linux.conf.au.2016 and a FreeIPA workshop

https://github.com/freeipa/freeipa-workshop

In preparation for the RH414 course I’m taking next week I think I should have a look at kerberos, freeipa and bind a bit :)

During linux.conf.au.2016 there was a workshop on FreeIPA. (There were many other interesting talks there, for example the Network Performance Tuning by Jamie Bainbridge).

There is a video to accompany it: https://www.youtube.com/watch?v=VLhNcirKFDs

 

Notes

  • Bonus feature: get acquainted with vagrant too!

Vagrant 1.7.4 and Virtualbox 5.0 works just fine together (except I had some issues with network interfaces on Ubuntu 15.10 and Virtualbox 5 and Vagrant – the MAC addresses were the same on the VM’s interfaces to the “NAT” network- they also got some weird IP addresses there). I could only find that IP used in resolv.conf (from the dhcp) – so that could be changed.

read on
Posted at 1pm on 31/03/16 | No Comments » | Filed Under: IT

RH413 – Red Hat Server Hardening

I’m attending this training in a week or so. This post will be updated as I go through the sections I want to check out before the training starts.

https://www.redhat.com/en/services/training/rh413-red-hat-server-hardening

  • Track security updates
    • Understand how Red Hat Enterprise Linux produces updates and how to use yum to perform queries to identify what errata are available.
  • Manage software updates
    • Develop a process for applying updates to systems including verifying properties of the update.
  • Create file systems
    • Allocate an advanced file system layout and use file system encryption.
  • Manage file systems
    • Adjust file system properties through security related options and file system attributes.
  • Manage special permissions
    • Work with set user ID (SUID), set group ID (SGID), and sticky (SVTX) permissions and locate files with these permissions enabled.
  • Manage additional file access controls
    • Modify default permissions applied to files and directories; work with file access control lists.
  • Monitor for file system changes
    • Configure software to monitor the files on your machine for changes.
  • Manage user accounts
    • Set password-aging properties for users; audit user accounts.
  • Manage pluggable authentication modules (PAMs)
    • Apply changes to PAMs to enforce different types of rules on users.
  • Secure console access
    • Adjust properties for various console services to enable or disable settings based on security.
  • Install central authentication
    • Install and configure a Red Hat Identity Management server and client.
  • Manage central authentication
css.php