file and printing
service to Windows clients:
7. nmbd: NetBIOS name server:
H. Administrative database dawmons:
1. ypbind: locate NIS servers:
2. ypserv: NIS server:
3. rpc.ypxfrd: transfer NIS databases:
4. Lwresd: lightweight resolver library
server:
5. nscd: mane service cache daemon:
I. Electronic mail daemons:
1. sendmail: transport electronic mail:
2. smtpd: simple Mail Transport
Protocol daemon:
3. popd: basic mailbox server:
4. imapd: deluxe mailbox server:
J. Remote login and command execution
daemons:
1. sshd: secure remote login server:
2. in.rlogind: obsolete remote login
server:
3. in.telneted: yet another remote login
server:
4. in.rshd. remote command execution
server:
K. Booting and configuration daemons:
1. dhcpd: dynamic address assignment:
2. in.tftpd: trivial file transfer server:
3. rpc.bootparamd: advanced diskless
life support:
4. hald: hardware abstration layer (HAL)
daemon:
5. udevd: serialize device connection
notices:
L. Other network daemons:
1. talkd: network chat service:
2. snmpd: provide remote nttwork management
service:
3. ftpd: file transfer server:
4. rsyncd: synchronize files among multiple
hosts:
5. routed: maintain routing tables:
6. gated: amintain complicated routing tables:
7. named: DNS server:
8. syslogd: process log messages:
9. in.fingered: look up users:
10. httpd: World Wide Web server:
11. ntpd: time synchronization daemon:
@ Management, Policy, and Politics:
A. Introduction:
B. Make Everyone happy:
C. components of a functional IT
organization:
D. The role of management:
1. Leadership:
2. Hiring, firing, and personnel
management:
3. Assigning and tracking tasks:
4. Managing upper management:
5. Conflict resolution:
E. The role of administration:
1. Sales:
2. Purchasing:
3. Accounting:
4. Personnel:
5. Marketing:
6. Miscellaneous administrative chores:
F. The role of development:
1. Architectural principles:
2. Anatomy of a management system:
3. The system administrator's tool box:
4. Software engineering principles:
G. The role of operations:
1. Aim for minimal downtime:
2. Document dependencies:
3. Repurpose or eliminate older hardware:
H. The work of support:
1. Availability:
2. Scope of service:
3. Skill sets:
4. Time management:
I. Documentation:
1. Standardized documentation:
2. Hardware labeling:
3. User documentation:
J. Request-tracking and trouble-reporting
systems:
1. Common functions of trouble ticket systems:
2. User acceptance of ticketing systems:
3. Ticketing systems:
4. Ticket dispatching:
K. Disaster recovery:
1. Backups and Off-line information:
2. Staffing your disaster:
3. Power and HVAC:
4. Network redundancy:
5. Security incidents:
6. Second-hand stories from the
World Trade Center:
L. Written policy:
1. Encryption:
2. Copyright:
3. Privacy:
4. Click-through EULAs:
5. Policy enforcement:
6. Control=liability:
7. Software licenses:
8. Regulatory compliance:
M. Software patents:
N. Standards:
1. LSB: the Linux Standard Base:
2. POSIX:
3. ITIL: the Information Technology
Interface Library:
O. Linux culture:
P. Mainstream Linux:
Q. Organizations, conferences, and other
resources:
1. Conferences and trade shows:
2. LPI: the Linux Professional Institute:
3. Mailing lists and web resources:
4. Sysadmin surveys:
R. Recommended Reading:
* STATE OF THE ART CURRICULUM DESIGN:
* NEW:
* REFERENCES:
* ILLUSTRATIONS:
* PHOTOS:
* PAPERBACK:
* TRANSPARENT FRONT PAGE:
* TITLE PAGE:
* BLACK OR WHITE BACK PAGE COVER:
* BINDED: BLACK OR WHITE COIL: WIRE-0:
* 500 WHITE PAGES: 8x11 INCHES:
* ALLOW 3 TO 4 WEEKS TO RECEIVE ITEM:
* ORDER EARLY WHILE SUPPLIES LAST:
* RECEIVE A ADVANCE CERTIFICATE IN
LINUX ADMINISTRATION AFTER PASSING
THE EXAMINATIONS IN THE CURRICULUM
DESIGN AND INSTRUCTION:
