icon

Secure Mailservers with Postfix

  • Email Basics
    • Mailserver Topologies
    • E-mail protocols (SMTP, POP3, IMAP)
  • Installation of Postfix
  • Installation of an IMAP Server (Cyrus IMAP or Dovecot)
  • E-mail directories (mbox vs. maildir)
  • User administration with LDAP
  • Filter functions
    • Postfix own filter functions
    • Greylisting with external policy servers
    • Self-written external policy servers
    • Amavisd-new
    • SpamAssassin
  • Performance Tuning (Cluster, Queue Management, RAM Disks)
  • Security (TLS, SMTP-AUTH, email bombs)
  • SPF, DKIM, DMARC
  • Migration (Sendmail, MS-Exchange)
icon

Apache Webserver Administration

  • Comparison of Apache versions
  • Apache installation
  • Basic configuration
  • Restrictions on access
  • User authentication
  • Virtual Hosting and Virtual Mass Hosting
  • Rewriting
  • Encryption with SSL/TLS
  • Protocol analysis
  • Database connection with PHP
  • Apache Tuning
  • Apache security
icon

Ways out of the license trap - Samba 4

  • Samba Installation
  • Windows name resolution and WINS
  • File and print services with Samba4
  • Member server in an ADS domain
  • Domain controller with Samba 4
icon

VPN Solutions with Linux

  • VPN Architectures and Protocols in Comparison
  • IPsec with strongSwan
  • Networking of several locations
  • Connection of field service employees
  • Authentication with X.509 certificates
  • Use of Smartcards
  • NAT traversal
  • IKEv2 with Windows 7
icon

OpenLDAP and Kerberos

  • LDAP Basics
  • Installation of OpenLDAP
  • Basic configuration and structure of the first directory
  • Replication with SyncRepl
  • Multi-master replication with OpenLDAP 2.4
  • OpenLDAP overlays and their use
  • Connection of Linux authentications with PAM
  • Building a Kerberos environment
  • Connection of authentication to Kerberos
  • Connection of Samba
  • Connection of the Squid user authentication
  • Apache user authentication connection
  • Connection of Postfix
    • Read configuration data from the LDAP directory
    • Login via LDAP and Kerberos
icon

IPv6 with Linux

  • Configuration of IPv6
  • IPv6 address types
  • IPv6 Routing
  • Conversion of services to IPv6
  • Connection to the Internet via IPv6 tunnel
  • multicast routing
  • Operation with a dual stack
  • Firewalling with ip6tables
icon

High Availability and LoadBalancing

  • High availability
  • What’s 99.9999%?
  • Linux HA: Heartbeat
  • Shared storage with DRBD
  • Connection to real Shared Storage
  • Construction of a high-availability load balancer for web servers with LVS
  • Pound as Loadbalancing Proxy
icon

DHCP, DNS and DNSSec

  • DHCP with ISC DHCP 3.0
    • Management of IP addresses with DHCP
    • Permanent and dynamic allocation of IP addresses
    • Distribution of further information for e.g. PXE
    • DHCP relay o Fail-safe with DHCP failover
  • DNA with ISC Bind9
    • Caching-Only Name Server
    • Primary and secondary name servers
    • views
    • Access controls to DNS information
    • Dynamic DNS
  • DNSSEC
    • Activating DNSSEC in Bind9
    • Signature of own zone
    • Exchange of the Trust Anchor with other admins
    • DLV (DNSSEC Look-aside Validation) Registration
icon

Automation of system configuration with Puppet & Co.

  • Planning
  • First instllation
  • Administration
  • Function
icon

OpenVPN - The alternative to IPSec

  • Introduction to OpenVPN
  • Installation of OpenVPN
  • Setup of a VPN
  • Authentication with certificates
  • Integration of Windows clients
  • Use of Smartcards
  • Allocation of IP addresses and adaptation of the firewall
  • Monitoring of the OpenVPN access
  • Alternative: Wireguard