Linux Debian Fundamental Class

Linux Debian Fundamental ClassYaniko Dimas Yogo Prasetyo - @okinay

Penjelasan tentang debian server1What Will You Get?Linux BasicDNS ServerWeb ServerDHCP ServerMail ServerProxy ServerMembahas tentang linux basicMembahas tentang dns server2ObjectiveAt the end of this course, the student will:Be familiar with Linux Debian OS and basic command of LinuxBe able to configure, manage, do basic troubleshooting of Linux Debian OSBe able to build basic server services, such as DNS Server, Web Server, DHCP Server, Mail Server and Proxy Server

MODUL 1Linux Basic

Why Debian?Unparalleled supportEasy installationIncredible amounts of softwareEasy upgradesStabilityFast and easy on memoryDrivers for most hardware is written by GNU/Linux / GNU/kFreeBSD users, not the manufacturer.Good system securityMany more

Preparation DVD Source / ISO Debian 6Server Computer (or virtual box)Intel x86 : i386 / Intel 64 or AMD 65 : AMD64RAM > 2GBHDD > 40 GBInternet connection > 512 mbpsA cup of coffee or tea Install Virtual Box

Configure Virtual BoxOpen Oracle VM VirtualBoxThen click New icon to create new virtual machine

Give your Virtual Machine name, such as My DebianChoose Linux for Type field, then choose Debian (32bit) for Version field

Then follow the Wizard

Configure Virtual BoxAnd now, your Virtual Machine is almost ready

Configure Virtual BoxThen click Setting icon and choose Network tab

Configure Virtual BoxChoose Bridge Adapter for Attached to fieldAnd choose the adapter which is connected to Internet (Same as your computer connected to Internet)

Configure Virtual BoxThen choose Storage tab

Configure Virtual BoxThen choose the CD icon in Storage TreeClick the CD Icon in Attribute section and click Choose a vitual CD/DVD disk fileAnd choose your Debian 6 ISO fileThen click OK

12Configure Virtual BoxThen click Start icon and now you can start to Install you Debian

Install Debian 6When you already start your virtual machine, you can find the option of installing debian

Install Debian 6When you already start your virtual machine, you can find the option of installing debian

And choos Install then press EnterAnd now you can start to follow the wizard

Install Debian 6

And now your Debian 6 is ready to use

TopologyInternet

192.168.50.254/24192.168.50.100/24192.168.50.x/25 (dhcp)Basic Setup (Configure Network)Run this script to setup your new IP Address:# nano /etc/network/interfacesThen it will show you a configuration file to configure network

Basic Setup (Configure Network)At the section of # The primary network interface change the configuration script like below

Then run this script to restart the network service# /etc/init.d/networking restart

# The primary network interfaceauto eth0iface eth0 inet staticaddress 192.168.50.100netmask 255.255.255.0gateway 192.168.50.254Basic Setup (Configure Network)To check the new configuration of your netwok, run this script# ifconfig

New IP ConfigurationBasic Setup (Configure Network)Run this script to setup DNS:# nano /etc/resolv.confThen write the script with the following formatnameserver And you can add more than one DNS Server IP Address

Basic Setup (Configure Network)Now you can test your configuration by doing ping test# ping google.com

Basic Setup (Configure APT Package Source)Run this script to setup APT Package Source:# nano /etc/apt/sources.listThen write the script with the following format

Then save the configuration, and run the script below to upgrade your package source# apt-get update

Basic Setup (Configure SSh Server)Install SSh Server with the following script below# apt-get install openssh-serverthen you wait the installing processNow you can test the SSh Server with Remote SSh Program, such as Putty

Basic Setup (Testing SSh Server)Enter the Server IP Address in Host Name (or IP Address) section and choose SSH for connection type

Then click Open

MODUL 2DNS Server

Installing DNS ServerBind9 (Berkeley Internet Name Domain Ver. 9) One of the most popular DNS Server Application in Linux, and most of Linux Distro use it for DNS Server and its pretty easy to be configured and understoodYou can install bind9 by following this script below# apt-get install bind9And follow the wizardConfiguring DNS ServerThere are 4 important files that we will be configured/etc/bind/named.conf file forward file reverse /etc/resolv.confEdit and add some configuration script for Forward and Reverse in named.conf fileConfiguring DNS ServerRun this script below:# nano /etc/bind/named.conf.localThen Add this following script to it

zone "debiancourse.com" {//Your domain zone type master; file "db.debian";//FORWARD file location, by default located in /var/cache/bind/ }; zone "192.in-addr.arpa" {//The first IP Address block type master; file "db.192"; //REVERSE file location, by default located in /var/cache/bind/ };Configuring Forward FileRun this script below:# cp /etc/bind/db.local /var/cache/bind/db.debian# nano /var/cache/bind/db.debianThen Add this following script to it

