ITCwiki - User contributions [en]

Franske ITC-2480 Lab 11

2014-04-01T23:34:43Z

Riptide wave: /* Mounting Partitions */

=Introduction=
=Lab Procedure=
== Prerequisites ==
# Open an SSH console to your Linux system using the PuTTY software, login with your standard user account

== Exploring /proc ==
# To start this lab, go to /proc in putty. /proc is a very special folder is its a virtual filesystem. Its sometimes referred to as a process information pseudo-file system. The reason is that all of the files in /proc are not real files, but runtime and system information.
# For example, now that you are in /proc, run cat cpuinfo. Notice how the output tells your information about the CPU that is running the Virtual Machine. /proc is used not only to get hardware and runtime information, but it can also be used to tweak kernel settings. Look back on Lab 10 and notice how we echoed a number to a file in /proc to enable packet forwarding.
# There are a few files in /proc you should get to know:
#* '''/proc/cpuinfo''' = Shows you the CPU info for your machine.
#* '''/proc/modules''' = Shows you the currently enabled kernel modules that are active on your kernel.
#* '''/proc/cmdline''' = Shows you the boot arguements used to boot your kernel.
#* '''/proc/version''' = Shows you your kernel version.
# It is important to note that some of these files have commands tied to them, for example.
#* '''/proc/modules''' = lsmod
#* '''/proc/mounts''' = mount
#* '''/proc/version''' = uname -a
# Normally it is best to use the command version to lookup the information as it is normally formatted to be easier to read and understand.
# Explore around with these commands and find the differences between the command line and file output versions.
== Exploring /dev ==
# now change directories to /dev and list the files. Notice that there are ALOT, but don't worry there is organization in the mess. Each file, like in /proc, is actually a device or interface on the machine. Here is a list of the most common interfaces you will see:
#* '''/dev/sd*''' = SATA Hard Drives
#* '''/dev/hd*''' = IDE Hard Drives
#* '''/dev/vd*''' = VirtIO (Virtualized) Hard Drives
#* '''/dev/ttyS*''' = Serial Interfaces on your PC.
#* '''/dev/tty*''' = Virtual Consoles, similar to the one you are using to enter commands. Mostly used by background programs or services.
# There are also some commands you should learn that will help you with detecting, and looking up devices:
#* '''lsusb''' = List USB Devices (Bus, Device, ID, and advertised vendor)
#* '''lspci''' = List PCI Devices (Bus, Type, Advertised Name, Revision)
#* '''dmesg''' = Display or Driver Message. This shows kernel messages that are normally linked to adding, or removing devices.
== Adding a 2nd disk ==
# If you noticed when exploring /dev, our VM setup uses sd devices for our hard drives. If you remember from the reading, the * in the name is a letter standing for which device is on the first sata interface, and the number after that, ex 0, marks the first partition. So for the first partition on the first disk, the drive would be /dev/sda0
# Now if you noticed there is a sdb that has no partitions. We are going to format this drive into 2 partitions, and then later setup automatic mounting.
# To start, run cfdisk /dev/sdb as root. ''cfdisk'' is a graphical version of ''fdisk'', which is a tool used to setup disk partitioning. Note that ''fdisk'' only sets up the MBR, and does not actually format the drive. Also notice how we tell ''cfdisk'' what drive we want to format by appending the drive file to the end of the command.
# Once in ''cfdisk'', Press the New option. Now select Primary as we are making a Primary partition, then for the size set it to 15GB (15306MB) and select Beginning.
# Now, use the arrow keys to go down to the Free Space, and press enter to Select New. Again, set it to Primary, and leave the size that it shows. Then press Enter.
# Press enter to mark the first partition bootable.
# At this point we should have two partitions, one named sdb1 with a size of 15305~ that is set as bootable, and sdb2 which takes up the rest of the drive. At this point, use the arrow keys to select Write, and press enter. You will be warned that this will write the table to the disk. enter yes, and press enter to confirm.
# If on the bottom you see "wrote partition table to disk", then you have successfully wrote the MBR to the drive. Now you can navigate to quit to exit the program.
# Now run ''ls -l /dev | grep sdb''. Notice how the two partitions, sdb1 and sdb2 show up.
# Now we are going to format our two partitions. The first one we will format to ext4, and the second partition will be formatted to btrfs. For more information on the differences and similarities between btrfs and ext4, refer to your book or google.
# To create the ext4 partition, we will use the ''mkfs.ext4'' command. So as root, run the command ''mkfs.ext4 /dev/sdb1''. This will partition the drive to ext4 with no label. If you would like to label the partition, look into the options of ''mkfs.ext4'' using ''man mkfs.ext4''.
# Now, before we format the other partition to btrfs we need to install some tools. As root, use your favorite package manager to download the btrfs-tools package.
* Note if you have issues with installing packages, check your firewall rules you created in the last lab.
# Now we will format the btrfs partition. To do this, we will run ''mkfs.btrfs /dev/sdb2'' as root. Just like before, we need to tell the ''mkfs.btrfs'' package what partition to format.
# Now that we are done, we are ready to move onto mounting the partitions.
== Mounting Partitions ==
# There are two main ways to mount disks in linux. One is done manually, and the other is to setup mounting at boot.
# To start, we will learn how to manually mount a partition. change into the /mnt directory and then create a folder called part1. Now cd into the part1 folder and create a empty file called unmounted.
# Now, go back to the mnt directory. We are now going to use the mount command to mount the first partition we created to the part1 folder. To do this, we will run ''mount /dev/sdb1 /mnt/part1'' as root. Now, go back into the part1 folder and list files. Notice how the file you made called unmounted no longer exists. This is because the folder is being used as the mount point for the partition. Now change back to the /mnt folder.
# To unmount the partition, run the command ''umount /mnt/part1''. Now list the contents of the folder part1 again. Notice how the unmounted file is now back. This is because when a drive is mounted to the file, it overlays on top of any files in the folder, but it does not delete or touch the files.
# Now we are going to make a folder called btrfs in /mnt. Once created, using the file editor of your choice, open up the file /etc/fstab.
# The fstab file is used to tell a linux system what drives and partitions is should mount as boot, as well as mount options and where to mount the partitions. On the bottom of the file, add the following:
<pre>/dev/sdb1 /mnt/part1 ext4 defaults 0 0
/dev/sdb2 /mnt/btrfs btrfs defaults 0 0</pre>
# Adding these lines will tell the fstab file to mount both partitions at boot to the folders we created. To mount the partitions without rebooting or using the full mount command syntax, we can just run mount -a which will load and mount all partitions in the fstab file.

