السلام عليكم و رحمة الله
اليوم احببت ان اقدم لكم افضل و اغلى كورس تعليمي
LinuxCBT - Firewall Edition - 2013
English | Audio: aac, 44100 Hz, mono (eng)
MOV | Video: h264, yuv420p, 800x600, 29.97 fps® (eng) | 788 MB
Genre: Video Training
English | Audio: aac, 44100 Hz, mono (eng)
MOV | Video: h264, yuv420p, 800x600, 29.97 fps® (eng) | 788 MB
Genre: Video Training
المحتويات:
Course Objective
Firewall Security - Module III
Intro IPTables
Discuss key IPTables concepts
OSI Model discussion
Determine if IPTables support is available in the current kernel
Identify key IPTables modules and supporting files
Explore and examine the default tables
Learn IPTables Access Control List (ACL) syntax
Discuss ACL management
Learn to Save & Restore IPTables ACLs
IPTables - Chain Management
Explore the various chains in the default tables
Discuss the purpose of each chain
Examine packet counts & bytes traversing the various chains
Focus on appending and inserting new ACLs into pre-defined chains
Write rules to permit common traffic flows
Delete & Replace ACLs to alter security policy
Flush ACLs - reset the security policy to defaults
Zero packet counts & bytes - bandwidth usage monitoring
Create user-defined chains to perform additional packet handling
Rename chains to suit the security policy/nomenclature
Discuss & explore chain policy
IPTables - Packet Matching & Handling
Explain the the basics of packet matching
Identify key layer-3/4 match objects - (Source/Dest IPs, Source/Dest Ports, etc.)
Explore the multi-homed configuration
Block traffic based on untrusted (Internet-facing) interface
Perform packet matching/handling based on common TCP streams
Perform packet matching/handling based on common UDP datagrams
Perform packet matching/handling based on common ICMP traffic
Write fewer rules (ACLs) by specifying lists of interesting layer-4 ports
Discuss layer-3/4 IPTables default packet matching
Discuss default layer-2 behavior
Increase security by writing rules to match packets based on layer-2 addresses
IPTables - State Maintenance - Stateful Firewall
Discuss the capabilities of traditional packet-filtering firewalls
Explain the advantages of stateful firewalls
Examine the supported connection states
Identify key kernel modules to support the stateful firewall
Implement stateful ACLs & examine traffic flows
IPTables - Targets - Match Handling
Discuss the purpose of IPTables targets for packet handling
Write rules with the ACCEPT target
Write rules with the DROP target
Write rules with the REJECT target
Write rules with the REDIRECT target
Confirm expected behavior for all targets
IPTables - Logging
Explore Syslog kernel logging configuration
Define Access Control Entry (ACEs) to perform logging
Explain the key fields captured by IPTables
Log using user-defined chain for enhanced packet handling
Log traffic based on security policy
Define a catch-all ACE
Use ACE negation to control logged packets
Label log entries for enhanced parsing
IPTables - Packet Routing
Describe subnet layout
Enable IP routing in the kernel - committ changes to disk
Update routing tables on the other Linux Hosts on the network
Update the Cisco PIX Firewall's routing tables
Test routing through the Linux router, from a remote Windows 2003 Host
Focus on the forward chain
Write ACEs to permit routing
Test connectivity
IPTables - Network Address Translation (NAT)
Discuss NAT features & concepts
Discuss & implement IP masquerading
Define Source NAT (SNAT) ACEs & test translations
Create SNAT multiples
Implement Destination NAT (DNAT) ACEs & test translations
Define DNAT multiples
Create NETMAP subnet mappings - one-to-one NATs
IPTables - Demilitarized Zone (DMZ) Configuration
Describe DMZ configuration
Write Port Address Translation (PAT) rules to permit inbound traffic
Test connectivity from connected subnets
Configure DMZ forwarding (Routing)
Implement Dual-DMZs - ideal for n-tiered web applications
IPTables - IPv6
Explore IPv6 configuration
Peruse IPv6 IPTables management tools
Log and Filter ICMPv6 traffic
