LINUX SERVER BUILD & SECURITY CONFIG N.E.T LAB Junior, 05 HJS Sophomore, 04 PJK Network Engineer Training Laboratory.

Slides:



Advertisements
Similar presentations
How to Deploy a Cloud Based Webserver in 5 minutes.
Advertisements

December, 2008 CS-591 Securing Servers: International Capture the Flag 1 Nadine Sundquist CS591-F2008 University of Colorado, Colorado Springs Dr. C. Edward.
Dan Fleck.  WAMP – Windows Apache MySQL PHP -  LAMP – Linux Apache MySQL PHP ◦ There are.
LIS654lecture 3 omeka installation and system overview start Thomas Krichel
CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.
Building a Home Web Server Grant Root
Securing Network using Linux. Lesson Outline Setting up a secure system TCP Wrapper configuration Firewalls in Linux Authentication Systems –NIS –Kerberos.
© Copyright 1997, The University of New Mexico C-1 Internet Service Provider Services What to do once you’re connected.
1 實驗十:以 Linux 架設 Internet/Intranet 伺服 器 教師: 助教:. 2 Outline  Background  Linux system  Popular Internet services  Internet services  Internet  HTTP.
Securing LAMP: Linux, Apache, MySQL and PHP Track 2 Workshop PacNOG 7 July 1, 2010 Pago Pago, American Samoa.
Ssh: secure shell. overview Purpose Protocol specifics Configuration Security considerations Other uses.
Linux System Administration LINUX SYSTEM ADMINISTRATION.
Web Server Configuration Alokes Chattopadhyay Computer & Informatics Centre IIT Kharagpur.
Configuring a Web Server. Overview Overview of IIS Preparing for an IIS Installation Installing IIS Configuring a Web Site Administering IIS Troubleshooting.
Penetration Testing Training Day Capture the Flag Training.
VsFTP in Linux. Introduction to FTP The File Transfer Protocol (FTP) is used as one of the most common means of copying files between servers over the.
Drupal Jumpstart Information Systems 337 Prof. Harry Plantinga.
ITI-481: Unix Administration Meeting 3. Today’s Agenda Hands-on exercises with booting and software installation. Account Management Basic Network Configuration.
Inetd...Server of Servers Looks at a number of ports Determines when a service is needed on any of those ports Calls the appropriate server Restarts new.
Hour 7 The Application Layer 1. What Is the Application Layer? The Application layer is the top layer in TCP/IP's protocol suite Some of the components.
Linux Services Muhammad Amer. 2 xinetd Programs  In computer networking, xinetd, the eXtended InterNET Daemon, is an open-source super-server daemon.
Configuring BackTrack Michael Holcomb, CISSP Upstate ISSA Chapter.
Hands On Networking Network Applications Ram P Rustagi, ISE Dept Kundan Kumar, MCA Dept Manini Sahoor, MCA Dept Ravi Teja, MCA Dept Sourav.
1 Welcome to CSC 301 Web Programming Charles Frank.
Advanced Unix Chapter 14. Network Tools There are many, many network tools that come with a standard Linux installation. There are many, many network.
CIS 192B – Lesson 3 Network Information Services.
Linux Security. Module 13 – Linux Security ♦ Overview Linux is more prone today to security loopholes and attacks, both inside and outside the network.
Networking in Linux. ♦ Introduction A computer network is defined as a number of systems that are connected to each other and exchange information across.
Linux Services Configuration
Database Security David Nguyen. Dangers of Internet  Web based applications open up new threats to a corporation security  Protection of information.
Unix network Services. Configuring a network interface In Unix there are essentially two commands that are used to enable TCP/IP. ifconfig route.
17 Establishing Dial-up Connection to the Internet Using Windows 9x 1.Install and configure the modem 2.Configure Dial-Up Adapter 3.Configure Dial-Up Networking.
VIRTUAL HOSTING WITH PureFTPd And MYSQL (Quota And Bandwidth Management) BY Odoh Kenneth Emeka Sun Yu Patrick Appiah.
Protocols Monil Adhikari. Agenda Introduction Port Numbers Non Secure Protocols FTP HTTP Telnet POP3, SMTP Secure Protocols HTTPS.
Application of the Internet 1998/12/09 KEIO University, JAPAN Mikiyo
Unit – 5 FTP Server. FTP Introduction One of the oldest and most commonly used protocols The original specification for the File Transfer Protocol was.
INTERNET APPLICATIONS CPIT405 Install a web server and analyze packets.
Chapter 7: Using Network Clients The Complete Guide To Linux System Administration.
WordPress and Etherpad with BlueMix and Docker. Our aim is to run on BlueMix containers (now in beta) these two famous services In the BlueMix dashboard,
How FTP works ? & Send you web pages to server Speaker : Frank Liu.
L.A.M.P. İlker Korkmaz & Kaya Oğuz CS 350. Why cover a lecture on LAMP? ● Job Opportunities – There are many hosting companies offering LAMP as a web.
Linux Basics Part 2. VIM Editor vi improved Installed on most Linux machines Can be a bit confusing at first... o Cheat sheets FTW Other popular editors:
Using Linux Kaya Oğuz Room: 310.
VMware ESX and ESXi Module 3.
NAT、DHCP、Firewall、FTP、Proxy
Chap-I Network and System Configuration in Linux
Chapter 7: Using Network Clients
FIREWALL configuration in linux
Mail Server Basic.
Chapter 9 Router Configuration (Ospf, Rip) Webmin, usermin Team viewer
UNIX Introduction History Main Features UNIX Operating System
Labs – Installing a FTP Server
LINUX ADMINISTRATION
LINUX ADMINISTRATION 1
Unix System Administration
Unix Linux Administration I
SUBMITTED BY: NAIMISHYA ATRI(7TH SEM) IT BRANCH
Lab 1 introduction, debrief
Welcome To : Group 1 VC Presentation
CompTIA Server+ Certification (Exam SK0-004)
IS3440 Linux Security Unit 6 Using Layered Security for Access Control
INSTALLING AND SETTING UP APACHE2 IN A LINUX ENVIRONMENT
IIS.
Chapter 27: System Security
Network Services.
OPS235: Configuring a Network Using Virtual Machines – Part 2
COP 4343 Unix System Administration
Firewalls By conventional definition, a firewall is a partition made
LINUX SYSTEM ADMINISTRATION
Module 12 Network Configuration
Presentation transcript:

