INS Assignment 2 – Report
advertisement
INS Assignment 2
Stephen Curran
R00054166
Janet Comerford
R00032790
ITM2
INS Assignment 2
Page 1
Introduction
For this project, we have been tasked to implement the following services on two separate
instances of Ubuntu Server 10.10.
On one server (VM2):
Web Server (Apache) with Virtual Hosting two sites
DNS Server (BIND)
File Server (Samba)
Network Printing (CUPS)
On the other server (VM4):
DNS Server (BIND)
DHCP Server for Ubuntu clients
FTP Server
SSH Server
eMail Server (Postfix) & POP/IMAP Server (Dovecot)
There were also to be two client machines running Ubuntu Desktop 10.10.
The network address we have chosen is 192.168.1.0/24 and we have implemented these
addresses on the machines. However, when DHCP is running, addresses will be allocated
automatically to the client Ubuntu PC’s.
The topology is as follows for the setup:
PC1
INS Assignment 2
PC2
Page 2
Janet
VM1: Ubuntu Desktop 10.10
192.168.1.1 (Before DHCP allocation)
VM2: Ubuntu Server 10.10
192.168.1.2
PC1: Windows Host PC
192.168.1.3
Steve
VM3: Ubuntu Desktop 10.10
192.168.1.4 (Before DHCP allocation)
VM4: Ubuntu Server 10.10
192.168.1.5
PC2: Windows Host PC
192.168.1.6
Janet has been tasked with installing the services on VM2
Steve has been tasked with installing the services on VM4.
We will now demonstrate how we have implemented each of the services.
NOTE: You have to be logged in as root in order to make changes to the system.
Also, due to our limited knowledge/experience in the area of installing, configuring and
running these services, we have followed the online instructions in the links provided
EXACTLY to the detail.
INS Assignment 2
Page 3
Services On VM2
The first thing I did when I entered the server was give myself root access by typing:
Sudo –s
(I was asked for a password which was my server password)
Simple Machines Forum requires PHP and database support such as MySQL. So after I used
#apt-get update
To refresh the list of available packages and then
#apt-get upgrade --show-upgraded
To upgrade installed packages to latest versions
APACHE
Apache is the most commonly used Web Server on Linux systems. Web Servers are used to
serve Web Pages requested by client computers.
Apache will host a Wordpress instance, Wordpress requires MySQL and PHP. I installed
LAMP as this has both the requirements along with apache.
To install LAMP I started off with the following command:
#tasksel
(Selecting LAMP Server when the list of options came up)
#nano /var/www/info.php
(Inserting the following into the editor)
<?php
phpinfo();
?>
I then restarted Apche2
#/etc/init.d/apache2 restart
Next I installed phpmyadmin
#apt-get install phpmyadmin
I opened the browser in the desktop and typed:
http://Server IP address/phpmyadmin
To setup MySQL I typed the following
mysql -u root –p
CREATE DATABASE forum;
CREATE USER admin;
SET PASSWORD FOR admin = PASSWORD(“password”);
INS Assignment 2
Page 4
GRANT ALL PRIVILEGES ON forum.* TO admin@localhost IDENTIFIED BY
‘password’;
#cd /var/www/wordpress
# mv wp-config-samle.php wp-config.php
# nano wp-config.php
Change database_name_here to wordpress.
Change user_here to admin.
Change password_here here to the password you selected in the GRANT ALL ON
wordpress.* TO wordpressuser IDENTIFIED BY ‘password’; command.
Open up a web browser, and navigate to http://ipaddress/wordpress.
Apache also needs to host www.KhufuNet.com.
Apache2 is configured with a single default virtual host which can be used as a template for
additional virtual hosts if you have multiple sites. If left alone, the default virtual host will
serve as your default site.
To configure a new virtual host or site do the following:
INS Assignment 2
Page 5
# cp /etc/apache2/sites-available/default /etc/apache2/sites-available/www.Khufunet.com
Enable the new Virtual Host using the a2ensite utility and restart Apache2:
# a2ensite mynewsite
# /etc/init.d/apache2 restart
Samba
One of the most common ways to network Ubuntu and Windows computers is to configure Samba as
a File Server.
