Linux Debian

Fundamental Class
Yaniko Dimas Yogo Prasetyo - @okinay
What Will You Get?

Linux Basic DNS Server Web Server

DHCP Proxy
Mail Server
Server Server
Objective
At the end of this course, the student will:
Be familiar with Linux Debian OS and basic command of
Linux
Be able to configure, manage, do basic troubleshooting
of Linux Debian OS
Be able to build basic server services, such as DNS
Server, Web Server, DHCP Server, Mail Server and Proxy
Server
 MODUL 1

Linux Basic
Why Debian?
Unparalleled support
Easy installation
Incredible amounts of software
Easy upgrades
Stability
Fast and easy on memory
Drivers for most hardware is written by GNU/Linux /
GNU/kFreeBSD users, not the manufacturer.
Good system security
Many more
Preparation
DVD Source / ISO Debian 6
Server Computer (or virtual box)
Intel x86 : i386 / Intel 64 or AMD 65 : AMD64
RAM > 2GB
HDD > 40 GB
Internet connection > 512 mbps
A cup of coffee or tea
Install Virtual Box
Configure Virtual Box
Open Oracle VM VirtualBox
Then click New icon to create new virtual machine

Give your Virtual Machine name, such as My Debian

Choose Linux for Type field, then choose Debian (32bit) for Version field

Then follow the Wizard

Configure Virtual Box
And now, your Virtual Machine is almost ready
Configure Virtual Box
Then click Setting icon and choose Network tab
Configure Virtual Box
Choose Bridge Adapter for Attached to field
And choose the adapter which is connected to Internet
(Same as your computer connected to Internet)
Configure Virtual Box
Then choose Storage tab
Configure Virtual Box
Then choose the CD icon in Storage Tree
Click the CD Icon in Attribute section and click
Choose a vitual CD/DVD disk file
And choose your Debian 6 ISO file
Then click OK

2
1
Configure Virtual Box
Then click Start icon and now you can start to Install
you Debian
Install Debian 6
When you already start your virtual machine, you can
find the option of installing debian
Install Debian 6
When you already start your virtual machine, you can find
the option of installing debian

And choos Install then press Enter

And now you can start to follow the wizard
 Install Debian 6

And now your Debian 6 is ready to use

Topology

192.168.50.100/24
192.168.50.254/24
Intern
et

192.168.50.x/25 (dhcp)
Basic Setup (Configure Network)
Run this script to setup your new IP Address:
# nano /etc/network/interfaces
Then it will show you a configuration file to configure
network
Basic Setup (Configure Network)
At the section of # The primary network interface
change the configuration script like below
# The primary network interface
auto eth0
iface eth0 inet static
address 192.168.50.100
netmask 255.255.255.0
gateway 192.168.50.254

Then run this script to restart the network service

# /etc/init.d/networking restart
Basic Setup (Configure Network)
To check the new configuration of your netwok, run this
script
# ifconfig

New IP Configuration
Basic Setup (Configure Network)
Run this script to setup DNS:
# nano /etc/resolv.conf
Then write the script with the following format
nameserver <DNS Server IP Address>
And you can add more than one DNS Server IP Address
Basic Setup (Configure Network)
Now you can test your configuration by doing ping test
# ping google.com
Basic Setup (Configure APT Package
Source)
Run this script to setup APT Package Source:
# nano /etc/apt/sources.list
Then write the script with the following format

Then save the configuration, and run the script below to upgrade your
package source
# apt-get update
Basic Setup (Configure SSh Server)
Install SSh Server with the following script below
# apt-get install openssh-server
then you wait the installing process
Now you can test the SSh Server
with Remote SSh Program,
such as Putty
Basic Setup (Testing SSh Server)
Enter the Server IP Address in Host Name (or IP
Address) section and choose SSH for connection type

Then click Open

 MODUL 2

DNS Server
Installing DNS Server
Bind9 (Berkeley Internet Name Domain Ver. 9)
One of the most popular DNS Server Application in
Linux, and most of Linux Distro use it for DNS Server
and its pretty easy to be configured and understood
You can install bind9 by following this script below
# apt-get install bind9
And follow the wizard
Configuring DNS Server
There are 4 important files that we will be configured
a. /etc/bind/named.conf
b. file forward
c. file reverse
d. /etc/resolv.conf
Edit and add some configuration script for Forward
and Reverse in named.conf file
 Configuring DNS Server
Run this script below:
# nano /etc/bind/named.conf.local
Then Add this following script to it
zone "debiancourse.com" { //Your domain zone
type master;
file "db.debian"; //FORWARD file location, by default located in /var/cache/bind/
};

zone "192.in-addr.arpa" { //The first IP Address block

type master;
file "db.192"; //REVERSE file location, by default located in /var/cache/bind/
};
Configuring Forward File
Run this script below:
# cp /etc/bind/db.local /var/cache/bind/db.debian
# nano /var/cache/bind/db.debian
Then Add this following script to it
$TTL 604800
@ IN SOA debiancourse.com. root.debiancourse.com. (
2 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS debiancourse.com. ;add .dot. in every single domain you wrote
@ IN A 192.168.50.1
www IN A 192.168.50.1
my IN A 192.168.50.1
Configuring Reverse File
Run this script below:
# cp /etc/bind/db.127 /var/cache/bind/db.192
# nano /var/cache/bind/db.192
Then Add this following script to it
$TTL 604800
@ IN SOA debiancourse.com. root.debiancourse.com. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS debiancourse.com.
100.50.168 IN PTR debiancourse.com. ;write the IP reversed
Configuring DNS Client
Run this script below:
# nano /etc/resolv.conf
Then Add this following script to first line
search debaincourse.com
Nameserver 192.168.50.100

nameserver 192.168.50.254
nameserver 202.134.0.155
nameserver 202.134.1.10

Restart bind9 service:

# /etc/init.d/bind9 restart
Testing DNS Server
From Debian 6, run this script
# ping debiancourse.com

From Windows
First, set your primary DNS to your server IP Address
Then run ping command to debiancourse.com on Command Prompt
 MODUL 3

Web Server
Installing Web Server
Apache 2
One of the most popular Web Server Application in
Linux, and most of Linux Distro use it for Web Server
and its pretty easy to be configured and understood
also have a lot of feature inside
You can install Apache2 by following this script below
# apt-get install apt-get install apache2 php5
libapache2-mod-php5
And follow the wizard
Testing Web Server
After you have finished for installing Apache, you can test your
Web Server by accessing your server IP Address or Domain

Access via IP Address

Access via Domain

What is Virtual Host?
Virtual hostingis a method forhostingmultiple domain names
(with separate handling of each name) on a single server (or pool
of servers). This allows one server to share its resources, such as
memory and processor cycles, without requiring all services
provided to use the samehostname.
Configuring Virtual Host
In the DNS Modul, we have created a subdomain which is called
my.debiancourse.com. Now, we will create virtual host for this
subdomain

Now, run this script:

# nano /etc/apache2/sites-available/my.debiancourse.com
Then Add this following script to first line
<VirtualHost *:80>
ServerAdmin webmaster@debiancourse.com
ServerName my.debiancourse.com
DocumentRoot /var/www/my.debiancourse.com
</VirtualHost>

#a2ensite my.debiancourse.com
Configuring Virtual Host
Now, we will make a directory for subdomain
my.debiancourse.com
# mkdir /var/www/my.debiancourse.com
Make index page for my.debiancourse.com
# nano /var/www/my.debiancourse.com/index.php
Then
<?phpAdd this following script to first line
phpinfo();
?>

And now restart you webserver service

# /etc/init.d/apache2 restart
Testing Virtual Host
After you have finished to configure virtual host, you can test
your Web Server by accessing your server Subdomain:
my.debiancourse.com
 MODUL 4

DHCP Server
What is DHCP?
Dynamic Host Configuration Protocol (DHCP) is a network protocol
that enables aserverto automatically assign an IP address to a
computer from a defined range of numbers (i.e., a scope)
configured for a given network.DHCPassigns an IP address when
a system is started
Installing DHCP Server
DHCP3-Server
This is the default program of DHCP server for Linux.
This program is compatible for all kinds of linux distro
You can install DHCP Server by following this script
below
# apt-get install dhcp3-server
And follow the wizard
 Configuring DHCP Server
Now, run this script:
# nano /etc/dhcp3/dhcp.conf
Then Add this following script to last line
# A slightly different configuration for an internal subnet.
subnet 192.168.50.0 netmask 255.255.255.0 {
range 192.168.50.10 192.168.50.50;
option domain-name-servers debiancourse.com;
option domain-name debiancourse.com";
option routers 192.168.50.254;
option broadcast-address 192.168.50.255;
default-lease-time 600;
max-lease-time 7200;
}

And now restart the DHCP Server service

# /etc/init.d/isc-dhcp-server restart
Testing DHCP Server
It quite simple to test your DHCP Server, just connect your device
directly to Server. And now, look at your network configuration
detail
 MODUL 5

