red hat training-free-Linux Tutorial for Beginners-001

A Red Hat Certified Engineer (RHCE) is like MCSE certification of Microsoft server 2012.We are going to learn about the features of Red Hat Enterprise Linux (RHEL) like features of Microsoft server 2012.Linux is derived from UNIX and UNIX launched in 1969.

unix structure diagram

Unix OS Structure

Kernel -It is the part interact with Hardware

Shell-It is the part where users can interact with kernel (Users working here)

First created kernel faced some problems in the USA.So they open sourced the kernel.Microsoft, IBM etc modified the kernel to Microsoft Unix, IBM UNIX etc.

In 1991 Mr. Linus Torvalds modified the Unix kernel to Linux kernel for PC.It had the only kernel, no shell.So couldn't install the os.

Free Software Foundation

It was a project for creating a shell for Linux kernel and the project name was GNU.The name of the first Linux operating system is GNU.

(Free software foundation shell+Linux kernel=GNU Linux)

there are plenty of companies modifies the shell of GNU Linux and resell it.Redhat is Linux Distributors.

Is there have applications in GNU Linux such as in Windows XP?

By default, there are plenty of applications in GNU Linux. we can download it from the internet.

Suppose if we are using the application named wine then we can run windows applications GNU Linux machine.

Free-vMware training videos-and notes-myitfriends-001

By doing vMware we can save money, racks, spaces etc.

What is Hypervisor?

Instead of an operating system, we can load a thin layer of software on hardware is known as a hypervisor.It's a generic word.vMware called it as vmvisor and Microsoft called it Hyper V.

What is Bare metal Virtualization ?

On the top of the hypervisor, we can create virtualized computers.It maps the processor, RAM, hard disk, NIC etc of a real machine to here.So we are calling it virtual processor, virtual RAM, Virtual HDD, Virtual NIC etc.

Likewise, we can create multiple virtual machines.such as vm1,vm2,vm3 etc depends up on the power of the underlying hardware.

In addition to that, we can install operating systems such as windows 8, windows server 2012 etc.And these operating systems are then known as guest operating system.Because VM is the host and operating system are the guest.These are the common concept of a recommended virtualization at the professional environment.

We can create machines in that we can add multiple virtual machines.In a data center, there will be a collection of physical machines and lot of virtual machines on it.And these are working in collaboration.vMvisor is introduced by the company vMware.It's a software component of hypervisor for virtualization.

What is Hosted Virtualization ?

There is another virtualization method.In that we can use normal standard hardware(Laptop, Pc) On that  we can just install the os (windows 7, windows 8 etc..)In that, we can install hypervisor just as a service.Moreover, on top of the hypervisor, we can add VMS and able to install the guest os on it.For this purpose, we can use a software known as vMware workstation.You can download and install to your laptop from vMware official website.

Centralized Management

Suppose if a physical machined is crashed, then what will happen the VMS on it?
We can move VMS to one physical machine to another automatically by doing features such as Disaster Recovery, Fault tolerance etc.We will learn about it on upcoming classes.

ccna security training-new ccna security 210-260-free-02

What will happen if we do not configure these management protocols not properly?We are using ssh or telnet to enter in cmd line.In this which one is more secure?

Telnet is not secure.it has been using before TCP/IP comes.Suppose it we are configuring a router using telnet in a system, that’s easily assessable for a hacker.So we can't use telnet in a production environment network.We are using SSH(secure shell host) at production network.SSH is encrypted all the data that we

are entering and send it to other devices as an encrypted format.Decrypting this data while configuring the router is difficult to a hacker.So clearly we can say SSH is more secure than Telnet.

HTTP and https which one is secure?

Simply we can say Hypertext Transfer Protocol Secure (HTTPS) is secure than Hyper Text Transfer Protocol. Because all the things are in HTTPS is in an encrypted format.So if you are configuring a router with ccp (Cisco Configuration Professional) then using HTTPS is more secure.

How HTTPS works?

Suppose if are browsing Facebook, Gmail etc then all the URL comes with HTTPS.if our systems date and time are wrong then that web site is accessible to us or not?No, the websites are not accessable to us because their servers provide certificates to our machine with date and time. if that miss match with our machine then we can't access their websites.

2,Control Plane (control Function)

The hardware function of a router which is used to router discovery and inventory known as a control function.router discovery means to find out the neighbor routers and networks.inventory is for monitoring.hardware function is directly involved in a hardware.router CPU is involved in this function.
Routing protocols such as rip,eigrp .keepalives signals are working in the controle plane.

