Professional Documents
Culture Documents
DNS CONFIGURATION
DNS Setup
DNS Configuration
named daemon is used
A DNS Server may be caching/master/slave server
The named.ca file has information of all Root Servers.
There is a Forward Zone file and a Reverse Zone file for
every domain.
Configuration file:
/var/named/chroot/etc/named.conf
Forward Zone File:
/var/named/chroot/var/named/<forward_zone_file>
Reverse Zone File:
/var/named/chroot/var/named/<reverse_zone_file>
DNS Setup
$ORIGIN iitk.ac.in.
ns1 IN A 203.200.95.142
mail0 IN A 203.200.95.144
proxy IN CNAME mail0
DNS Setup
$ORIGIN 95.200.203.in-addr.arpa.
;
;
142 IN PTR ns1.iitk.ac.in.
144 IN PTR mail0.iitk.ac.in.
DNS Setup
/etc/resolv.conf
server 127.0.0.1
DNS Setup
Test DNS
nslookup
host
dig
Test your DNS with the following DNS diagnostics
web site: dnsstuff.com
Apache Setup
APACHE SETUP
Web Server Setup
Web Server
Basic Settings
Change the default value for ServerName
www.<your-domain.com> in httpd.conf and put the
website content in /var/www/html
Additionally you can configure Name based Virtual
Hosting (allow more than one websites to run on
the same server)
Web Server Setup
Virtual Hosting
NameVirtualHost *:80
<VirtualHost *:80>
ServerName server-name
DocumentRoot path-to-virtual-document-root
</VirtualHost>
<VirtualHost *:80>
ServerName server-name
DocumentRoot path-to-virtual-document-root
</VirtualHost>
Squid Setup
SQUID SETUP
Squid Setup
Obtaining Squid
Source code (in C) from www.squid-cache.org
Binary executables
Linux (comes with RedHat and others)
FreeBSD
Windows
Pre-installed in Fedora/Enterprise Linux
Squid Setup
Basic Settings
Edit the /etc/squid/squid.conf file to configure squid
Configuration options:
Disk Cache size and location
Authentication
Allowed Hosts
Any other access restrictions (sites, content, size,
time of access etc.) using ACL
service squid start/stop/restart
Squid Setup
Disc Requirements
Squid makes very heavy use of disc because of
heavy read/write in cache
Needs discs with low seek times
SCSI is better
Can spread cache over 2 or more discs
Raid not recommended
Cached data is not critical
Squid Setup
SENDMAIL SETUP
Mail Server Setup
Sendmail Configuration
Daemon: sendmail
Configuration File: /etc/mail/sendmail.mc
Edit the following lines
LOCAL_DOMAIN(`localhost.localdomain')dnl
(Replace localhost.localdomain by the domain name for which
the mail server is being configured)
DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1,
Name=MTA')dnl
(comment this line by adding dnl at the start of the line)
dnl MASQUERADE_AS(`mydomain.com')dnl
(remove dnl & replace mydomain.com by the domain name)
Sendmail Setup
Sendmail Configuration
Add the range of IP addresses of your network in
access file
(e.g. 172.31. Relay)
Run “make –C /etc/mail” command to compile
sendmail.mc and generate sendmail.cf file.
Restart sendmail and watch for errors
Sendmail Setup
FIREWALL
Firewall
Basic Setup
Internet
Application Firewall
Web Server
Database
Firewall
Firewall Rules
IP Address of Source (Allow from Trusted Sources)
IP Address of Destination (Allow to trusted
Destinations)
Application Port Number (Allow Mail but restrict
Telnet)
Direction of Traffic (Allow outgoing traffic but
restrict incoming traffic)
Firewall
Firewall Implementation
Hardware Firewall: Dedicated Hardware Box (Cisco
PIX, Netscreen )
Software Firewall: Installable on a Server ( )
Host OSs (Windows XP/Linux) also provide
software firewall features to protect the host
LINUX Firewall
LINUX Firewall