awkmu nek pngen nyeting DNS pertama-tama kudu install seng onok ngisor iki:
Instalasi Paket
Intalasi paket neng debian gampang nek nggawe apt-get.
root@ns:~$ apt-get install bind9
root@dhcp:~$ apt-get install dhcp3-server
root@eclipse:~$ apt-get install dhcp3-client
Konfigurasi DNS-Server
Konfigurasi seng dibutuhno nek DNS-server iku neng nggone file named.conf ambek file db seng nangani zone domain.
Konfigurasi named.conf
Konfigurasi gawe zone file gak onok perbedaane neng konfigurasi DNS-server seng biasa. Contone konfigurasi named.conf :
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local
include “/etc/bind/named.conf.options”;
// prime the server with knowledge of the root servers
zone “.” {
type hint;
file “/etc/bind/db.root”;
};
// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912
zone “localhost” {
type master;
file “/etc/bind/db.local”;
};
zone “127.in-addr.arpa” {
type master;
file “/etc/bind/db.127″;
};
zone “tkj.com” {
type master;
file “/var/cache/bind/db.debian”;
};
zone “192.in-addr.arpa” {
type master;
file “/var/cache/bind/db.192″;
};
// zone “com” { type delegation-only; };
// zone “net” { type delegation-only; };
// From the release notes:
// Because many of our users are uncomfortable receiving undelegated answers
// from root or top level domains, other than a few for whom that behaviour
// has been trusted and expected for quite some length of time, we have now
// introduced the “root-delegations-only” feature which applies delegation-only
// logic to all top level domains, and to the root domain. An exception list
// should be specified, including “MUSEUM” and “DE”, and any other top level
// domains from whom undelegated responses are expected and trusted.
// root-delegation-only exclude { “DE”; “MUSEUM”; };
include “/etc/bind/named.conf.local”;
nek wes mari ngedit file iku mau disave nggawe f2,
terus copy en file db.127 mbek db.local neng directory seng podo..mbek dipindahno file iku neng directory /var/cache/bind, terus gantien nama file iku..awk dewe ganti nama file iku dadi.
db.127 menjadi db.192
db.local menjadi db.debian
mari ngono editen file db.192 dadi sebagai berikut
$TTL 604800
@ IN SOA debian.com. root.debian.com.
; serial
604800 ; refresh
86400 ; retry
2419200 ; expire
604800 ; negative cache TTL
;
@ IN NS debian.com.
1.1.168 IN PTR debian.com.
www IN PTR debian.com.
terus neng file db.debian awk dewe mek nggenti file tersebut
$TTL 604800
@ IN SOA debian.com. root.debian.com.
; serial
604800 ; refresh
86400 ; retry
2419200 ; expire
604800 ; negative cache TTL
;
@ IN NS debian.com.
@ IN A 192.168.1.1
www IN A 192.168.1.1
nek wes mari save gae f2
terus bind9ne restart ren gae perintah /etc/init.d/bind9 restart
nek gak onok kata FAILED pas di restart seneng kon………..
NEK WES ISOK OJOK GAYA TAPI… SLIMNOT
OCEE..
DHCP3-SERVER
Pertama sebelum instalasi dns server kita harus instalasi terlebih dahulu dhcp3-server..ada banyak cara untuk kita lakukan instalasi dhcp3-server…yang pertama kita menggunakan cara :
- aptitude àpada console kita ketikkan perintah aptitude àlalu kita pilih not installed packageàlalu tekan / untuk melakukan pencarianàlalu ketikkan dhcp3-server pada modus pencarian
- yang kedua dengan menggunakan perintah apt -get installàpada console kita ketikkan apt-get install dhcp3-server…lalu masukkan cd yang diminta untuk instalasi dhcp3-server..