LINUX SERVER BUILD & SECURITY CONFIG N.E.T LAB Junior, 05 HJS Sophomore, 04 PJK Network Engineer Training Laboratory

TABLE & GRAPH

CONTENTS BEGIN,, ◎ Built environment - p. 4 ◎ Install - p. 5 SERVER,, ◎ DNS server config - p. 6 ◎ TELNET sever config - p. 8 ◎ FTP server config - p. 9 ◎ DB server config - p. 10 ◎ WEB server config - p. 11 Network Engineer Training Laboratory EXAM SERVER,, ◎ Simple WEB server page - p. 12 ◎ DB server use for PHP - p. 13 SECURITY,, ◎ Soft security - p. 14 ◎ Hard security - p. 15 BACKUP,, ◎ Two week-cycle auto backup at DB server PC #hdb - p. 16 FIN,, - p. 18

Built environment ◎ Used two PC for cross server PC #1 PC #2 º DNS serverº DATABASE server º WEB serverº BACKUP server º FTP server º TELNET server Network Engineer Training Laboratory BEGIN,, DEBIAN LINUX SERIES DEBIAN LINUX UBUNTU 5.01 KERNELUBUNTU Mbps NETWORK100 Mbps IP ADDRESS P4 2.8C PC SPECAMD GB ram/160GB HDD 512MB ram/5GB HDD p. 4

Install ◎ COMMON º Select language : ENGLISH (UNITED STATES) º Hostname : djnet.dnip.net º Partitioning : HDD - 100% = / - 10%, swap - 1GB, /BOOT – 30%, /VAR – the rest of the HDD º The Network : Edit /etc/network/interfaces, adjust it. IPADDR, NETMASK, NETWORK, BROADCAST, GATEWAY º Hosts : Edit /etc/hosts -> add new IPADDR º Update & Upgrade : Edit /etc/apt/sources.list -> add recent archive site Do #apt-get update & #apt-get upgrade º Install SSH & ETC library (cpp, lib, tool etc,,) Network Engineer Training Laboratory BEGIN,, p. 5 ◎ PC #1 º DNS server : Install bind9 & bind9 config logging deamon & restart º WEB server : Install apache2 º FTP server : Install vsftpd º TELNET server : Install telnetd ◎ PC #2 º DATABASE server : Install My-SQL º BACKUP server * About hacking intercepts the outside IPADDR because of defense. PC #1PC #2

DNS server config ◎ Domain name system - Converts IPADDR with Domain Name and the system which provides routing system Network Engineer Training Laboratory SERVER,, p. 6 ◎ DNS config - Edit /etc/bind/named.conf, adjust it. & make file /etc/bind/dj-djnet /etc/bind/named.conf/etc/bind/db-djnet

DNS server config ◎ DNS server application - When there is not DNS and the Internet is not connected. Network Engineer Training Laboratory SERVER,, p. 7 ◎ DNS Install & configure

TELNET server config ◎ Teletype-network - Network protocol used on the Internet or LAN connections Network Engineer Training Laboratory SERVER,, p. 8 ◎ TELNET server application -Connected telnet server Ls command Execution (LS is DOS’s dir command) ◎ TELNET config ▷ Make /etc/xinetd.conf, adjust it.

