Hands-On Linux Networking and Security
Published by O'Reilly Media, Inc.
Connecting and hardening Linux systems
What you’ll learn and how you can apply it
- Configure Linux network interfaces and diagnose connectivity issues using command-line tools
- Deploy secure host-to-host communication using SSH keys, certificates, and encrypted file transfer
- Monitor Linux systems remotely using syslog and Prometheus
- Implement Docker container networking including bridge networks and port mapping
- Harden a Linux system by managing services, file permissions, intrusion prevention, and audit logging
- Secure SSH access through authentication controls, brute force protection, and two-factor authentication
- Configure and enforce firewall policies using firewalld and nftables
- Build real-world Linux skills with in-depth hands-on labs
Course description
Knowledge of Linux server networking and securing is vital for systems administrators, DevOps engineers, and many other types of computer technicians. In some cases, these important basics are either underestimated or are not properly incorporated into Linux environments. Implementing strong networking and security techniques helps Linux systems communicate more efficiently and safely, resulting in increased production, reduced downtime, and happier organizations.
Expert Dave Prowse takes you through real-world scenarios, using tools and techniques directly applicable to production Linux environments. You’ll learn how to configure and troubleshoot Linux network interfaces, implement secure remote access with SSH keys and certificates, monitor systems remotely, harden a Linux host against common threats, and build and manage firewall rules. Each topic is reinforced through hands-on exercises designed to reflect the kinds of tasks Linux administrators and DevOps engineers encounter on the job.
This live event is for you because...
- You’re a Linux administrator, sysadmin, DevOps engineer, cloud infrastructure engineer, site reliability engineer (SRE), network administrator, or security administrator.
- You want to learn the fundamentals of Linux networking and Linux security.
- You want to increase your overall knowledge of the Linux operating system.
Prerequisites
- Basic Linux terminal knowledge
- An understanding of how to create Linux virtual machines
- Ability to work with a text editor such as Vim, nano, gedit, etc. (instructor will focus on Vim)
Recommended preparation:
- Access the course repository and read the README!
- Create two Linux virtual machines: One server and one client (either Debian with the GNOME desktop or CentOS Stream with the GNOME desktop running locally)
- Watch lessons 2 and 3 of Linux Fundamentals, second edition (on-demand course)
- Watch Setting up a Virtual Machine (on-demand course)
- Watch Virtualization for Everyone (on-demand course)
Recommended follow-up:
- Watch Linux Networking and Security—Basics and Beyond (on-demand course)
- Watch Prometheus Fundamentals (on-demand course)
- Watch HashiCorp Certified Terraform Associate (004) (on-demand course)
- Watch Building Linux Servers (on-demand course)
Schedule
The time frames are only estimates and may vary according to how the class is progressing.
Day 1: Hands-On Linux Networking
Network commands and configuration (60 minutes)
- Presentation: Everything can be networked together; IP address structure and breakdown; the OSI model and Linux
- Hands-on exercises: System discovery commands (ip address, ip neigh, and ping); path and routing discovery (ip route and traceroute); using nmcli to configure IP; port and socket discovery (ss, lsof); network scanning and remote discovery (nmap, netcat, arping); name resolution discovery (dig, nslookup); traffic and packet inspection (curl, tcpdump, wireshark)
- Q&A
- Break
Connecting between hosts in the command line (65 minutes)
- Presentation: SSH process
- Hands-on exercises: SSH from client to server; SSH with keys; SSH with certificates; using rsync to transfer data
- Q&A
- Break
Monitoring Linux hosts remotely (60 minutes)
- Presentation: Syslog process, diagram, and breakdown
- Hands-on exercises: Rsyslog monitoring; Prometheus monitoring
- Q&A
- Break
Docker networking (55 minutes)
- Presentation: Docker intro, diagram, and breakdown
- Hands-on exercises: Install Docker and inspect the bridge; create a custom bridge network; explore container-to-container communication; port mapping to the host
- Q&A
Day 2: Hands-On Linux Security
Linux hardening (75 minutes)
- Presentation: Nothing is 100% secure
- Hands-on exercises: Update the VM; install automatic security updates; explore systemctl and services; secure files; set up intrusion prevention; configure anti-malware; configure auditing (auditd)
- Q&A
- Break
SSH security (60 minutes)
- Presentation: SSH security overview
- Hands-on exercises: Securing SSH networking (port forwarding, SFTP, inbound port); securing SSH users (root, groups, authentication); SSH host key verification; key backup and restoration; 2FA with libpam-oath; brute force protection; implement an open source key management system
- Q&A
- Break
User and application security (50 minutes)
- Presentation: Overview of user and application security
- Hands-on exercises: User authentication; mandatory access control (apparmor, SELinux)
- Q&A
- Break
Firewalling Linux (50 minutes)
- Presentation: Overview of firewalling in Linux
- Hands-on exercises: Configuring firewalld; securing Linux with nftables
- Q&A
- Wrap-up and Q&A (5 minutes)
Your Instructor
David L. Prowse
David Prowse has more than 20 years of experience in the IT field. He is an advocate of lifelong learning, self-improvement, building confidence, and the sharing of knowledge. You can contact him at his website: prowse.tech; on discord; and on his Youtube channel
Skills covered
- Linux
- Network Security