Linux Debian Fundamental Class Penjelasan tentang debian server Yaniko Dimas Yogo Prasetyo - @okinay

What Will You Get? Linux Basic DNS Server Web Server DHCP Server Mail Server Proxy Server Membahas tentang linux basic Membahas tentang dns server

Objective At the end of this course, the student will: Be familiar with Linux Debian OS and basic command of Linux Be able to configure, manage, do basic troubleshooting of Linux Debian OS Be able to build basic server services, such as DNS Server, Web Server, DHCP Server, Mail Server and Proxy Server

MODUL 1 Linux Basic

Why Debian? Unparalleled support Easy installation Incredible amounts of software Easy upgrades Stability Fast and easy on memory Drivers for most hardware is written by GNU/Linux / GNU/kFreeBSD users, not the manufacturer. Good system security Many more…

Preparation DVD Source / ISO Debian 6 Server Computer (or virtual box) Intel x86 : i386 / Intel 64 or AMD 65 : AMD64 RAM > 2GB HDD > 40 GB Internet connection > 512 mbps A cup of coffee or tea 

Install Virtual Box

Configure Virtual Box Open “Oracle VM VirtualBox” Then click “New” icon to create new virtual machine Give your Virtual Machine name, such as “My Debian” Choose “Linux” for “Type” field, then choose “Debian (32bit)” for “Version” field Then follow the Wizard

Configure Virtual Box And now, your Virtual Machine is almost ready

Configure Virtual Box Then click “Setting” icon and choose “Network” tab

Configure Virtual Box Choose “Bridge Adapter” for “Attached to” field And choose the adapter which is connected to Internet (Same as your computer connected to Internet)

Configure Virtual Box Then choose “Storage” tab

Configure Virtual Box Then choose the CD icon in “Storage Tree” Click the CD Icon in “Attribute” section and click “Choose a vitual CD/DVD disk file” And choose your Debian 6 ISO file Then click OK 1 2

Configure Virtual Box Then click “Start” icon and now you can start to Install you Debian

Install Debian 6 When you already start your virtual machine, you can find the option of installing debian

Install Debian 6 When you already start your virtual machine, you can find the option of installing debian And choos “Install” then press “Enter” And now you can start to follow the wizard

Install Debian 6 And now your Debian 6 is ready to use 

Topology 192.168.50.100/24 Internet 192.168.50.254/24 192.168.50.x/25 (dhcp)

Basic Setup (Configure Network) Run this script to setup your new IP Address: # nano /etc/network/interfaces Then it will show you a configuration file to configure network

Basic Setup (Configure Network) At the section of “# The primary network interface” change the configuration script like below Then run this script to restart the network service # /etc/init.d/networking restart # The primary network interface auto eth0 iface eth0 inet static address 192.168.50.100 netmask 255.255.255.0 gateway 192.168.50.254

Basic Setup (Configure Network) To check the new configuration of your netwok, run this script # ifconfig New IP Configuration

Basic Setup (Configure Network) Run this script to setup DNS: # nano /etc/resolv.conf Then write the script with the following format nameserver <DNS Server IP Address> And you can add more than one DNS Server IP Address

Basic Setup (Configure Network) Now you can test your configuration by doing ping test # ping google.com

Basic Setup (Configure APT Package Source) Run this script to setup APT Package Source: # nano /etc/apt/sources.list Then write the script with the following format Then save the configuration, and run the script below to upgrade your package source # apt-get update

Basic Setup (Configure SSh Server) Install SSh Server with the following script below # apt-get install openssh-server then you wait the installing process Now you can test the SSh Server with Remote SSh Program, such as “Putty”

Basic Setup (Testing SSh Server) Enter the Server IP Address in “Host Name (or IP Address)” section and choose “SSH” for connection type Then click “Open”

MODUL 2 DNS Server

Installing DNS Server Bind9 (Berkeley Internet Name Domain Ver. 9) One of the most popular DNS Server Application in Linux, and most of Linux Distro use it for DNS Server and it’s pretty easy to be configured and understood You can install bind9 by following this script below # apt-get install bind9 And follow the wizard

Configuring DNS Server There are 4 important files that we will be configured /etc/bind/named.conf file forward file reverse /etc/resolv.conf Edit and add some configuration script for “Forward” and “Reverse” in “named.conf” file

