User:TSMG5330-F13-Group5

The Folks
Yangyang Huang

Mayur Narang

Cheming Lin

Di Xie

Motivation
To gain an insight into ubuntu, and to implement what we have learned in a more efficient way.

Understanding the Protocol
DHCP means dynamic host protocol which is acrually an application layer protocol that dynamically assigns ip addresses, subnet masks to the host devices which connected to the subnet. The ip addresses provided by DHCP they are not permanent. It comes with a lease time, after the lease time expires the host again has to ask for the ip address and sends the request message to DHCP in the form of broadcast message.

DNS Domain name systems, it performs the function of mapping host names to ip addresses and also the reverse, ip address to the hostname. Dns is hierarchy consisting of root level server, top-level server and admin server, so whenever a request message comes to the dns, it comes to the root and then root sends it to the top level and then the mapping takes place in the admin server.

HTTP (Hyper Text Transfer Protocol) is an application layer protocol used by World Wide Web. HTTP defines how messages are formatted and transmitted between the Web servers and browsers. It defines what actions Web servers and browsers should take in response to various commands. When a client enters a URL in browser, the browser actually sends an HTTP request to the Web server and Web server fetches and transmits the requested Web page. HTTP is a stateless protocol and transmitting packets on pipelining-persistent TCP connection in HTTP/1.1.

File Synchronization Protocol is a protocol which is used to transmit datagram messages from one computer to another computer, establishing communications between two computers on network layer, transport layer and session layer. This protocol is commonly used for backups on external hard drives or updating for transport.

Network file system is a protocol which allows a server to store a file or files locally so that it can be accessed by remote clients locally. It works as the user stores its home directories locally and the owner can always access these home directories remotely that’s the function of network file system.

Point to Point Tunnel Protocol is a built-in support for desktops, mobile devices, and tablets. PPTP uses basic 128-bit encryption. It is very stable, accepted by most Wi-Fi hotspots. PPTP uses a control channel over TCP and a GRE tunnel operating to encapsulate PPP packets.

Network Time Protocol stands for Network Time Protocol, and it is an Internet protocol used to synchronize the clocks between computer systems.

The Requirements
1. Double boot Ubuntu 2. DHCP assigns dynamic ip address for client. 3. The DNS should be configured with static ip address. 4. The client asks for a webpage and sends query to the DNS, and DNS responses it the IP of the domain name. 5. The firewall should allow client to ask for web page from the web server, and deny other packets. 6. The Backup server should back up for Web server every day at 12:00 a.m.. 7. NFS server enables clients can see files which are shared on server. 8. VPN enables a computer works as if it is connected to the private network directly.

Steps to perform the setup / installation
DHCP: Install ISC-DHCP-SERVER, and configure the IPV4, IPV6 IP addresses pool. Setup the default interface using by DHCP, and try to connect to hosts with AD-HOC. Install wide-dhcpv6-server, setup configuration files. Install radvd program, setup configuration files. Connect Web server, DNS server and client, and assign them the IP address in the address pool. Use ifconfig command to check these PC can acquire the IP addresses list assigned by DHCP server. Use ping and ping6 command to make sure each laptops is under the same subnet and is able to reach each other.

DNS: Firstly I gave my server a static ip address,ie changing the dynamic ip address of the server to the static one. After that we restarted the configuration just to check the changes we implemented. Then we installed the bind9 server. After installing bind9 server, we created the forwarding zones for the server. After that we created forward and reverse lookup zones. Then we created the 5 nameservers. Then we configured the clients. After that we did nslookups to check whether the server is working or not

Web server: Firstly, install apache2 web server, and then change directory into sites-abailable. copy the default file to a new file with name group5.com. Then edit webpage group5.com. Lastly, restart the apache2 web server.

Firewall: Turn on UFW and check the status of UFW. Only allow incoming tcp pakets on port 80.