== Disk and File Usage ==
# At this point we can now use the ''df'' command to verify that our new partitions are properly mounted. When you run ''df'', you should see something similar to this at the bottom of the output:
<pre>/dev/sdb1 14712416 167576 13797488 2% /mnt/part1
/dev/sdb2 26995912 120 24870016 1% /mnt/btrfs</pre>
# This means that your two partitions are mounted properly to the folders we created earlier. ''df'' is a powerful command as not only will it show you what is mounted where, but it also shows you how much disk space is used, as well as how much space is left.
# Now, cd into /mnt/part1 so you are on the ext4 partition you created. Then as root, run the command ''cp -r /var/log ./''
# Now cd into the log folder, and run ''du -h''. ''du'' is a command that allows you to view file usage in a tree format. the -h flag tells ''du'' to output the usage in a "human readable" format, while the -a flag tells it to show you the results for all files, and not just folders.
# Mess around with using this across the file system. How much data is the /etc/ folder taking up on your linux system?
# This concludes the Chapter 11 Lab.

Franske ITC-2480 Lab 11

2014-04-01T23:34:11Z

Riptide wave:

=Introduction=
=Lab Procedure=
== Prerequisites ==
# Open an SSH console to your Linux system using the PuTTY software, login with your standard user account

== Exploring /proc ==
# To start this lab, go to /proc in putty. /proc is a very special folder is its a virtual filesystem. Its sometimes referred to as a process information pseudo-file system. The reason is that all of the files in /proc are not real files, but runtime and system information.
# For example, now that you are in /proc, run cat cpuinfo. Notice how the output tells your information about the CPU that is running the Virtual Machine. /proc is used not only to get hardware and runtime information, but it can also be used to tweak kernel settings. Look back on Lab 10 and notice how we echoed a number to a file in /proc to enable packet forwarding.
# There are a few files in /proc you should get to know:
#* '''/proc/cpuinfo''' = Shows you the CPU info for your machine.
#* '''/proc/modules''' = Shows you the currently enabled kernel modules that are active on your kernel.
#* '''/proc/cmdline''' = Shows you the boot arguements used to boot your kernel.
#* '''/proc/version''' = Shows you your kernel version.
# It is important to note that some of these files have commands tied to them, for example.
#* '''/proc/modules''' = lsmod
#* '''/proc/mounts''' = mount
#* '''/proc/version''' = uname -a
# Normally it is best to use the command version to lookup the information as it is normally formatted to be easier to read and understand.
# Explore around with these commands and find the differences between the command line and file output versions.
== Exploring /dev ==
# now change directories to /dev and list the files. Notice that there are ALOT, but don't worry there is organization in the mess. Each file, like in /proc, is actually a device or interface on the machine. Here is a list of the most common interfaces you will see:
#* '''/dev/sd*''' = SATA Hard Drives
#* '''/dev/hd*''' = IDE Hard Drives
#* '''/dev/vd*''' = VirtIO (Virtualized) Hard Drives
#* '''/dev/ttyS*''' = Serial Interfaces on your PC.
#* '''/dev/tty*''' = Virtual Consoles, similar to the one you are using to enter commands. Mostly used by background programs or services.
# There are also some commands you should learn that will help you with detecting, and looking up devices:
#* '''lsusb''' = List USB Devices (Bus, Device, ID, and advertised vendor)
#* '''lspci''' = List PCI Devices (Bus, Type, Advertised Name, Revision)
#* '''dmesg''' = Display or Driver Message. This shows kernel messages that are normally linked to adding, or removing devices.
== Adding a 2nd disk ==
# If you noticed when exploring /dev, our VM setup uses sd devices for our hard drives. If you remember from the reading, the * in the name is a letter standing for which device is on the first sata interface, and the number after that, ex 0, marks the first partition. So for the first partition on the first disk, the drive would be /dev/sda0
# Now if you noticed there is a sdb that has no partitions. We are going to format this drive into 2 partitions, and then later setup automatic mounting.
# To start, run cfdisk /dev/sdb as root. ''cfdisk'' is a graphical version of ''fdisk'', which is a tool used to setup disk partitioning. Note that ''fdisk'' only sets up the MBR, and does not actually format the drive. Also notice how we tell ''cfdisk'' what drive we want to format by appending the drive file to the end of the command.
# Once in ''cfdisk'', Press the New option. Now select Primary as we are making a Primary partition, then for the size set it to 15GB (15306MB) and select Beginning.
