Data Networking/Spring 2014/Linux Project Group 1

The Folks

 * Meenakshi Pammi Udhayakumar


 * Bharathi Naidu Kakilate


 * Srinivas Desi Raju


 * Srivathsanka Sanagaram

Motivation
Not all companies have the capital to implement the requirements in the way they want to. Sometimes they don’t get the right resources or they may not have the inventory based on the proposed design. So, the main drive for this project is to come up with a design, which is feasible in terms of scope,resources, inter-working and security. The objective in brief is to simulate DHCP server to lease IP to clients; the client to access the web page hosted by the web browser by resolving its IP from the DNS, and later the Firewall to be able to block the client; the client must also be able to receive backup files from the backup server. This leads to following tasks to be done
 * To build a DNS Server with IPv4 and IPv6 records in forward and reverse domains and also implement a Master and slave DNS server concept.
 * To build a DHCP Server which can implement IPv4 and IPv6 addresses dynamically using Client-Server Protocol with specific lease time and reservation needs in an address pool.
 * To practically implement a Web Server and secure the network from external networks attacks by using basic security implementations rather than using external security devices.
 * To design a robust system which can systematically create a backup of every days work from the current server to a different server.This is needed because there is a possibility that the server might crash because of increase in usage or because of the heavy-duty processes running on the servers When there is a group of people working on a server.

Understanding the Requirements and Protocols Involved
1.DNS Server The Domain Name System (DNS) is a standard technology for managing the names of Web sites and other Internet domains.A DNS server is any computer registered to join the Domain Name System. A DNS server runs special-purpose networking software, features a public IP address, and contains a database of network names and addresses for other Internet hosts. DNS networking is based on the client / server architecture. A Web browser functions as a DNS client (also called DNS resolver) and issues requests to your Internet provider's DNS servers when navigating between Web sites. DNS clients (called resolvers) wanting to use DNS must have it configured on their network. Resolvers query the DNS using fixed (static) IP addresses of one or more DNS servers. On a network, DNS server addresses can be configured on a router and automatically picked up by client devices, or the addresses can be configured on each client individually. Network administrators can get valid DNS server addresses from either their Internet service provider or third-party Internet DNS providers. Types of DNS Lookups DNS is most commonly used by Web browsers automatically converting Internet domain names to IP addresses. Beside these forward lookups, the DNS also is used for: The network requests supporting DNS lookups run over TCP and UDP, port 53 by default. Linux Computers that run DNS are called name servers. Ubuntu ships with BIND (Berkley Internet Naming Daemon), the most common program used for maintaining a name server on Linux. Domain Name System in detail DNS Configuration Details
 * finding the correct servers to deliver Internet email
 * reverse lookups that convert an IP address back to a domain name

2.DHCP Server The Dynamic Host Configuration Protocol (DHCP) is a network service that enables host computers to be automatically assigned settings from a server as opposed to manually configuring each network host. Computers configured to be DHCP clients have no control over the settings they receive from the DHCP server, and the configuration is transparent to the computer's user.

The most common settings provided by a DHCP server to DHCP clients include: The advantage of using DHCP is that changes to the network, for example a change in the address of the DNS server, need only be changed at the DHCP server, and all network hosts will be reconfigured the next time their DHCP clients poll the DHCP server. As an added advantage, it is also easier to integrate new computers into the network, as there is no need to check for the availability of an IP address. Conflicts in IP address allocation are also reduced. Dynamic Host Configuration Protocol details 3.Web Server A Web server is a program that, using the client/server model and the World Wide Web's Hypertext Transfer Protocol ( HTTP ), serves the files that form Web pages to Web users (whose computers contain HTTP clients that forward their requests). Every computer on the Internet that contains a Web site must have a Web server program. Two leading Web servers are Apache, the most widely-installed Web server, and Microsoft's Internet Information Server ( IIS ). Although there are many viable web servers that will serve your content, it is helpful to understand how Apache works because of its ubiquity. Web Server in Ubuntu configuration 4.Firewall A firewall is a system designed to prevent unauthorized access to or from a private network. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria. Firewalls can be either hardware or software but the ideal firewall configuration will consist of both. In addition to limiting access to your computer and network, a firewall is also useful for allowing remote access to a private network through secure authentication certificates and logins.
 * IP address and netmask
 * IP address of the default-gateway to use
 * IP adresses of the DNS servers to use

Hardware firewalls can be purchased as a stand-alone product but are also typically found in broadband routers, and should be considered an important part of your system and network set-up. But due to financial constraints it is not always possible to have Hardware firewalls, instead software firewalls can be effectively used.

Software firewalls are installed on your computer (like any software) and you can customize it; allowing you some control over its function and protection features. A software firewall will protect your computer from outside attempts to control or gain access your computer.Users can therefore configure the firewall to allow certain types of network traffic to pass into and out of a system (for instance SSH or web server traffic)by opening and closing TCP and UDP "ports".

5.Backup A backup refers to the copying and archiving of computer data so it may be used to restore the original after a data loss event. The primary purpose is to recover data after its loss, be it by data deletion or corruption. Data loss can be a common experience of computer users.The secondary purpose of backups is to recover data from an earlier time, according to a user-defined data retention policy, typically configured within a backup application for how long copies of data are required. When there is a group of people working on a server, there is a possibility that the server might crash because of increase in usage or because of the heavy-duty processes running on the servers. The best way is to systematically create a backup of every days work from the current server to a different server.

Progress Report
1st April,2014: Web Server Configuration done 3rd April,2014: DNS Master Configuration done 5th April,2014: DNS Slave configuration done 7th April,2014: DHCP IPv4 configuration and Firewall Configuration done 9th April,2014: DHCP IPv6 Configuration and Backup Configuration Still in Progress 11th April,2014: Addons- Network Time Protocol Configuration and Mail Server done 12th April,2014: Addons- Network File Sharing Configuration done 13th April,2014: Wiki Page and report formatting Still in Progress 14th April,2014: Testing and Report Submission

Configuration Setup
1 DNS *Install Bind9 *Create forward and reverse zones files *Restart bind9

2 DHCP *Install isc-dhcp-server *Edit the configuration for ip addresses pool and give a static ip to server *Restart dhcp 3 Webserver *Install Apache2 *Change the Content of webpage *Assign FQDN for the server 4 Firewall *Install iptables-persistent *Configure the ports and services to be blocked 5 Backup *Install rsync