Backup: Install rsync on both Backup server and Web server. Configure on Web server by creating file rsyncd.conf and rsyncd.passwd. Changing rsyncd.conf and rsyncd.passwd file-permission. Compress the file which is wanted to be backed up, and use command crontab -e to make the compressed file can be deleted and new conpressed file can be created at some time every day automatically. Creating file rsyncd.passwd on Backup server, and make sure that the password in this file is same with the password in rsyncd.passwd which is located in Web server. Changing rsyncd.passwd file-permission. Make back up at some time every day automatically.

VPN: Install VPN server application. Edit ssh connection, and change the localip to the server’s ip and remoteip is the range of assigned ip address. Assign dns server for vpn by changing ms-dns. Setup vpn account with password.

NFS: On NFS server Install the packages and then create the export filesystem. Mount /home/xiedi which is the directory I want to share. Add a line /home/xiedi /export/users none bind 0 0 o avoid retyping after every reboot. Set NEED_SVCGSSD=no. Configure Nobody-User = nobody  Nobosy-Group = nogroup. Add /home/xiedi * (rw, sync) to share the directory. Service nfs-kernel-server restart. On NFS client Install nfs-common. Then type mount –o nolock 192.168.1.2: /home/xiedi /mnt. Add a line nfs-server:/ /mnt  nfs  auto  0  0 to avoid retyping after every reboot. Show the directory shared by the server.

NTP: Install ntp first. Then change the servers for synchronization, and add the network range allowed to receive requests Restart service

Testing
1)Checking network configuration. 2)Changing network configuration to static. 3)Setting up of forwarders. 4)Creating zones (forward and reverse). 5)creating Forward master type zone. 6)creating reverse master type zone. 7)Testing dns group5.com.

Test Tools we have used ubuntu 12.04 operating system.

Test Cases After configuring our ubuntu 12.04 server as dns server, we did various commands to test the implementation and working of the server ie. nslookup command, which shows you the mapping or the translation for both hostnames to ip address and from ip addresses to the hostnames.

case 1 Forward Zone nslookup www.group5.com result--server 192.168.1.3 address 192.168.1.3#53 www.group5.com    canonical name-dee.group5.com

case 2 Reverse Zone nslookup 192.168.1.2 result--server 192.168.1.3 address 192.168.1.3#53 2.1.168.192.in-addr.arpa       name=dee.group5.com

Web server: Entering http://localhost in browser, the testing page shows Connecting 2 laptops with cable, entering 192.168.1.2 in client’s browser, it shows the testing page Then connect DNS server together with Web server and client, entering the domain name www.group5.com in client’s browse, it shows the sample webpage.

Firewall: Use command "ping" to ping Web server to see whether we can receive echo.

Back up Checking the file which is used to save the backup content whether there is content in this file after the time when the Backup server have backed up.

VPN Use a computer to connect the VPN server.

NFS Use a computer to work as a client and connect to NFS server and see whether we can see the shared files or not.

Database On the Web server, use command “mysql –u root –p –show user info” to show users’ information.

DHCP server First step: We start isc-dhcp-server, wide-dhcpv6-server and radvd by using the commands list above.

Second step: We setup a local network (Wireless LNA in this case, named T1), and set IPV4 and IPV6 manually.

Third step: Use ifconfig to check the DHCP server get the IP address by manual setting.

4th step: We use another laptop to connect to the T1 LNA, and then type ifconfig to check whether the laptop acquire IPV4 and IPV6 from the server and in the range of IP address pool.

5th step: Now we make sure these two laptops are in the same Local Area Network, therefore, we can try to ping Host by using ping and ping6 commands.

Finally, we confirm that we can ping host which acquired IP address from DHCP server.