Configuring DNS Server Run this script below: # nano /etc/bind/named.conf.local Then Add this following script to it zone "debiancourse.com" { //Your domain zone type master; file "db.debian"; //FORWARD file location, by default located in /var/cache/bind/ }; zone "192.in-addr.arpa" { //The first IP Address block file "db.192"; //REVERSE file location, by default located in /var/cache/bind/

Configuring Forward File Run this script below: # cp /etc/bind/db.local /var/cache/bind/db.debian # nano /var/cache/bind/db.debian Then Add this following script to it $TTL 604800 @ IN SOA debiancourse.com. root.debiancourse.com. ( 2 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; @ IN NS debiancourse.com. ;add .dot. in every single domain you wrote @ IN A 192.168.50.1 www IN A 192.168.50.1 my IN A 192.168.50.1

Configuring Reverse File Run this script below: # cp /etc/bind/db.127 /var/cache/bind/db.192 # nano /var/cache/bind/db.192 Then Add this following script to it $TTL 604800 @ IN SOA debiancourse.com. root.debiancourse.com. ( 1 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; @ IN NS debiancourse.com. 100.50.168 IN PTR debiancourse.com. ;write the IP reversed

Configuring DNS Client Run this script below: # nano /etc/resolv.conf Then Add this following script to first line Restart bind9 service: # /etc/init.d/bind9 restart search debaincourse.com Nameserver 192.168.50.100 nameserver 192.168.50.254 nameserver 202.134.0.155 nameserver 202.134.1.10

Testing DNS Server From Debian 6, run this script # ping debiancourse.com From Windows First, set your primary DNS to your server IP Address Then run ping command to debiancourse.com on Command Prompt

MODUL 3 Web Server

Installing Web Server Apache 2 One of the most popular Web Server Application in Linux, and most of Linux Distro use it for Web Server and it’s pretty easy to be configured and understood also have a lot of feature inside You can install Apache2 by following this script below # apt-get install apt-get install apache2 php5 libapache2-mod-php5 And follow the wizard

Testing Web Server After you have finished for installing Apache, you can test your Web Server by accessing your server IP Address or Domain Access via IP Address Access via Domain

What is Virtual Host? Virtual hosting is a method for hosting multiple domain names (with separate handling of each name) on a single server (or pool of servers). This allows one server to share its resources, such as memory and processor cycles, without requiring all services provided to use the samehost name.

Configuring Virtual Host In the DNS Modul, we have created a subdomain which is called my.debiancourse.com. Now, we will create virtual host for this subdomain Now, run this script: # nano /etc/apache2/sites-available/my.debiancourse.com Then Add this following script to first line #a2ensite my.debiancourse.com <VirtualHost *:80> ServerAdmin webmaster@debiancourse.com ServerName my.debiancourse.com DocumentRoot /var/www/my.debiancourse.com </VirtualHost>

Configuring Virtual Host Now, we will make a directory for subdomain my.debiancourse.com # mkdir /var/www/my.debiancourse.com Make index page for my.debiancourse.com # nano /var/www/my.debiancourse.com/index.php Then Add this following script to first line And now restart you webserver service # /etc/init.d/apache2 restart <?php phpinfo(); ?>

Testing Virtual Host After you have finished to configure virtual host, you can test your Web Server by accessing your server Subdomain: my.debiancourse.com

MODUL 4 DHCP Server

What is DHCP? Dynamic Host Configuration Protocol (DHCP) is a network protocol that enables a server to automatically assign an IP address to a computer from a defined range of numbers (i.e., a scope) configured for a given network. DHCP assigns an IP address when a system is started

Installing DHCP Server DHCP3-Server This is the default program of DHCP server for Linux. This program is compatible for all kinds of linux distro You can install DHCP Server by following this script below # apt-get install dhcp3-server And follow the wizard

Configuring DHCP Server Now, run this script: # nano /etc/dhcp3/dhcp.conf Then Add this following script to last line And now restart the DHCP Server service # /etc/init.d/isc-dhcp-server restart # A slightly different configuration for an internal subnet. subnet 192.168.50.0 netmask 255.255.255.0 { range 192.168.50.10 192.168.50.50; option domain-name-servers debiancourse.com; option domain-name “debiancourse.com"; option routers 192.168.50.254; option broadcast-address 192.168.50.255; default-lease-time 600; max-lease-time 7200; }

Testing DHCP Server It quite simple to test your DHCP Server, just connect your device directly to Server. And now, look at your network configuration detail

MODUL 5 Email Server

What is Email Server? A mail server (also known as a mail transfer agent or MTA, a mailtransport agent, a mail router or an Internet mailer) is an application that receives incoming e- mail from local users (people within the same domain) and remote senders and forwards outgoing e-mail for delivery.