# Now, use the arrow keys to go down to the Free Space, and press enter to Select New. Again, set it to Primary, and leave the size that it shows. Then press Enter.
# Press enter to mark the first partition bootable.
# At this point we should have two partitions, one named sdb1 with a size of 15305~ that is set as bootable, and sdb2 which takes up the rest of the drive. At this point, use the arrow keys to select Write, and press enter. You will be warned that this will write the table to the disk. enter yes, and press enter to confirm.
# If on the bottom you see "wrote partition table to disk", then you have successfully wrote the MBR to the drive. Now you can navigate to quit to exit the program.
# Now run ''ls -l /dev | grep sdb''. Notice how the two partitions, sdb1 and sdb2 show up.
# Now we are going to format our two partitions. The first one we will format to ext4, and the second partition will be formatted to btrfs. For more information on the differences and similarities between btrfs and ext4, refer to your book or google.
# To create the ext4 partition, we will use the ''mkfs.ext4'' command. So as root, run the command ''mkfs.ext4 /dev/sdb1''. This will partition the drive to ext4 with no label. If you would like to label the partition, look into the options of ''mkfs.ext4'' using ''man mkfs.ext4''.
# Now, before we format the other partition to btrfs we need to install some tools. As root, use your favorite package manager to download the btrfs-tools package.
* Note if you have issues with installing packages, check your firewall rules you created in the last lab.
# Now we will format the btrfs partition. To do this, we will run ''mkfs.btrfs /dev/sdb2'' as root. Just like before, we need to tell the ''mkfs.btrfs'' package what partition to format.
# Now that we are done, we are ready to move onto mounting the partitions.
== Mounting Partitions ==
# There are two main ways to mount disks in linux. One is done manually, and the other is to setup mounting at boot.
# To start, we will learn how to manually mount a partition. change into the /mnt directory and then create a folder called part1. Now cd into the part1 folder and create a empty file called unmounted.
# Now, go back to the mnt directory. We are now going to use the mount command to mount the first partition we created to the part1 folder. To do this, we will run ''mount /dev/sdb1 /mnt/part1'' as root. Now, go back into the part1 folder and list files. Notice how the file you made called unmounted no longer exists. This is because the folder is being used as the mount point for the partition. Now change back to the /mnt folder.
# To unmount the partition, run the command ''umount /mnt/part1''. Now list the contents of the folder part1 again. Notice how the unmounted file is now back. This is because when a drive is mounted to the file, it overlays on top of any files in the folder, but it does not delete or touch the files.
# Now we are going to make a folder called btrfs in /mnt. Once created, using the file editor of your choice, open up the file /etc/fstab.
# The fstab file is used to tell a linux system what drives and partitions is should mount as boot, as well as mount options and where to mount the partitions. On the bottom of the file, add the following:
<pre>/dev/vdb1 /mnt/part1 ext4 defaults 0 0
/dev/sdb2 /mnt/btrfs btrfs defaults 0 0</pre>
# Adding these lines will tell the fstab file to mount both partitions at boot to the folders we created. To mount the partitions without rebooting or using the full mount command syntax, we can just run mount -a which will load and mount all partitions in the fstab file.
== Disk and File Usage ==
# At this point we can now use the ''df'' command to verify that our new partitions are properly mounted. When you run ''df'', you should see something similar to this at the bottom of the output:
<pre>/dev/sdb1 14712416 167576 13797488 2% /mnt/part1
/dev/sdb2 26995912 120 24870016 1% /mnt/btrfs</pre>
# This means that your two partitions are mounted properly to the folders we created earlier. ''df'' is a powerful command as not only will it show you what is mounted where, but it also shows you how much disk space is used, as well as how much space is left.
# Now, cd into /mnt/part1 so you are on the ext4 partition you created. Then as root, run the command ''cp -r /var/log ./''
# Now cd into the log folder, and run ''du -h''. ''du'' is a command that allows you to view file usage in a tree format. the -h flag tells ''du'' to output the usage in a "human readable" format, while the -a flag tells it to show you the results for all files, and not just folders.
# Mess around with using this across the file system. How much data is the /etc/ folder taking up on your linux system?
# This concludes the Chapter 11 Lab.