The original messages are listed as below:

root@cheming-MacBookPro:/home/cheming# ifconfig eth1     Link encap:Ethernet  HWaddr 54:26:96:dc:36:41 inet addr:192.168.1.5 Bcast:192.168.1.255  Mask:255.255.255.0 inet6 addr: fe80::5626:96ff:fedc:3641/64 Scope:Link inet6 addr: 2001:db8:1:2::5/64 Scope:Global UP BROADCAST RUNNING MULTICAST MTU:1500  Metric:1 RX packets:4465 errors:0 dropped:0 overruns:0 frame:172668 TX packets:5179 errors:17 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:2488318 (2.4 MB) TX bytes:680022 (680.0 KB) Interrupt:17

lo       Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536  Metric:1 RX packets:3922 errors:0 dropped:0 overruns:0 frame:0 TX packets:3922 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:339865 (339.8 KB) TX bytes:339865 (339.8 KB)

vmnet1   Link encap:Ethernet  HWaddr 00:50:56:c0:00:01 inet addr:192.168.215.1 Bcast:192.168.215.255  Mask:255.255.255.0 inet6 addr: fe80::250:56ff:fec0:1/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500  Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:149 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

vmnet8   Link encap:Ethernet  HWaddr 00:50:56:c0:00:08 inet addr:192.168.11.1 Bcast:192.168.11.255  Mask:255.255.255.0 inet6 addr: fe80::250:56ff:fec0:8/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500  Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:148 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

root@cheming-MacBookPro:/home/cheming# ping6 2001:db8:1:2::1001 PING 2001:db8:1:2::1001(2001:db8:1:2::1001) 56 data bytes 64 bytes from 2001:db8:1:2::1001: icmp_seq=1 ttl=64 time=15.4 ms 64 bytes from 2001:db8:1:2::1001: icmp_seq=2 ttl=64 time=3.47 ms 64 bytes from 2001:db8:1:2::1001: icmp_seq=3 ttl=64 time=1.21 ms 64 bytes from 2001:db8:1:2::1001: icmp_seq=4 ttl=64 time=38.1 ms 64 bytes from 2001:db8:1:2::1001: icmp_seq=5 ttl=64 time=1.23 ms 64 bytes from 2001:db8:1:2::1001: icmp_seq=6 ttl=64 time=1.02 ms 64 bytes from 2001:db8:1:2::1001: icmp_seq=7 ttl=64 time=1.29 ms 64 bytes from 2001:db8:1:2::1001: icmp_seq=8 ttl=64 time=1.23 ms 64 bytes from 2001:db8:1:2::1001: icmp_seq=9 ttl=64 time=0.675 ms 64 bytes from 2001:db8:1:2::1001: icmp_seq=10 ttl=64 time=1.13 ms 64 bytes from 2001:db8:1:2::1001: icmp_seq=11 ttl=64 time=2.90 ms 64 bytes from 2001:db8:1:2::1001: icmp_seq=12 ttl=64 time=2.52 ms 64 bytes from 2001:db8:1:2::1001: icmp_seq=13 ttl=64 time=2.99 ms 64 bytes from 2001:db8:1:2::1001: icmp_seq=14 ttl=64 time=9.33 ms 64 bytes from 2001:db8:1:2::1001: icmp_seq=15 ttl=64 time=1.19 ms 64 bytes from 2001:db8:1:2::1001: icmp_seq=16 ttl=64 time=3.19 ms ^Z [5]+ Stopped                 ping6 2001:db8:1:2::1001

Future Prospects
Improvements The improvements is being made constantly in the field of Domain name server, to provide effective protection against the various cyber attacks, thus providing users with good service.Every year millions of dollar are being spent to improve the functionality of the server.

It involves making domain name system bug free and providing addition security to it to make it less prone to cyber attacks such as dos attacks, so that it should be able to provide a quality service to its clients.

Increasing the number of domain name servers across the world, to provide a speedy reply to the queries made by the clients.

Improvements can be made in dynamic host control protocol that dhcp should be able to increase the lease time for the dynamic addresses it gives to the host, so that host should be able to make a tcp connection with the server for a long period of time.

More dhcp servers should be employed in organizations,chools and etc, so that they will be able to address more number of users.

Web servers should be made more user friendly to enhance the human experience should provide resistance to the various cyber bugs and provide additional security to the hosts files.

For security issue, We can set a group of valid MAC address which leads to acquire IP addresses from DHCP pool. However, if the MAC addresses are not permitted, the clients cannot acquire licit IP address in the subnet from DHCP server.