Log and Filter TCPv6 traffic
Log and Filter UDPv6 traffic
Use 'nping' to generate IPv6 traffic for analysis
Create IPv6 Sub-Chains to manage rules
Evaluate results
التحميل:
Firewall Security - Module III
Intro IPTables
Discuss key IPTables concepts
OSI Model discussion
Determine if IPTables support is available in the current kernel
Identify key IPTables modules and supporting files
Explore and examine the default tables
Learn IPTables Access Control List (ACL) syntax
Discuss ACL management
Learn to Save & Restore IPTables ACLs
IPTables - Chain Management
Explore the various chains in the default tables
Discuss the purpose of each chain
Examine packet counts & bytes traversing the various chains
Focus on appending and inserting new ACLs into pre-defined chains
Write rules to permit common traffic flows
Delete & Replace ACLs to alter security policy
Flush ACLs - reset the security policy to defaults
Zero packet counts & bytes - bandwidth usage monitoring
Create user-defined chains to perform additional packet handling
Rename chains to suit the security policy/nomenclature
Discuss & explore chain policy
IPTables - Packet Matching & Handling
Explain the the basics of packet matching
Identify key layer-3/4 match objects - (Source/Dest IPs, Source/Dest Ports, etc.)
Explore the multi-homed configuration
Block traffic based on untrusted (Internet-facing) interface
Perform packet matching/handling based on common TCP streams
Perform packet matching/handling based on common UDP datagrams
Perform packet matching/handling based on common ICMP traffic
Write fewer rules (ACLs) by specifying lists of interesting layer-4 ports
Discuss layer-3/4 IPTables default packet matching
Discuss default layer-2 behavior
Increase security by writing rules to match packets based on layer-2 addresses
IPTables - State Maintenance - Stateful Firewall
Discuss the capabilities of traditional packet-filtering firewalls
Explain the advantages of stateful firewalls
Examine the supported connection states
Identify key kernel modules to support the stateful firewall
Implement stateful ACLs & examine traffic flows
IPTables - Targets - Match Handling
Discuss the purpose of IPTables targets for packet handling
Write rules with the ACCEPT target
Write rules with the DROP target
Write rules with the REJECT target
Write rules with the REDIRECT target
Confirm expected behavior for all targets
IPTables - Logging
Explore Syslog kernel logging configuration
Define Access Control Entry (ACEs) to perform logging
Explain the key fields captured by IPTables
Log using user-defined chain for enhanced packet handling
Log traffic based on security policy
Define a catch-all ACE
Use ACE negation to control logged packets
Label log entries for enhanced parsing
IPTables - Packet Routing
Describe subnet layout
Enable IP routing in the kernel - committ changes to disk
Update routing tables on the other Linux Hosts on the network
Update the Cisco PIX Firewall's routing tables
Test routing through the Linux router, from a remote Windows 2003 Host
Focus on the forward chain
Write ACEs to permit routing
Test connectivity
IPTables - Network Address Translation (NAT)
Discuss NAT features & concepts
Discuss & implement IP masquerading
Define Source NAT (SNAT) ACEs & test translations
Create SNAT multiples
Implement Destination NAT (DNAT) ACEs & test translations
Define DNAT multiples
Create NETMAP subnet mappings - one-to-one NATs
IPTables - Demilitarized Zone (DMZ) Configuration
Describe DMZ configuration
Write Port Address Translation (PAT) rules to permit inbound traffic
Test connectivity from connected subnets
Configure DMZ forwarding (Routing)
Implement Dual-DMZs - ideal for n-tiered web applications
IPTables - IPv6
Explore IPv6 configuration
Peruse IPv6 IPTables management tools
Log and Filter ICMPv6 traffic
Log and Filter TCPv6 traffic
Log and Filter UDPv6 traffic
Use 'nping' to generate IPv6 traffic for analysis
Create IPv6 Sub-Chains to manage rules
Evaluate results
التحميل:
ليست هناك تعليقات:
إرسال تعليق