Email Server
What is Email Server?
Amail server(also known as amailtransfer agent or MTA,
amailtransport agent, amailrouter or an Internet mailer) is an
application that receives incoming e-mailfrom local users
(people within the same domain) and remote senders and
forwards outgoing e-mailfor delivery.
Installing Email Server
iRedMail
This program is more advance from default Email Server in Linux. It has
simply control panel and very easy to deploy
Download the latest stable release
# wget https://bitbucket.org/zhb/iredmail/downloads/iRedMail-0.8.5.tar.bz2
Install package bzip2
# apt-get install bzip2
Extract iRedMail Package
# tar xjf iRedMail-0.8.5.tar.bz2
Change directory to iRedMail package directory
# cd /root/iRedMail-0.8.5/
And now start iRedMail Installer
# bash iRedMail.sh
Installing Email Server
After you start iRedMail Installer
process, your screen will be like
this
Then choose Yes to continue
the wizard installer

After you choose Yes option, it

will show a new wizard window
like this
Then you choose Next
Installing Email Server
On next wizard, choose OpenLDAP
option using Tab button then click
Space button to select
Then press Tab until cursor appear on
Next option
And press Enter to excecute

Edit LDAP suffix to

dc=debiancourse,dc=com
Then press Enter
Installing Email Server
Specify password for root LDAP
And press Enter to excecute

Specify password for MySQL

Administrator
Then press Enter
Installing Email Server
Specify first virtual domain
Fill the field with
debiancourse.com
And press Enter

Specify password for Domain

Then press Enter
Installing Email Server
Select all optional components
And press Enter

Then it show you a confirmation

to installing iRedMail
Then press y
Press Enter
And it start to download
all components
Configuring MX Record
Your email server is almost ready, now add MX Record in your DNS Forward File
Open DNS forward file
# nano /var/cache/bind/db.debian
Add this script on the last line
@ IN MX 192.168.50.100
Restart bind9 service
# /etc/init.d/bind9 restart
iRedAdmin Control Panel
iRedAdmin is control panel for your email server. Now,
you can easily manage your email server such as
managing user and domain
Open iRedAdmin Control Panel by opening this url
https://debiancourse.com/iredadmin
iRedAdmin Control Panel
Then login to it
Username : postmaster@debiancourse.com
Password : <your email server password>
Now you have entered iRedAdmin Control Panel
Adding Email User
After you enter iRedAdmin Control Panel, now select Add menu
and click User

Then enter your new user

Testing Email Server
After youve created at least 2 user for email server, now open
iRedMail Webmail Page by opening this url
https://debiancourse.com/mail/
Login with user that you have created
Testing Email Server
Then you compose an email to another user that you have created before

In another kind of browser, open IRedMail Webmail. Then login to second user
that you have created. And you can find a message that you have sent from
first user account
 MODUL 6

Proxy Server
What is Proxy Server?
In computer networks, aproxy serveris a server(a computer
system or an application) that acts as an intermediary for requests
from clients seeking resources from otherservers.
Installing Proxy Server
Squid
A proxyserverand web cache daemon. It has a wide
variety of uses, from speeding up a webserverby
caching repeated requests; to caching web, DNS and other
computer network lookups for a group of people sharing
network resources; to aiding security by filtering traffic.

Install Squid Proxy Server

# apt-get install squid
 Configuring Proxy Server
Open Squid configuration file
# nano /etc/squid/squid.conf
Delete command sign (#) in front of this script below and edit if it
#. . .
necessary
http_port 3128 transparent #add transparent
cache_mem 16 MB
cache_mgr admin@debiancourse.com
visible_hostname proxy.debiancourse.com
#. . .

aclurl
For access
dstdomain list, add script
/etc/squid/url #blockedbelow to
domains ACL section
acl key url_regex i /etc/squid/key #blocked words
http_access deny url
http_access deny key
acl lan src 192.168.50.0/24 #local IP Address
http_access allow lan
http_access allow all
Configuring Proxy Server
Make a blocked site list
# nano /etc/squid/url
And enter the site that you will be blocked and save it
detik.com
kaskus.co.id
Make a blocked words list
# nano /etc/squid/key
And enter the site that you will be blocked and save it
sex
porn
And start
# squid -z
Testing Proxy Server
Point your browser proxy setting to your proxy IP Address
Testing Proxy Server
Point your browser proxy setting to your proxy IP Address
Testing Proxy Server
And now open site url that you have blocked before
Additional
If you use your Proxy Server, you make as a Gateway Server other
than as Proxy Server. You can make a Transparent Proxy with it.
Transparent proxy will force every single package to pass through
the proxy before it go to Internet

How?
Just add this IPTABLES to your server
# iptables t nat A PREROUTING s 192.168.50.0/24 p tcp --dport 80 j
REDIRECT --to-port 3128
# iptables-save > /etc/iptables