Keep alive

It is a signal used to check the status of a router interfaces up or down.the default time for keep alive is 10 seconds.example if we are configuring a router interface such as fa0/0 with IP address and give the cmd # show ip int brief, that time the cable may not be connected to that interface.Even though for 10 seconds that interface will show that protocol up status up after 10 sec keep alive check the interface then it will go down.If we need to know immediately that the interface is up or down very quickly after ip configured then give the command #nokeepalive.keepalive checks the interface status all the time continuously.

What are the threats in control plane if not configured it properly?

Consider we have two routers in our network and we configured eigrp in it.Then an intruder who is trying to connect and enter our networks may use the Bogus router (fake router).he is not an authorized user. then his router table entries will reach out and he becomes our neighbor.his eigrp will work faster than us.with in seconds he will get all the network information of that enterprise.By this way, he will get next hope and then he can access the networks.
To avoid this we should configure the authentication settings properly.means routing protocols authentication for rip,eigrp, OSPF like anything.We should authenticate our routing protocols for security.

Ping Of Death (POD)

It is the another threat in control plane.ICMP protocol is using for the ping.Its default size is 32 bytes.Ping of death means a hacker send continuous ping packets to our hardware in the bigger size.Due to the continuous ping packets and its Biggers size, our network will get hang. there is a chance of down the network.This is known as the ping of death.
Solution to prevent ping of death attack ie enable Control Plane Policy (CoPP) in the router.In this, we can set the packet size to allow and block.

ccna security training-free videos and notes-myitfriends-01

CCNA Security exam code and CCNA Security exam cost

CCNA security is one of the specialization certification for network security from Cisco.

To certify CCNA Security you should attend the exam code  210-260 IINS.And the  Recommended Training is Implementing Cisco Network Security (IINS).
The Exam Duration is about 90 minutes, and there may have about (60-70 questions).ccna security exam cost is $250.

To attend and get CCNA Security Certification you should have any valid Cisco CCENT, CCNA Routing, and Switching, or any CCIE certification.After ccna security, you can prepare for higher certifications in security such as CCNP Security and CCIE Security.

To write Cisco certifications you need contact and Register Pearson VUE centers near to you.

Benefits of CCNA Security Certification

Become Security Specialist: if you are certified ccna routing and switching then at an enterprise you will know as the data engineer.Moreover, if you are a certified engineer of CCNA Security Then you will know as a security specialist(Security Engineer). 

If you are a data engineer then you need to configure the protocols in router and switch configuration and establishing the network.But if you are security engineer then it is your responsibility to protect our network from the threat.Means our duty is to protect our network from outsiders to enter our network.Due to the mistakes from our side, others get hints and can access our network.

ex: somebody writes their pin number at top of ATM cards. It is easy to access others if they get this card.Likewise, In our network, we may put vulnerabilities by mistakes. It very helpful to others to make problems.

As a network specialist, it's our responsibility to protect our network from this kind of vulnerabilities (Hacking)in ccna security, we are mainly studying about the mistakes in our network and blocks its access to outsiders.

Network Protection 

 NFP(Network Foundation Protection) in this we will study network security.

In Network Foundation Protection, the full network infrastructure is divided into three.

1,Management Plane(Management function)
2,Control Plane(Control function)
3,Data Plane(Data function)

1, Management Plane

To configure the devices like router, switch, firewall we can connect it by putty or terra term or anything like that, and we access it by using protocols such as telnet or ssh. the functions which allow this kind of management protocols to configure router is known as management plane.
Example:ssh,putty,http,https,syslog.

We can configure Cisco routers by CMD line or we can use GUI (graphical user interface) configuration tool for configuring Cisco IOS routers such as security device manager (SDM) and Cisco Configuration Professional (CCP).Now using CCP commonly for GUI configuration.GUI using web page for configurations so it using protocols such as HTTP or https.

While we configure through command line we can see messages like configuring through the console.It is known as syslog.
Suppose if we are configuring anything in the router that will log it.We can create a centralized server for syslog management.Suppose if are configuring through Telnet then the person who using console get messages that some changes happened through Telnet.
We are using syslog messages and SNMP Protocol for the management functions.

SNMP: Simple Network Management, It’s a protocol using in network monitoring software.

Network Monitoring Softwares

1, PRTG Network Monitor.

It's an open sourced software you can download it from the Internet.Installing this on a machine you can monitor the devices such as router, switch, firewall in that network.This software sending SNMP to devices periodically and collects pieces of information to monitor it.
Suppose if the interface of the router is down then this software will inform it to the network administrator.If we are buying higher features of this software then it will inform network status changes by email and call.

2, SolarWinds:

It's an another monitoring tool using widely.It's expensive.Administrators say that it gives accurate pieces of information by email, message, and call.