Franske ITC-2480 Lab 11

2014-04-01T15:17:45Z

Riptide wave: Created page with "=Introduction= =Lab Procedure= == Prerequisites == # Open an SSH console to your Linux system using the PuTTY software, login with your standard user account == Exploring /pr..."

Franske ITC-2480 Assignments

2014-04-01T15:16:28Z

Riptide wave:

=Labs=
You are responsible for completing ALL of these labs. You must submit a [[Franske Lab Report Format|lab report]] for each chapter (you may combine multiple labs from the chapter into a single report). If you work with a partner on a lab you only need to submit a single lab report for the two of you but it must have both your names on it. Each lab report is worth up to 20 points. This falls into the Labs/Homework category of your course grade.

# [[Franske ITC-2480 Lab 1|Lab 1: Install Debian, check IP, remote access with ssh/sftp]]
# [[Franske ITC-2480 Lab 2|Lab 2: Install Links, install Apache, download, copy, move, remove files, tar file extraction, directories]]
# [[Franske ITC-2480 Lab 3|Lab 3: Install sudo, create new user, change ownership and permissions on files/dirs, view man pages, install webmin]]
# [[Franske ITC-2480 Lab 4|Lab 4: redirect/pipe output, create links, create compressed files, text editing]]
# [[Franske ITC-2480 Lab 5|Lab 5: Set static IP, install PHP/mySQL, experiment with websites and databases, view logfiles]]
# [[Franske ITC-2480 Lab 6|Lab 6: Install forum & blog software, experiment with PHP]]
# [[Franske ITC-2480 Lab 7|Lab 7: Install Samba, configure for basic workgroup filesharing]]
# [[Franske ITC-2480 Lab 8|Lab 8: Install Postfix MTA, courier-imap]]
# [[Franske ITC-2480 Lab 9|Lab 9: Install BIND and configure as caching plus zones for a local domain]]
# [[Franske ITC-2480 Lab 10|Lab 10: 2nd NIC internal network configuration]]
# [[Franske ITC-2480 Lab 11|Lab 11: Explore /proc /dev, Partition/format/mount 2nd HDD]]
# Lab 12: Use of nmap, netstat, MRTG/cacti, Nagios
# Lab 13: Write BASH scripts

=Homework=
Any homework assigned in the course will go here. This falls into the Labs/Homework category of your course grade. Remember, for homework assignments turn in the actual pages from your lab book or printouts from the curriculum and not a lab report. Homework assignment are individual, you and your lab partner need to both turn them in separately even if you work on them together.

=Participation Activities=
Any participation activities completed in the course will go here. This falls into the participation category of your course grade.
* Meet with the instructor once per week to discuss course progress and ask questions (up to 10 points each based on progress)

=Unit Assessments=
You are responsible for completing an online unit assessment for each chapter. These fall into the online assessments category of your course grade.

=Other=
You are also responsible for completing these things, see the course syllabus for category and weighting information.
* Online Final Exam
* Skills Final Exam

=Skills Final Exam=
The Skills Final Exam is designed to test your ability to apply the concepts learned in this class and practiced in labs to common, real-world scenarios.

[[Franske ITC-2480|Return to ITC-2480 Homepage]]

Franske ITC-2480 Lab 10

2014-03-27T03:59:27Z

Riptide wave: /* iptables from the command line */

=Introduction=
=Lab Procedure=
== Prerequisites ==
# Open an SSH console to your Linux system using the PuTTY software, login with your standard user account
# Have a browser window set to the webmin interface for your linux VM.