$TTL 604800@INSOAdebiancourse.com. root.debiancourse.com. ( 2 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL;@INNSdebiancourse.com. ;add .dot. in every single domain you wrote@INA192.168.50.1wwwINA192.168.50.1myINA192.168.50.1Configuring Reverse FileRun this script below:# cp /etc/bind/db.127 /var/cache/bind/db.192# nano /var/cache/bind/db.192Then Add this following script to it

$TTL 604800@INSOAdebiancourse.com. root.debiancourse.com. ( 1 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL;@INNSdebiancourse.com.100.50.168 INPTRdebiancourse.com. ;write the IP reversedConfiguring DNS ClientRun this script below:# nano /etc/resolv.confThen Add this following script to first line

Restart bind9 service:# /etc/init.d/bind9 restart

search debaincourse.comNameserver 192.168.50.100

nameserver 192.168.50.254nameserver 202.134.0.155nameserver 202.134.1.10

Testing DNS ServerFrom Debian 6, run this script# ping debiancourse.com

From WindowsFirst, set your primary DNS to your server IP AddressThen run ping command to debiancourse.com on Command Prompt

MODUL 3Web Server

Installing Web ServerApache 2 One of the most popular Web Server Application in Linux, and most of Linux Distro use it for Web Server and its pretty easy to be configured and understood also have a lot of feature insideYou can install Apache2 by following this script below# apt-get install apt-get install apache2 php5 libapache2-mod-php5And follow the wizardTesting Web ServerAfter you have finished for installing Apache, you can test your Web Server by accessing your server IP Address or Domain

Access via IP AddressAccess via DomainWhat is Virtual Host?Virtual hostingis a method forhostingmultiple domain names (with separate handling of each name) on a single server (or pool of servers). This allows one server to share its resources, such as memory and processor cycles, without requiring all services provided to use the samehostname.

Configuring Virtual HostIn the DNS Modul, we have created a subdomain which is called my.debiancourse.com. Now, we will create virtual host for this subdomain

Now, run this script:# nano /etc/apache2/sites-available/my.debiancourse.comThen Add this following script to first line

#a2ensite my.debiancourse.com

ServerAdmin webmaster@debiancourse.comServerName my.debiancourse.comDocumentRoot /var/www/my.debiancourse.com

Configuring Virtual HostNow, we will make a directory for subdomain my.debiancourse.com# mkdir /var/www/my.debiancourse.comMake index page for my.debiancourse.com # nano /var/www/my.debiancourse.com/index.phpThen Add this following script to first line

And now restart you webserver service# /etc/init.d/apache2 restart

Testing Virtual HostAfter you have finished to configure virtual host, you can test your Web Server by accessing your server Subdomain: my.debiancourse.com

MODUL 4DHCP Server

What is DHCP?Dynamic Host Configuration Protocol (DHCP) is a network protocol that enables aserverto automatically assign an IP address to a computer from a defined range of numbers (i.e., a scope) configured for a given network.DHCPassigns an IP address when a system is started

Installing DHCP ServerDHCP3-ServerThis is the default program of DHCP server for Linux. This program is compatible for all kinds of linux distroYou can install DHCP Server by following this script below# apt-get install dhcp3-server And follow the wizardConfiguring DHCP ServerNow, run this script:# nano /etc/dhcp3/dhcp.confThen Add this following script to last line

And now restart the DHCP Server service# /etc/init.d/isc-dhcp-server restart

# A slightly different configuration for an internal subnet.subnet 192.168.50.0 netmask 255.255.255.0 { range 192.168.50.10 192.168.50.50; option domain-name-servers debiancourse.com; option domain-name debiancourse.com"; option routers 192.168.50.254; option broadcast-address 192.168.50.255; default-lease-time 600; max-lease-time 7200;}Testing DHCP ServerIt quite simple to test your DHCP Server, just connect your device directly to Server. And now, look at your network configuration detail

MODUL 5Email Server

What is Email Server?Amail server(also known as amailtransfer agent or MTA, amailtransport agent, amailrouter or an Internet mailer) is an application that receives incoming e-mailfrom local users (people within the same domain) and remote senders and forwards outgoing e-mailfor delivery.