setalah kita menyelesaikan instalasi dhcp3-server..masuk pada mcàetcàdhcp3/dhcpd.conf…pada directory ini kita akan melakukan beberapa konfigurasi pada file didalamnya…
#
# Sample configuration file for ISC dhcpd for Debian
#
# $Id: dhcpd.conf,v 1.1.1.1 2002/05/21 00:07:44 peloy Exp $
#
# The ddns-updates-style parameter controls whether or not the server will
# attempt to do a DNS update when a lease is confirmed. We default to the
# behavior of the version 2 packages (’none’, since DHCP v2 didn’t
# have support for DDNS.)
ddns-update-style none;
# option definitions common to all supported networks…
#option domain-name “example.org”;
#option domain-name-servers ns1.example.org, ns2.example.org;
#default-lease-time 600;
#max-lease-time 7200;
# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
#authoritative;
# Use this to send dhcp log messages to a different log file (you also
# have to hack syslog.conf to complete the redirection).
log-facility local7;
# No service will be given on this subnet, but declaring it helps the
# DHCP server to understand the network topology.
#subnet 10.152.187.0 netmask 255.255.255.0 {
#}
# This is a very basic subnet declaration.
#subnet 10.254.239.0 netmask 255.255.255.224 {
# range 10.254.239.10 10.254.239.20;
# option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org;
#}
# This declaration allows BOOTP clients to get dynamic addresses,
# which we don’t really recommend.
#subnet 10.254.239.32 netmask 255.255.255.224 {
# range dynamic-bootp 10.254.239.40 10.254.239.60;
# option broadcast-address 10.254.239.31;
# option routers rtr-239-32-1.example.org;
#}
# A slightly different configuration for an internal subnet.
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.2 192.168.1.10;
option domain-name-servers www.debian.com;
# option domain-name “internal.example.org”;
option routers 192.168.1.1;
option broadcast-address 192.168.1.255;
default-lease-time 600;
max-lease-time 7200;
}
# Hosts which require special configuration options can be listed in
# host statements. If no address is specified, the address will be
# allocated dynamically (if possible), but the host-specific information
# will still come from the host declaration.
#host passacaglia {
# hardware ethernet 0:0:c0:5d:bd:95;
# filename “vmunix.passacaglia”;
# server-name “toccata.fugue.com”;
#}
# Fixed IP addresses can also be specified for hosts. These addresses
# should not also be listed as being available for dynamic assignment.
# Hosts for which fixed IP addresses have been specified can boot using
# BOOTP or DHCP. Hosts for which no fixed address is specified can only
# be booted with DHCP, unless there is an address range on the subnet
# to which a BOOTP client is connected which has the dynamic-bootp flag
# set.
#host fantasia {
# hardware ethernet 08:00:07:26:c0:a5;
# fixed-address fantasia.fugue.com;
#}
# You can declare a class of clients and then do address allocation
# based on that. The example below shows a case where all clients
# in a certain class get addresses on the 10.17.224/24 subnet, and all
# other clients get addresses on the 10.0.29/24 subnet.
#class “foo” {
# match if substring (option vendor-class-identifier, 0, 4) = “SUNW”;
#}
#shared-network 224-29 {
# subnet 10.17.224.0 netmask 255.255.255.0 {
# option routers rtr-224.example.org;
# }
# subnet 10.0.29.0 netmask 255.255.255.0 {
# option routers rtr-29.example.org;
# }
# pool {
# allow members of “foo”;
# range 10.17.224.10 10.17.224.250;
# }
# pool {
# deny members of “foo”;
# range 10.0.29.10 10.0.29.230;
# }
#}
setelah kita selesai mengedit file tersebut kta save dengan menggunakan f2
Setelah selesai edit file dhcpd.conf kita restart dhcp dengan menggunakan perintah yang kita ketikkan pada console perintah../etc/init.d/dhcp3-server restart
FTP SERVER
Install dg printah
#Apt-get install vsftpddengan perintahmcedit /etc/vsftpd.conf
anonymous_enable=YES
#
# Uncomment this to allow local users to log in.
local_enable=YES
#
Edit seperti di bawah ini/yang bergaris bawah
(hanya menghilangkan tanda comment/# aj)# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