== Setup a 2nd NIC Interface ==
# To start this lab we will need to create a second network interface called eth1. We will use eth1 as our LAN interface that will allow other computers to connect to the internet.
# In putty, open up /etc/network/interfaces with your favorite text editor, then go to the bottom of the file and add the following:
<pre>auto eth1
iface eth1 inet static
address 192.168.1.1
netmask 255.255.255.0</pre>
* As this is a LAN only interface, we do not need to define a gateway for the VM, as the VM is the gateway for this network.
# Once this is done, save the file and then run "ifup eth1". This should bring up the new interface. You can check to see if its enabled by using ifconfig.
== Enable NAT ==
# Now we will need to enable NAT so we can forward traffic to our LAN interface.
# In your console, you will need to open up /etc/sysctl.conf with a text editor. This file is used to change and tweak multiple system variables. Scroll down until you find the following:
<pre># Uncomment the next line to enable packet forwarding for IPv4
#net.ipv4.ip_forward=1
</pre>
# Uncomment the net.ipv4.ip_forward line. This will enable packet forwarding in the kernel. When you are done, save the file.
# Changes to the sysctl.conf file require a reboot, but most can be set without a reboot by echoing response codes to files in /proc. We will get into that more in a later chapter, but for now run the following command to enable ip_forwarding without rebooting the machine. ''echo 1 > /proc/sys/net/ipv4/ip_forward''
# Now we will need to use webmin to setup iptables to allow for NAT. In webmin, Go to Networking, then Linux Firewall. You will be taken to a page that will ask you to setup iptables for the first time. To start, select the option "Block all except SSH, IDENT, ping and high ports on interface eth0." Also select the Enable firewall at boot time option, then press Setup Firewall.
# You will now be shown the firewall setup page. notice how webmin was nice enough to create a handful of default rules for you. We will get into creating custom rules later in this lab, but for now we need to enable NAT in iptables.
# On the top of the page where it says Showing IPtable:, change the dropdown option to Network address translation (nat).
# On this page, under the POSTROUTING category, press the Add Rule button. Use the following configuration to enable NAT:
<pre>Rule comment: Enable NAT for eth1
Action to take: Masquerade
Source ports for masquerading: any
IPs and ports to SNAT: Default
Source address or network: Equals: 192.168.1.1/24
Outgoing Interfce: Equals: eth0</pre>
# When you are done, press Save at the bottom, and then on the firewall page press Apply Configuration. At this point you can use your linux VM as a router, but only with static IP addresses set on clients. So, next we will setup a DHCP server.
== Setup a DHCP Server ==
# To setup a DHCP server, we will first need to install the required software. In your SSH console use your favorite package manager to install isc-dhcp-server.
# After you install the package you may get a warning about isc-dhcp-server being unable to start. This is normal as we have yet to define the interface and settings we want used.
# Now back in Webmin, select the Refresh Modules option. After it is done, go to Servers, then DHCP Server.
# Before we define our DHCP range, we need to set our listening interface. Click on the Edit Network Interface option, and select eth1 and press save.
# Now under Subnets and Shared Networks, select Add a new subnet. Use the following settings:
<pre>Subnet description: LAN DHCP Range
Network Address: 192.168.1.0
Netmask: 255.255.255.0
Address Ranges: 192.168.1.100-192.168.1.254</pre>