Installing Email ServeriRedMailThis program is more advance from default Email Server in Linux. It has simply control panel and very easy to deployDownload the latest stable release # wget https://bitbucket.org/zhb/iredmail/downloads/iRedMail-0.8.5.tar.bz2Install package bzip2 # apt-get install bzip2 Extract iRedMail Package # tar xjf iRedMail-0.8.5.tar.bz2Change directory to iRedMail package directory # cd /root/iRedMail-0.8.5/And now start iRedMail Installer# bash iRedMail.sh

Installing Email Server

After you start iRedMail Installer process, your screen will be like thisThen choose Yes to continue the wizard installerAfter you choose Yes option, it will show a new wizard window like thisThen you choose NextInstalling Email Server

On next wizard, choose OpenLDAP option using Tab button then click Space button to selectThen press Tab until cursor appear on Next optionAnd press Enter to excecute

Edit LDAP suffix todc=debiancourse,dc=comThen press EnterInstalling Email ServerSpecify password for root LDAPAnd press Enter to excecuteSpecify password for MySQL AdministratorThen press Enter

Installing Email ServerSpecify first virtual domainFill the field with debiancourse.comAnd press EnterSpecify password for DomainThen press Enter

Installing Email ServerSelect all optional components And press EnterThen it show you a confirmation to installing iRedMailThen press yPress EnterAnd it start to download all components

Configuring MX RecordYour email server is almost ready, now add MX Record in your DNS Forward FileOpen DNS forward file# nano /var/cache/bind/db.debianAdd this script on the last line@INMX192.168.50.100Restart bind9 service# /etc/init.d/bind9 restart

iRedAdmin Control PaneliRedAdmin is control panel for your email server. Now, you can easily manage your email server such as managing user and domainOpen iRedAdmin Control Panel by opening this urlhttps://debiancourse.com/iredadmin

iRedAdmin Control PanelThen login to itUsername: postmaster@debiancourse.comPassword: Now you have entered iRedAdmin Control Panel

Adding Email UserAfter you enter iRedAdmin Control Panel, now select Add menu and click User

Then enter your new user

Testing Email ServerAfter youve created at least 2 user for email server, now open iRedMail Webmail Page by opening this urlhttps://debiancourse.com/mail/Login with user that you have created

Testing Email ServerThen you compose an email to another user that you have created before

In another kind of browser, open IRedMail Webmail. Then login to second user that you have created. And you can find a message that you have sent from first user account

MODUL 6Proxy Server

What is Proxy Server?In computer networks, aproxy serveris a server(a computer system or an application) that acts as an intermediary for requests from clients seeking resources from otherservers.

Installing Proxy ServerSquidA proxyserverand web cache daemon. It has a wide variety of uses, from speeding up a webserverby caching repeated requests; to caching web, DNS and other computer network lookups for a group of people sharing network resources; to aiding security by filtering traffic.

Install Squid Proxy Server # apt-get install squid

Configuring Proxy ServerOpen Squid configuration file# nano /etc/squid/squid.confDelete command sign (#) in front of this script below and edit if it necessary

For access list, add script below to ACL section

#. . . http_port 3128 transparent #add transparent cache_mem 16 MBcache_mgr admin@debiancourse.comvisible_hostname proxy.debiancourse.com#. . . acl url dstdomain /etc/squid/url #blocked domainsacl key url_regex i /etc/squid/key #blocked wordshttp_access deny url http_access deny key acl lan src 192.168.50.0/24 #local IP Addresshttp_access allow lan http_access allow all Configuring Proxy ServerMake a blocked site list# nano /etc/squid/urlAnd enter the site that you will be blocked and save itdetik.comkaskus.co.idMake a blocked words list# nano /etc/squid/keyAnd enter the site that you will be blocked and save itsexpornAnd start # squid -z

Testing Proxy ServerPoint your browser proxy setting to your proxy IP Address

Testing Proxy ServerPoint your browser proxy setting to your proxy IP Address

Testing Proxy ServerAnd now open site url that you have blocked before

AdditionalIf you use your Proxy Server, you make as a Gateway Server other than as Proxy Server. You can make a Transparent Proxy with it. Transparent proxy will force every single package to pass through the proxy before it go to Internet

How?Just add this IPTABLES to your server# iptables t nat A PREROUTING s 192.168.50.0/24 p tcp --dport 80 j REDIRECT --to-port 3128# iptables-save > /etc/iptables