FTP server config ◎ File Transfer Protocol - The network leads and sends a file and receives the protocol Network Engineer Training Laboratory SERVER,, p. 9 ◎ FTP server application Connected FTP server Help command and LS command executions ◎ FTP config ▷ Edit /etc/vsftpd.conf, adjust permission and port REMOVE # >> listen=YES, local_enable=YES, write_enable=YES ADD # >> anonymous_enable=YES

DB server config ◎ Data-Base server - Server for database input-output control Network Engineer Training Laboratory SERVER,, p. 10 ◎ MYSQL config ▷ Edit /etc/mysql/my.cnf, adjust it. REMOVE # >> bind-address = ▷ Executes mysql, add user and grant privileges. sql> GRANT ALL PRIVILEGES ON net(DBNAME).* TO IDENTIFIED BY ‘password'; ◎ DB server application Connected DB server Login root Show databases command and use mysql execution

WEB server config ◎ Web server - Program for web service Network Engineer Training Laboratory SERVER,, p. 11 ◎ Httpd config ▷ Edit /etc/apache2/apache2.conf, adjust it. ADD DirectoryIndex line >> index.php, index.php3, index.html ADD line >> AddDefaultCharSet EUC-KR If user want private folder then remove #

Simple WEB server page ◎ Web server is runningHTTP://djnet.dnip.net Network Engineer Training Laboratory EXAM SERVER,, p. 12 ◎ Server information ▷ The homepage is located in /var/www/ ▷ APM system was applied (apache + php + mysql) ▷ Unlimited traffic SAMPLE PAGE

DB server use for PHP ◎ Sample guestbook made by PHP ▷ is runningHTTP://djnet.dnip.net/guest Network Engineer Training Laboratory EXAM SERVER,, p. 13

Soft security ◎ Console approach control (/etc/lilo.conf << add password ) Network Engineer Training Laboratory SECURITY,, p. 14 ◎ Remove useless daemon ◎ TELNET use prohibition -> SSH (secure shell) ◎ Permission set -> #chmod –R 711 ◎ Connection limitation Edit /etc/hosts.deny/ << in.telnetd:ALL Edit /etc/hosts.allow/ << in.telnetd:IPADDR

Hard security ◎ Port interceptions - firewallstarter (UBUNTU Linux don’t need it) - EDIT /etc/services  port list file, Network Engineer Training Laboratory SECURITY,, p. 15 ◎ DNS security - EDIT /etc/bind/named.conf.options << << allow-transfer { none; }; ◎ IPCHAINS (iptable) - #ipchains –A input –s 0/0 ! www –p tcp –j DENY ※ Command toward server with packet mode, ipchain packet filtering Processing resulting output Checksum Sanity Input Chain DeMasquerade Routing Decision Local Output Chain Forward Chain Forward Chain Filtering of Packet

DB-server IPADDR Web-server Group ID BACKUP SYSTEM Network Engineer Training Laboratory BACKUP,, p. 16 ◎ PC #1 Web-server º Make shell script for webpage backup >> make file /root/backup.sh ◎ For auto backup system used tar, rsync and crontab º Add crontab schedule >> * * * /root/backup.sh º Configure rsync >> make file /etc/rsyncd.conf º Make file /etc/xinetd.d/rsync ◎ Every day 06:00 execute auto backup for Web-server’s webpages ◎ PC#1 backup system finished

HDB#2 증가백업 HDB#1 증가백업 HDB#2 증가백업 HDB#1 증가백업 HDB#2 증가백업 HDB#1 증가백업 일 월 화 수 목 금 HDB#2 증가백업 HDB#1 증가백업 HDB#2 증가백업 HDB#1 증가백업 HDB#2 증가백업 HDB#1 증가백업 금목 수 화 월 일 HDB#1 완전백업 HDB#2 완전백업 토토 매체백업매체백업 매체백업매체백업 Information HDA, HDB BACKUP SYSTEM Network Engineer Training Laboratory BACKUP,, p. 17 ◎ PC #2 config for two-week cycle backup at #hdb º Partition hdb -> hdb1, hdb2 ▷ Time plan and synopsis ▷ Edit crontab schedule and make shell script file ▷ Make shell script file >> /root/backup.sh º Rsync –avz :backup/ /backup ◎ PC#2 backup system finished

FINISH Network Engineer Training Laboratory FIN,, p. 18 WORK STATION in N.E.T lab. ▷ Necessity of server ▷ Prospect of server.. I knew if I stayed around l ong enough, something lik e this would happen (George Bernard Shaw)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.