# When you are done, press Save. Now, click on the network you just created to review the settings, then press Edit Client Options at the bottom.
# From here we will setup the default gateway and DNS servers for the clients to use. Under Default Routers, set the option to 192.168.1.1 and under DNS servers, set it to 192.168.1.1 as well. Notice how we are setting these options to the IP of eth1 that we setup. This is because our linux VM will act as the router and DNS for our clients as well.
# When you are done, press save, and then on the Edit Subnet page, press save again.
# Now that you are back on the DHCP server page, press the Start Server button. If all goes good, the button should change to "Stop Server". If this does not happen, then the server was unable start. If that happens, re-check your DHCP server configurations to make sure everything is correct.
== Setup a 2nd VM ==
# Now we are going to setup a 2nd VM on the VMWare server so we can have a client to connect to our network we just created. For this though, we will be using Ubuntu Desktop instead of Debian so we have a user interface to help us with testing.
# Once you have Ubuntu installed, reboot the machine and login. Notice how the machine is able to connect to the network. Now, press the Unity Icon in the top left corner, and enter "Terminal". Then, open the terminal application.
# You now have a shell on the system. From here, use sudo ifconfig to check your network settings. Notice how you have a IP from the DHCP pool we created earlier. Now try pinging 172.17.50.10. Are you able to ping? If so, NAT is working properly on your network.
# Now run ping google.com. If you are able to ping, this shows that not only is NAT working, but DNS resolving as well.
# At this point we have a fully functional LAN environment.
== Port Forwarding and Firewalling ==
# Now we are going to enable port forwarding to our VM. This will allow you to access the 2nd VM from the IHITC network.
# So back in webmin, go to Networking, and then Linux Firewall. Now change the Showing IPTable option to Network Address Translation (nat). Now under PREROUTING, press Add Rule.
# For our rule we are going to forward port 2222 to port 22 on our Ubuntu VM. You will need to know the IP address of the Ubuntu Machine, but for this example it will be 192.168.1.100
# Use the following information to create the new rule:
<pre>
Rule comment: Forward 2222 to SSH
Action to take: Destination NAT
IPs and ports for DNAT: IP range: 192.168.1.100: Port range: 22
Network protocol: Equals: TCP
Destination TCP or UDP Port: Equals: 2222
</pre>
* Help: Use the following image for extra reference if required: [http://wiki.ihitc.net/mw/images/f/f3/Port_Forward.png Link]
# When you are done press save, and then Apply Configuration. Now on the Ubuntu VM, make sure openssh-server is installed. From a computer on the IHITC network, try to SSH to port 2222 on your original (Debian) VM. If everything was setup successfully, you will be able to sign into the Ubuntu Desktop VM through the Debian VM.
# Now that we have our network setup up, it is time to secure it with firewall rules. Go back into Webmin. Go to Networking, then Linux Firewall.
# When we first setup iptables we used some default rules, but we are going to secure it a bit by limiting access to only allow clients from the 172.17.0.0/16 networks.
# Under the Incoming packets (INPUT) category, on the top rule, press the upward arrow under the Add category. Use the following options in the ruleset:
<pre>Rule comment: Limit Access
Action to take: Drop
Source address or network: Does not equal: 172.17.0.0/16
Incoming interface: Equals: eth0
</pre>
# Now press save, then press Apply Configuration. This ends the Firewall setup.

