TN-125: Introduction to UNIX and Linux

Course Overview:

This hands-on course provides an intensive overview of fundamental UNIX commands that are common to all flavors of UNIX, but the focus is on RedHat. At the end of this course students will have a firm grasp of how the UNIX operating system works, how to accomplish powerful functions using multiple commands & most importantly of all, how to think UNIX. With the skills gained in this course, students can move on to RedHat System Administration I or Linux System Admnistration I.

Attendees of TN-125: Introduction to UNIX and Linux will receive course materials and expert Instruction.

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

Unix Overview
Introduction to the UNIX command Line
Managing and controlling access to files
Batch Scripting and tools
Regular Expressions, Pipelines, and IO Redirection
Text File Manipulation
Basic Network Commands
Managing Unix Processes
GNOME Graphical Desktop

Prerequisites:

Basic Knowledge of Computers

Comments

Latest comments from students

User: trkdashin

Instructor comments: Very knowledgeable

Facilities comments: Nice Hotel

Liked the class? Then let everyone know!

TN-575: Open Source Network Security Monitoring

Course Overview:

TN-575: Open Source Network Security Monitoring teaches students how to deploy, build, and run an NSM operation using open source software and vendor-neutral tools. No network is bullet proof and when attackers access your network, this course will show you how to build a security net to detect, contain, and control the attacker. Sensitive data can be monitored and deep packet and deep attachment analysis can be achieved. As organizations stand up a Security Operations Center (SOC) the enterprise NSM is the key ingredient to that SOC. This course not only teaches how to implement an NSM technologically, but how to effectively monitor an enterprise operationally. You will learn how to architect an NSM solution: where to deploy your NSM platforms and how to size them, stand-alone or distributed, and integration into packet analysis, interpret evidence, and integrate threat intelligence from external sources to identify sophisticated attackers. A properly implemented NSM is integral to incident response and provides the responders timely information to react to the incident. TN-575: Open Source Network Security Monitoring is a lab intensive environment with a cyber range that gives each student in-depth knowledge and practical experience monitoring live systems to include: Cisco, Windows, Linux, IoT, and Firewalls.

Attendees to TN-575: Open Source Network Security Monitoring class will receive TechNow approved course materials and expert instruction.

This Course is taught utilizing Security Onion or RockNSM as specified by the customer.

Dates/Locations:

No Events

Duration: 5 Days

Course Objective:

The focus of this course is to present a suite of Open Source security products integrated into a highly functional and scalable Network Security Monitoring solution.

Prerequisites:

Students should have a basic understanding of networks, TCP/IP and standard protocols such as DNS, HTTP, etc. Some Linux knowledge/experience is recommended, but not required

Course Outline:

Network Security Monitoring (NSM) Methodology
High Bandwidth Packet Capture Challenges
Installation of Security Onion
- Use Cases (analysis, lab, stand-alone, distributed)
- Resource Requirements
Configuration
- Setup Phase I – Network Configuration
- Setup Phase 2 – Service Configuration
- Evaluation Mode vs. Configuration Mode
- Verifying Services
Security Onion Architecture
- Configuration Files and Folders
- Network Interfaces
- Docker Environment
- Security Onion Containers
Overview of Security Onion Analyst Tools
- Kibana
- CapME
- CyberChef
- Squert
- Sguil
- NetworkMiner
Quick Review of Wireshark and Packet Analysis
- Display and Capture Filters
- Analyze and Statistics Menu Options
- Analysis for Signatures
Analyzing Alerts
- Replaying Traffic
- 3 Primary Interfaces:
  - Squert
  - Sguil
  - Kibana
- Pivoting Between Interfaces
- Pivoting to Full Packet Capture
Snort and Surricata
- Rule Syntax and Construction
- Implementing Custom Rules
- Implementing Whitelists and Blacklists
Hunting
- Using Kibana to Slice and Dice Logs
- Hunting Workflow with Kibana
Bro
- Introduction and Overview
  - Architecture, Commands
- Understanding and Examining Bro Logs
  - Using AWK, sort, uniq, and bro-cut
- Working with traces/PCAPs
- Bro Scripts Overview
  - Loading and Using Scripts
- Bro Frameworks Overview
  - Bro File Analysis Framework FAF
- Using Bro scripts to carve out more than files
RockNSM ( * If Applicable)
- Kafka
  - Installation and Configuration
  - Kafka Messaging
  - Brokers
  - Integration with Bro and FSF
- File Scanning Framework FSF
  - Custom YARA Signatures
  - JSON Trees
  - Sub-Object Recursion
  - Bro and Suricata Integration
Elastic Stack
- Adding new data sources in Logstash
- Enriching data with Logstash
- Automating with Elastalert
- Building new Kibana dashboards
Production Deployment
- Advanced Setup
- Master vs Sensor
- Node Types – Master, Forward, Heavy, Storage
- Command Line Setup with sosetup.conf
- Architectural Recommendations
- Sensor Placement
- Hardening
- Administration
- Maintenance
Tuning
- Using PulledPork to Disable Rules
- BPF’s to Filter Traffic
- Spinning up Additional Snort / Suricata / Bro Workers to Handle Higher Traffic Loads

Comments

Latest comments from students

Liked the class? Then let everyone know!

TN-215: Shell Programming

Course Overview:

This intensive hands-on class teaches students to develop customized UNIX™ commands, read & write Bourne, Korn & Bash Shell scripts & automate critical server functions. The course includes extensive lab exercises, including hands-on development & debugging of shell scripts, which will give students the ability to be more efficient and productive in less time. The focus of the course will be the Bash shell.

Attendees to TN-215: Shell Programming will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 days

Course Objectives:

Shell Review
Shell Interpretation of Quotes & Backslash
The Bash Shell
Shell’s combined with UNIX utilities
Programming Basics
Data Constructs
Programming Looping
Your Environment
More on Parameters
Advanced Shell Programming

Prerequisites:

TN-125 Introduction to UNIX & Linux or equivalent knowledge

Comments

Latest comments from students

User: hnzarate

Instructor comments: Very knowledgeable.

Facilities comments: This hotel needs better water.

Liked the class? Then let everyone know!

Programming

TechNow offers the full gamut of programming languages from ANSI C and C++ to the various Microsoft .Net languages (Visual Basic, C# and C++). If you are completely new to programming, TechNow offers courses that demonstrate the fundamentals to get you started.

If you prefer Unix/Linux, we offer Shell Programming, as well as, Perl and Python. We also offer courses in the web development languages, such as, Java Servlets, JSP, and ASP .Net.

The following is a list of our Programming training courses:

Unix/Linux

Over twenty years experience in the area of Solaris, Linux, and Unix ensures that you are benefiting from a very mature and successful Solaris, Linux, and Unix training program. TechNow offers the full suite of Solaris, Linux, and Unix courses utilizing real hardware. This is not virtualized Solaris on Intel processors, or remote connection to a distant system. The student learns to deal with real hardware taking advantage of Sparc T series processors. Solaris 10 and Solaris 11 is taught hands-on with data center skills as the focus. We also offer Solaris 10 migration courses to Solaris 10 or Solaris 11.

The following is a list of our Unix/Linux training courses: