User:Suraj reddevil

Group members 1.	Shubham Singh 2.	Suraj Bhatia 3.	Sanchit Rathi DNS Server A DNS server provides look-up tables to resolve hostnames, alias names, canonical names into their respective IP address and vice versa depending upon the resource record used. DNS Server Functioning DNS server follows the following hierarchy to resolve queries: 1.	As the client sends a query, the query is first routed to the local DNS server (i.e. cache). 2.	If the entry is not available in the cache, the query is redirected to the Root Server which further directs it to respective TLD server and ultimately the TLD server contains the information of the authoritative server containing the resolve. Configuration To build our DNS server we have installed UBUNTU 14.04 and run it on VM Workstation on Windows. Also to build DNS server we have used Bind version 9.5(bind9). To configure and install the DNS server the following commands were executed on the terminal This command ensures our Ubuntu has installed all updates. This command when run on the terminal downloads Bind. After building the tree, it ask for root permission before downloading the packages. This command defines a local domain which will be the web address of our DNS server. Using this command we can make changes in db.56clearway which is actually the forward zone of our DNS. Resource records are written for domain servers, web, mail, etc pointing to their respective IP addresses. These records makes the server authoritative. This command creates the reverse zone file and binds it to the reverse localhost domain. This command helps us edit the db.192 file. Under this file we Using PTR resource record reverse IP mapping (obtaining hostname for respective IP addresses) is conducted. This command helps us list the forward and reverse zones along with the file path where the information is stored. This command allows us to edit our forwarders. WE have added our own gateway address to the list of forwarders. This command allows us to change the nameserver IP address and defines search within our specific domain. In order for the changes to bind, a bind9 restart is necessary. There would be an error in bind if there is any error in configuring the DNS server. Testing We can use the following commands to check whether our DNS server is working DHCP IPv4 and IPv6 Install DHCP server on Ubuntu 14.04 Configure DHCP server
 * 1) sudo apt-get update
 * 1) sudo apt-get install bind9
 * 1) sudo cp /etc/bind/db.local /etc/bind/db.56clearway
 * 1) sudo nano /etc/bind/db.56clearway
 * 1) sudo cp /etc/bind/db.127 /etc/bind/db.192
 * 1) sudo nano /etc/bind/db.192
 * 1) sudo nano /etc/bind/named.conf.local
 * 1) sudo nano /etc/bind/named.conf.option
 * 1) sudo nano /etc/resolv.conf
 * 1) sudo service bind9 restart
 * 1) sudo apt-get install isc-dhcp-server –y
 * 1) sudo nano /etc/default/isc-dhcp-server

Assign network interface as “eth0”. Enter below command and define parameters in the dhcpd.conf file:
 * 1) sudo nano /etc/dhcp/dhcpd.conf

After adding the parameters, save and close the dhcpd.conf file. Restart the dhcp service by entering the following command: Install DHCPv6 on Ubuntu 14.04:
 * 1) sudo service isc-dhcp-server restart

Make copy of the dhcp6s.conf file in another destination: Define parameters and create pool or host to assign IPv6 address based on client ID: Make changes in the sysctl.conf file as follows: net.ipv6.conf.all.autoconf=1 net.ipv6.conf.all.accept_ra=1
 * 1) sudo apt-get install wide-dhcpv6-server
 * 1) sudo cp /usr/share/doc/wide-dhcpv6-server/examples/dhcp6s.conf.sample /etc/wide-dhcpv6/dhcp6s.conf
 * 1) sudo /etc/sysctl.conf

Restart dhcpv6 with command:
 * 1) sudo service isc-dhcpv6-server restart

WEBSERVER AND FIREWALL: Webserver Webservers are used to access the web pages. Every webserver has the IP address of all the domains in the world. Any computer can be turned into a Web server by installing server software and connecting the machine to the Internet. There are many Web server software applications, including public domain software and commercial packages. Behavior of protocol The Hypertext Transfer Protocol (HTTP) is an application protocol for collaborative information systems. HTTP is the foundation of data communication for the World Wide Web. Signaling 1. The DHCP server is used to assign the client ip address. 2. Client has to initiate a TCP connection by sending SYN message to server on port 80. 3. The server replies to the client by SYN-ACK message. 4. The client sends an ACK message and completes the three way handshake and requests the web page. Webserver configuration We have used Apache for web server configuration because it provides us flexibility and speed in the small network that we have created. Following are the commands we have used on Linux machine. 1. We install apache on our machine:
 * 1) sudo apt-get update
 * 2) sudo apt-get install apache2

2. Create our own directory: 3. Grant permission as we are not the root users: 4. Then we create an html page for web server: 5. We will create a virtual host file: 6. We will now open this file with root privileges: 7. We will enable our website by: 8. Then we will re-start the web server:
 * 1) sudo mkdir -p /var/www/56clearway.com/public_html
 * 1) sudo chown -R $USER:$USER /var/www/56clearway.com/public_html
 * 1) sudo nano /var/www/56clearway.com/public_html/index.html
 * 1) sudo cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/56clearway.com.conf
 * 1) sudo nano /etc/apache2/sites-available/56clearway.conf
 * 1) sudo a2ensite 56clearway.com.conf
 * 1) sudo service apache2 restart

Testing 1.	Open the web browser and on typing the ip address our webpage should open. 2.	By typing our website name our webpage should open; that means our web page is working fine.

Web page opened with URL as well as IP address on client machine.

FIREWALL Install UFW- Uncomplicated firewall with following command on Ubuntu machine: dnsserver@ubuntu:~#sudo apt-get install ufw

To enable firewall with IPv6, enter below command: dnsserver@ubuntu:~#sudo nano /etc/default/ufw

Make sure the line IPV6=yes is uncommented. Check UFW status: dnsserver@ubuntu:~#sudo ufw status verbose

Set up default policies: dnsserver@ubuntu:~#sudo ufw default deny incoming dnsserver@ubuntu:~#sudo ufw default allow outgoing dnsserver@ubuntu:~#sudo ufw allow ssh dnsserver@ubuntu:~#sudo ufw allow 22 dnsserver@ubuntu:~#sudo ufw enable

Check status after enabling: dnsserver@ubuntu:~##sudo ufw status verbose

Other options: dnsserver@ubuntu:~#sudo ufw allow http dnsserver@ubuntu:~#sudo ufw allow 80 dnsserver@ubuntu:~#sudo ufw allow ftp dnsserver@ubuntu:~#sudo ufw status numbered

WEB SERVER BACKUP Install rsync feature on Ubuntu 14.04: To synchronize a directory from local system with a remote system, enter the following command: To verify, go to the remote system and check the contents using command below: To synchronize directories securely over SSH, enter following command: To synchronize directories password less, create a key and share it with the remote user: ssh-copy-id -i /var/www/. ssh/id_rsa.pub client@10.0.0.40
 * 1) sudo apt-get install rsync
 * 1) rsync -azvh /var/www client@10.0.0.40:/home/
 * 1) ls /home/sk/sync/
 * 1) rsync -azvr /var/www -e ssh client@10.0.0.40 :/home/
 * 1) ssh-keygen -t rsa

ADD-ONS NFS- Network File System NFS, or Network File System, is a distributed filesystem protocol that allows you to mount remote directories on your server. NFS works well for the directory that needs to be accessed regularly. Configuration For server - 1. We need to install nfs-kernel-package:
 * 1) sudo apt-get install nfs-kernel-server

2. Now we are creating two directories:
 * 1) sudo mkdir /var/nfs
 * 2) sudo mkdir /home

3. Now we will share the resources:
 * 1) sudo nano /etc/exports

And our file will look this: /home      10.0.0.40(rw, sync, no_root_squash, no_subtree_check) /var/nfs   10.0.0.40(rw,sync, no_subtree_check)

4. Now we will create NFS table:
 * 1) sudo exportfs -a

For client- 1. For the client we will install package nfs common:
 * 1) sudo apt-get install nfs-common

2. Creating directories on the client:
 * 1) sudo mkdir -p /mnt/nfs/home
 * 2) sudo mkdir -p /mnt/nfs/var/nfs

3. Creating mount point on the client: 4. We can see all NFS share by command: 5. We can make the mount automatically by the command:
 * 1) sudo mount 10.0.0.75:/home /mnt/nfs/home
 * 2) sudo mount 10.0.0.75:/var/nfs /mnt/nfs/var/nfs
 * 1) mount -t nfs


 * 1) sudo nano /etc/fstab

MAIL SERVER Configuration To implement mail server we have used 1.	Postfix 2.	Dovecot 3.	Squirrelmail The following commands have to be executed:- This command is used to install updates This command is used to install bind9, apache2, php5, postfix, dovecot common ,dovecot imapd ,dovecot pop3d, squirrelmail This command is used to enter the directory /etc/bind This command is used to define forward and reverse zones This command binds data from our DNS serer to the localhost The following commands are used to test DNS server nslookup mail.56clearway.com
 * 1) sudo apt-get update
 * 1) sudo apt-get install bind9 dnsutils apache2 php5 postfix dovecot-common dovecot-imapd doecot-pop3d squirrelmail
 * 1) cd /etc/bind
 * 1) sudo nano named.conf.local (add and edit forward and reverse zone for your domain)
 * 1) sudo cp db.local db.56clearway
 * 1) dig mail.56clearway.com


 * 1) cd /etc/apache2/sites-available/
 * 2) sudo cp 000-default.conf mail.conf
 * 3) sudo nano mail.conf (add and edit: ServerName and document root for squirrelmail)
 * 4) a2ensite squirrelmail (enabling squirrelmail)
 * 5) sudo service apache2 restart (restart apache2 services)

To stop all related services execute the following commands To change interfaces on network Stopping and restarting the following services Add users and test working of mail server using squirrel mail. Testing Testing postfix and dovecot
 * 1) sudo nano /etc/squirrelmail/apache.conf (add & edit: document root and domain name)
 * 2) sudo nano /etc/dovecot/dovecot.conf (Inside the conf file add protocols IMAP & POP3 and set mail_location: MailDir)
 * 1) killall named
 * 2) killall apache2
 * 3) killall dovecot
 * 1) sudo nano /etc/network/interfaces (define static IP with netmask and default gateway for Mail server)
 * 1) sudo service bind9 restart
 * 2) sudo service apache2 restart
 * 3) sudo service postfix restart
 * 4) sudo service dovecot restart

Opening squirrelmail on Mozilla Firefox

NIS – NETWORK INFORMATION SYSTEM Signaling NIS stands for Network Information Service. It is a client-server protocol used to distribute system configuration such as hostnames and users to other users on the network. It is generally employed for small scale network. NIS configurations 1. Installing nis and portmap 2. Edit domain as well as server name and refresh the database. domain 56clearway.com server NIS #sudo nano /etc/ypserv.securenets “255.255.255.0 10.0.0.*” (add list of acceptable hosts) Restart the server database 3. For NIS client, type following command 4. Edit domain & server name Add a line +: : : : : : Add a line +: : : Add a line +: : : : : : : : set the ypserver’s IP address <192.168.3.75> After making the changes, update the server. Testing Commands ‘yptest ypswitch’ and ‘ypcat –x’ is used test NIS. NTP: NTP is used for time synchronization and it makes use of TCP/IP. The client requests its current time from server and uses it to set its own clock. NTP CONFIGURATION: 1. To install ntpd:
 * 1) sudo apt-get install nis portmap
 * 1) sudo nano /etc/default/nis
 * 2) set nisserver=master
 * 3) sudo nano /etc/yp.conf
 * 1) sudo /user/lib/yp/ypinit -m
 * 1) sudo apt-get install portmap nis
 * 1) sudo nano /etc/passwd
 * 1) sudo nano /etc/group
 * 1) sudo nano /etc/shadow
 * 1) sudo nano /etc/yp.conf
 * 1) sudo apt-get install ntpd

2. Then edit the conf file:
 * 1) sudo nano /etc/ntp.conf

3. After this then reload ntp:
 * 1) sudo restart ntpd

4. View the status of ntpd by:
 * 1) sudo nap –p

VPN – VIRTUAL PRIVATE NETWORK VPN enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. It is use to extend private network over public network. VPN CONFIGURATION: 1. First we will install pptp server:
 * 1) sudo apt-get install pptpd

2. We need to configure pptpd where we will add server IP and Client IP:
 * 1) sudo nano /etc/pptpd.conf

3. Configure DNS servers:
 * 1) sudo nano /etc/ppp/pptpd-options

4. Now we will add VPN user:
 * 1) sudo nano /etc/ppp/pptpd-secrets

FUTURE SCOPE •	Creating a more decentralized network •	Creating better firewall to block serious external threat and secure network •	Creating efficient mail server •	Upgrading NIS to NIS+ REFERENCES •	https://help.ubuntu.com/lts/serverguide/dhcp.html •	https://help.ubuntu.com/lts/serverguide/dns-configuration.html •	https://www.digitalocean.com/community/tutorials/how-to-set-up-apache-virtual-hosts-on-ubuntu-14-04-lts •	https://help.ubuntu.com/lts/serverguide/firewall.html