== iptables from the command line ==
# Now that you know how to create rules with webmin, lets learn how to do it from the command line.
# If you want to view the current rulesets applied on a system, or you want to backup your current configuration, you would use the iptables-save command. Run it, and review the output. Notice how all of the rules we created in webmin show up.
# Now if you want to backup your rules, you would use iptables-save > rules.txt. This would dump the current configuration into a file called rules.txt.
# To reload the rules into iptables, you would use iptables-restore. With the file we created, we would load it back in by running iptables-restore rules.txt
# Lastly you can create and delete select roles from the command line using the iptables command directly. Use the man page to help you understand the arguments, and try to figure out how to remove the default firewall rule that Accepts packets if the destination port is between 1024 and 65535.
# At this point, we are now going to create some rules in webmin for the firewall. Back in webmin, go to Networking then Linux Firewall. Notice the default rules Webmin created for us earlier. Delete the following rules, but DO NOT press the apply button:
<pre>
Drop If protocol is TCP and destination port is 2049:2050
Drop If protocol is TCP and destination port is 6000:6063
Drop If protocol is TCP and destination port is 7000:7010
</pre>
# Now we need to open ports for our running services. First we will create a rule to allow webmin to continue running. Use the following configuration for the webmin rule:
<pre>Action to take: Accept
Network Protocol: Equals: TCP
Destination TCP or UDP port: Equals: 10000
</pre>
# Now using the same format above, open ports for all running services. This includes SSH, DNS, SNMP, POP3, IMAP, and HTTP.
# When you are done creating the rules, press apply to have the rules enabled on your system.