# Uncomment this to enable any form of FTP write command.
write_enable=YES
#
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
anon_mkdir_write_enable=YES
#
# Activate directory messages - messages given to remote users when they
# go into a certain directory.
dirmessage_enable=YES
#
# Activate logging of uploads/downloads.
xferlog_enable=YES
#
# Make sure PORT transfer connections originate from port 20 (ftp-data).
connect_from_port_20=YES
#
# If you want, you can arrange for uploaded anonymous files to be owned by
# a different user. Note! Using “root” for uploaded files is not
# recommended!
#chown_uploads=YES
#chown_username=whoever
#
# You may override where the log file goes if you like. The default is shown
# below.
#xferlog_file=/var/log/vsftpd.log
#
# If you want, you can have your log file in standard ftpd xferlog format
#xferlog_std_format=YES
#
# You may change the default value for timing out an idle session.
#idle_session_timeout=600
#
# You may change the default value for timing out a data connection.
#data_connection_timeout=120
#
# It is recommended that you define on your system a unique user which the
# ftp server can use as a totally isolated and unprivileged user.
#nopriv_user=ftpsecure Ket : yang di perlu d edit hanya yang bergaris bawah J aj lainnya biarin ajSetelah itu restart dengan perintah /etc/init.d/vsftpd restart
SAMBA SERVER
Installasi Samba
#apt-get install samba samba-client
akan muncul beberapa pertanyaan yang berhubungan dengan konfigurasi samba seperti workgroup dan dhcp server, jawab sesuai dengan jaringan anda.
Menyiapkan User dan Directory
Kita sediakan user dan directory yang akan digunakan untuk directory sharing dan otentikasi, Untuk membuat directory baru menggunakan perintah#mkdir shareUntuk membuat user baru sekaligus membuat passwordnya menggunakan perintah
#useradd lala
#smbpasswd -a lala
Menkonfigurasi File Konfigurasi Samba
File utama konfigurasi samba terletak pada /etc/samba/smb.conf. Konfigurasi file sharing Anda dengan menambahkan :
#vim /etc/samba/smb.conf
[SHARE]
path=/home/vanfier/share
browseable=yes
writeable=yes
valid users=lalaTest Konfigurasi
Untuk pengecekan Samba bisa menggunakan perintah berikut :
# testparm
Load smb config files from /etc/samba/smb.conf
Processing section “[homes]”
Processing section “[SHARE]”
Processing section “[printers]”
Processing section “[print$]”
Loaded services file OK.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitionsBila output Anda sama dengan diatas, maka konfigurasi Anda tidak terdapat errorSekarang restart samba untuk mendapatkan effect konfigurasi yang telah anda buat
#/etc/init.d/samba restart
Untuk mengetahui lebih banyak tentang option konfigurasi samba, bisa dilihat dengan mengetikan
#man sambaTesting Samba
Untuk testing samba, dapat dilakukan pada terminal debian dengan menggunakan perintah berikut :
#smbclient -L //debianserver -U username
Untuk di windows bisa menggunakan perintah run
Semoga Bermanfaat. Suwun (Terima Kasih)
MANUAL PROXY
Konfigurasi squid.conf
acl labtkj src 192.168.1.0/255.255.255.0
http_access allow labtkj
konfigurasi hak akses
acl_jangan dstdomain http://www.yahoo.com/
http_acces deny jangan
untuk memblokir suatu situs berdasarkan pada alamat websitenya acl_tidak url_regex -i sex
http_access deny tidak
untuk memblokir situs berdasarkan kata kunci (alamat yang terdapat nama sex tak bisa di buka)
acl_no url_regex “/home/porno.txt”
http_access deny no
untuk memblokir situs berdasarkan daftar situs yang kita taruh pada tempat tertentu (misalnya kita taruh pada direktori /home/porno.txt)
isi dari file “/home/porno.txt”
http://www.bangbros.com/
http://www.xnxxmovies.com/
Tidak ada komentar:
Posting Komentar