User:Gaurav149/TELE5330-F14-Group14

INTRODUCTION
The project deals with the implementation of a Domain Name System Server (DNS), Dynamic Host configuration Protocol Server (DHCP), Web Server, Firewall, Backup, and some other extra add-ons that will be shown within the Configurations Section.

The main aim of this project is to deliver a complete network solution where the servers and clients will be able to obtain an IP address from the DHCP server, and then with the help of our DNS Server, the users within our network should be able to successfully fetch the web page that is being host in our own DHCP server. Moreover, we will implement and configure extra networking tools to provide a robust, secure, intelligent inter-networking scheme that could be used at any company or organization.

PROJECT MEMBERS

 * 1) Ankita Chauhan
 * 2) Aravinth Kumar Krishnan
 * 3) Gaurav Thakur
 * 4) Gaurav Singh

Behaviour of DNS
Domain name server is a protocol used by the browser of host to usually retrieve the IP address of the Domain server of the website which is not cached. It accomplice various information with domain name assigned to each of the participating entity. In intranet system domain name server will able to resolve only those IP addresses whose host name is stored in the local files

Behaviour of DHCP
DHCP (Dynamic Host Configuration Protocol) basic activity of DHCP is to dynamically assign IP addresses from a reserved pool of address. The client which arrive in the network needs an IP address as well as the configuration in order to communicate with other clients in the network.

DHCP can assign IP address in two ways to the client Dynamic – IP address assign automatically. Static - IP address is typed statically in the client computer.

For IPv4 sudo apt-get install isc-dhcp-server; # ironmaiden.net for an internal subnet subnet 192.168.10.0 netmask 255.255.255.0; option domain-name-servers 192.168.10.40; option broadcast-address 192.168.10.255; option domain-name "ironmaiden.net"; filename "pxelinux.0"; default-lease-time 600; max-lease-time 7200;

sudo service isc-dhcp-server restart

For IPv6

sudo apt-get install ravdv

interface eth0 prefix ABCD:4648:445D:666E::/64 subnet6 ABCD:4648:445D:666E::/64 range6 4648:445D:666E::10 4648:445D:666E::100;

sudo /etc/init.d/radvd restart

Implementation of DNS Server
For our DNS Server we are going to use the BIND Package that stands for Berkley Internet Naming Daemon. We have reserved in our DHCP Server the following IPv4 and IPv6 address:

Master Server Slave Server: * IPv4 address: 192.168.10.41 * IPv6 address: 2607:f0d0:2001:a::4
 * IPv4 address: 192.168.10.40
 * IPv6 address: ABCD:4648:445D:666E::/64

MASTER SERVER [1] Installation

Web Server
Web Server is used to host web pages. The client uses HTTP to access the HTML file stored on the server.

Behavior of the protocol
Web server is a program that serves the files that form the web pages to web users using the client/server model and the World Wide Web’s Hypertext Transfer Protocol. The web pages comprises of HTML documents and can be moved from server to client easily. A web server is also used for gaming, running enterprise applications, data storage, FTP and many other uses. An HTTP connection has to be established between the client and the server using the Three Way Handshake process so that they can communicate.

Implementation of the web server
[1] Installation Install apache2 server sudo apt-get install apache2

[2] Configuration Edit the default index.html file by going into the www folder cd /var/www sudo nano index.html

Behavior of protocol
A firewall is a network security system that controls the incoming and outgoing network traffic based on applied rule set. A firewall establishes a barrier between a trusted, secure internal network and another network that is assumed not to be secure and trusted. For this network firewall is implemented for the webserver.

Configurations
Allow all connections in the first step

sudo iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT

Allow traffic on specific ports HTTP 80, HTTPS 443, FTP 20,21 and port 22 for ssh sudo iptables -A INPUT -j ACCEPT -p tcp --destination port 80 -i eth2 sudo iptables -A INPUT -j ACCEPT -p tcp --destination port 443 -i eth2 sudo iptables -A INPUT -j ACCEPT -p tcp --destination port 20 -i eth2 sudo iptables -A INPUT -j ACCEPT -p tcp --destination port 21 -i eth2 sudo iptables -A INPUT -j ACCEPT -p tcp --destination port 22 -i eth2

To block the ICMP request, following command is executed

sudo iptables -A INPUT -j DROP -p ICMP -i eth2