To install Samba I entered the following command:
#apt-get install samba
#smbpasswd -a vm
(vm is the username of my server.)
I then created a test folder. I did not do this in root because then the owning user and group
will be set as ‘root’, which means you won’t be able to access the folder using your Samba
username and password.
# mkdir /home/vm/test
I then made a backup copy of the original smb.conf file
# cp /etc/samba/smb.conf
Now edit smb.conf:
nano /etc/samba/smb.conf
Add this to the very end of the file:
[test]
path = /home/vm/test
available = yes
valid users = vm
read only = no
browsable = yes
public = yes
writable = yes
These settings will share the test folder we created earlier, and give your username
permission to read and write to the folder.
INS Assignment 2
Page 6
I then restarted Samba with this command:
sudo restart smbd
Once Samba restarted, I used this command to check smb.conf for any syntax errors:
sudo testparm
Below is a screenshot from Steve’s computer. As you can see, he can access the test file I
created.
INS Assignment 2
Page 7
Name Server 1: DNS
Domain Name Service (DNS) is an Internet service that maps IP addresses and fully qualified
domain names to one another. In this way, DNS alleviates the need to remember IP
addresses. Computers that run DNS are called name servers. BIND is the most common
program used for maintaining a name server on Linux.
To install BIND I entered the following command:
#apt-get install bind9
Next I configured the bind files.
# nano /etc/bind/named.conf.local
zone "KhufuNet.com" {
type master;
file "/etc/bind/zones/KhufuNet.com.db";
};
zone "0.1.168.192.in-addr.arpa" {
type master;
file "/etc/bind/zones/rev.0.1.168.192.in-addr.arpa";
};
NOTE: KhufuNet.com is the domain name I was using and the IP address so replace it with
your own and the IP address also.
I then edited the options file.
# nano /etc/bind/named.conf.options
forwarders {
192.168.1.2;
};
Now add the zone definition files:
#mkdir /etc/bind/zones
#nano /etc/bind/zones/KhufuNet.com.db
INS Assignment 2
Page 8
KhufuNet.com.
IN
SOA
vm.KhufuNet.com. admin.KhufuNet.com. (
2006081401
28800
3600
604800
38400
)
KhufuNet.com. IN
NS
vm.KhufuNet.com.
KhufuNet.com. IN
MX
10
scurran.KhufuNet.com.
scurran
IN
A
192.168.1.5
vm
IN
A
192.168.1.2
Note : vm is my DNS servers name
KhufuNet.com is my domain name
Scurran is the mail server name
I then created the reverse DNS zone files:
#nano /etc/bind/zones/rev.0.1.168.192.in-addr.arpa
@ IN SOA vm.KhufuNet.com. admin.KhufuNet.com. (
2006081401;
28800;
604800;
604800;
86400
)
1
IN
NS
IN
PTR
INS Assignment 2
vm.KhufuNet.com.
KhufuNet.com.
Page 9
Now restart bind:
# /etc/init.d/bind9 restart
Modify the resolve.conf file:
#nano /etc/resolv.conf
Search KhufuNet.com
Nameserver 192.168.1.2
Test BIND:
# dig KhufuNet.com
CUPS (Network Printing)
The primary mechanism for Ubuntu printing and print services is the Common UNIX
Printing System (CUPS). CUPS manages print jobs and queues and provides network
printing using the standard Internet Printing Protocol (IPP), while offering support for a very
large range of printers.
To install CUPS I entered the following command:
#apt-get install cups
To configure the email address of the designated administrator of the CUPS server edit:
#/nano etc/cups/cupsd.conf
INS Assignment 2
Page 10
Modify the ServerAdmin line
ServerAdmin janet.comerford@mycit.ie
CUPS can be configured and monitored using a web interface, which by default is available
at http://localhost:631/admin. The web interface can be used to perform all printer
management tasks.
In order to perform administrative tasks via the web interface, you must either have the root
account enabled on your server, or authenticate as a user in the lpadmin group.