Installing Email Server iRedMail This program is more advance from default Email Server in Linux. It has simply control panel and very easy to deploy Download the latest stable release # wget https://bitbucket.org/zhb/iredmail/downloads/iRedMail-0.8.5.tar.bz2 Install package bzip2 # apt-get install bzip2 Extract iRedMail Package # tar xjf iRedMail-0.8.5.tar.bz2 Change directory to iRedMail package directory # cd /root/iRedMail-0.8.5/ And now start iRedMail Installer # bash iRedMail.sh

Installing Email Server After you start iRedMail Installer process, your screen will be like this Then choose “Yes” to continue the wizard installer After you choose “Yes” option, it will show a new wizard window like this Then you choose “Next”

Installing Email Server On next wizard, choose “OpenLDAP” option using “Tab” button then click “Space” button to select Then press “Tab” until cursor appear on “Next” option And press “Enter” to excecute Edit LDAP suffix to dc=debiancourse,dc=com Then press “Enter”

Installing Email Server Specify password for root LDAP And press “Enter” to excecute Specify password for MySQL Administrator Then press “Enter”

Installing Email Server Specify first virtual domain Fill the field with debiancourse.com And press “Enter” Specify password for Domain Then press “Enter”

Installing Email Server Select all optional components And press “Enter” Then it show you a confirmation to installing iRedMail Then press “y” Press “Enter” And it start to download all components

Configuring MX Record Your email server is almost ready, now add MX Record in your DNS Forward File Open DNS forward file # nano /var/cache/bind/db.debian Add this script on the last line @ IN MX 192.168.50.100 Restart bind9 service # /etc/init.d/bind9 restart

iRedAdmin Control Panel iRedAdmin is control panel for your email server. Now, you can easily manage your email server such as managing user and domain Open iRedAdmin Control Panel by opening this url https://debiancourse.com/iredadmin

iRedAdmin Control Panel Then login to it Username : postmaster@debiancourse.com Password : <your email server password> Now you have entered iRedAdmin Control Panel

Adding Email User After you enter iRedAdmin Control Panel, now select “Add” menu and click “User” Then enter your new user

Testing Email Server After you’ve created at least 2 user for email server, now open iRedMail Webmail Page by opening this url https://debiancourse.com/mail/ Login with user that you have created

Testing Email Server Then you compose an email to another user that you have created before In another kind of browser, open IRedMail Webmail. Then login to second user that you have created. And you can find a message that you have sent from first user account

MODUL 6 Proxy Server

What is Proxy Server? In computer networks, a proxy server is a server (a computer system or an application) that acts as an intermediary for requests from clients seeking resources from other servers.

Installing Proxy Server Squid A proxy server and web cache daemon. It has a wide variety of uses, from speeding up a web server by caching repeated requests; to caching web, DNS and other computer network lookups for a group of people sharing network resources; to aiding security by filtering traffic. Install Squid Proxy Server # apt-get install squid

Configuring Proxy Server Open Squid configuration file # nano /etc/squid/squid.conf Delete command sign (#) in front of this script below and edit if it necessary For access list, add script below to ACL section #. . . http_port 3128 transparent #add “transparent” cache_mem 16 MB cache_mgr admin@debiancourse.com visible_hostname proxy.debiancourse.com acl url dstdomain “/etc/squid/url” #blocked domains acl key url_regex –i “/etc/squid/key” #blocked words http_access deny url http_access deny key acl lan src 192.168.50.0/24 #local IP Address http_access allow lan http_access allow all

Configuring Proxy Server Make a blocked site list # nano /etc/squid/url And enter the site that you will be blocked and save it detik.com kaskus.co.id Make a blocked words list # nano /etc/squid/key And enter the site that you will be blocked and save it sex porn And start # squid -z

Testing Proxy Server Point your browser proxy setting to your proxy IP Address

Testing Proxy Server Point your browser proxy setting to your proxy IP Address

Testing Proxy Server And now open site url that you have blocked before

Additional If you use your Proxy Server, you make as a Gateway Server other than as Proxy Server. You can make a Transparent Proxy with it. Transparent proxy will force every single package to pass through the proxy before it go to Internet How? Just add this IPTABLES to your server # iptables –t nat –A PREROUTING –s 192.168.50.0/24 –p tcp --dport 80 –j REDIRECT --to-port 3128 # iptables-save > /etc/iptables