I now add vm to lpadmin
# usermod -aG lpadmin vm
INS Assignment 2
Page 11
Services on VM4
DHCP, FTP & SSH Servers
There were instructions how to install and configure the DHCP Server on the site
timhorgan.wordpress.com.
The information relating to FTP and SSH Servers were links to other sites that had the
required information.
DHCP
To install the DHCP Server I simply followed the instructions on the following address:
http://timhorgan.wordpress.com/2011/03/21/dhcp-server/
This is an excellent guide and it now works perfectly on my Ubuntu Server, giving out
addresses to the Ubuntu Clients within the network.
By entering the command ‘service dhcp3-server start’ as shown above, the server will start
allocating addresses if requested. (The dhcp3 service should be running at system start-up)
By typing ‘ifconfig’ we can see that the server has a static address of 192.168.1.5.
On the Desktop below, I have changed the ‘/etc/network/interfaces’ file to force it to request
an IP address from a DHCP server. Because VMware is set to ‘bridged mode’, it will request
an address from the server at 192.168.1.5 on the same network.
INS Assignment 2
Page 12
As you can see, I have commented out the static addresses.
By entering the command ‘/etc/init.d/networking restart’, we force the Desktop to re-request
and IP address. Above we can see that the PC has requested an address from 192.168.1.5 and
has been allocated 192.168.1.1.
INS Assignment 2
Page 13
SSH & FTP
For this part I will demonstrate that the two services are functioning correctly by establishing
a secure connection to the server using an FTP client (Filezilla) along with SSH on port 22.
To install SSH use the following guide:
https://help.ubuntu.com/10.10/serverguide/C/openssh-server.html
To install FTP use the following guide: https://help.ubuntu.com/10.10/serverguide/C/ftpserver.html
Once these are installed and configured correctly, use Filezilla on the Ubuntu Desktop to
establish a secure connection with the Ubuntu Server (192.168.1.5).
Enter the information as follows and click ‘Quickconnect’.
A message box will appear saying the host may not be secure because the key is unknown.
However, due to the nature of this assignment we know that the server is safe so we can
continue. (Notice also the ‘Fingerprint: ssh-rsa’ key in the message box.)
INS Assignment 2
Page 14
Once you click ‘OK’, Filezilla will then attempt to connect to the server.
As you can see from above, the connection has been successfully established with the server
using SSH on port 22.
INS Assignment 2
Page 15
DNS Server (bind9)
To install DNS (bind9) on Ubuntu Server I used the following guide:
http://ubuntuforums.org/showthread.php?t=236093
NOTE: Using the guide, I have had to replace the names given with names that match my
current configuration:
example.com
ns1.example.com
mta.example.com
>>>
>>>
>>>
KhufuNet.com
scurran.KhufuNet.com
scurran.KhufuNet.com
Where ‘mta’ is the username of the mail server and ‘ns1’ is the username of the
nameserver.
Once the configuration has been completed, you can see that the bind9 DNS service is
running by entering the command ‘dig KhufuNet.com’.
eMail Server (Postfix)
To install the eMail server (Postfix) I followed the instructions in this link:
file:///C:/Users/Steve/Desktop/INS%20Part%202/Postfix%20%20Community%20Ubuntu%20Documentation.htm
There was quite a bit involved installing and configuring Postfix correctly. In order to test it
out type the command ‘telnet localhost 25’. Once it says you have ‘Connected to localhost’
type ‘ehlo localhost’.
INS Assignment 2
Page 16
If it is configured correctly the following should appear: 250-STARTTLS, 250-AUTH
‘220 mail.KhufuNet.com ESMTP Postfix (Ubuntu)’
POP/IMAP Server (Dovecot)
To install Dovecot I followed the instructions in this link:
file:///C:/Users/Steve/Desktop/INS%20Part%202/Dovecot%20%20Community%20Ubuntu%20Documentation.htm
To show that Dovecot is up and running on the server type ‘telnet localhost pop3’. The
following should appear if it has installed successfully:
‘+OK Dovecot ready.’
INS Assignment 2
Page 17