Franske ITC-2480 Lab 10

2014-03-25T23:07:12Z

Riptide wave: /* iptables from the command line */

=Introduction=
=Lab Procedure=
== Prerequisites ==
# Open an SSH console to your Linux system using the PuTTY software, login with your standard user account
# Have a browser window set to the webmin interface for your linux VM.

== Setup a 2nd NIC Interface ==
# To start this lab we will need to create a second network interface called eth1. We will use eth1 as our LAN interface that will allow other computers to connect to the internet.
# In putty, open up /etc/network/interfaces with your favorite text editor, then go to the bottom of the file and add the following:
<pre>auto eth1
iface eth1 inet static
address 192.168.1.1
netmask 255.255.255.0</pre>
* As this is a LAN only interface, we do not need to define a gateway for the VM, as the VM is the gateway for this network.
# Once this is done, save the file and then run "ifup eth1". This should bring up the new interface. You can check to see if its enabled by using ifconfig.
== Enable NAT ==
# Now we will need to enable NAT so we can forward traffic to our LAN interface.
# In your console, you will need to open up /etc/sysctl.conf with a text editor. This file is used to change and tweak multiple system variables. Scroll down until you find the following:
<pre># Uncomment the next line to enable packet forwarding for IPv4
#net.ipv4.ip_forward=1
</pre>
# Uncomment the net.ipv4.ip_forward line. This will enable packet forwarding in the kernel. When you are done, save the file.
# Changes to the sysctl.conf file require a reboot, but most can be set without a reboot by echoing response codes to files in /proc. We will get into that more in a later chapter, but for now run the following command to enable ip_forwarding without rebooting the machine. ''echo 1 > /proc/sys/net/ipv4/ip_forward''
# Now we will need to use webmin to setup iptables to allow for NAT. In webmin, Go to Networking, then Linux Firewall. You will be taken to a page that will ask you to setup iptables for the first time. To start, select the option "Block all except SSH, IDENT, ping and high ports on interface eth0." Also select the Enable firewall at boot time option, then press Setup Firewall.
# You will now be shown the firewall setup page. notice how webmin was nice enough to create a handful of default rules for you. We will get into creating custom rules later in this lab, but for now we need to enable NAT in iptables.
# On the top of the page where it says Showing IPtable:, change the dropdown option to Network address translation (nat).
# On this page, under the POSTROUTING category, press the Add Rule button. Use the following configuration to enable NAT:
<pre>Rule comment: Enable NAT for eth1
Action to take: Masquerade
Source ports for masquerading: any
IPs and ports to SNAT: Default
Source address or network: Equals: 192.168.1.1/24
Outgoing Interfce: Equals: eth0</pre>
# When you are done, press Save at the bottom, and then on the firewall page press Apply Configuration. At this point you can use your linux VM as a router, but only with static IP addresses set on clients. So, next we will setup a DHCP server.
== Setup a DHCP Server ==
# To setup a DHCP server, we will first need to install the required software. In your SSH console use your favorite package manager to install isc-dhcp-server.
# After you install the package you may get a warning about isc-dhcp-server being unable to start. This is normal as we have yet to define the interface and settings we want used.
# Now back in Webmin, select the Refresh Modules option. After it is done, go to Servers, then DHCP Server.
# Before we define our DHCP range, we need to set our listening interface. Click on the Edit Network Interface option, and select eth1 and press save.
# Now under Subnets and Shared Networks, select Add a new subnet. Use the following settings:
<pre>Subnet description: LAN DHCP Range
Network Address: 192.168.1.0
Netmask: 255.255.255.0
Address Ranges: 192.168.1.100-192.168.1.254</pre>
# When you are done, press Save. Now, click on the network you just created to review the settings, then press Edit Client Options at the bottom.
# From here we will setup the default gateway and DNS servers for the clients to use. Under Default Routers, set the option to 192.168.1.1 and under DNS servers, set it to 192.168.1.1 as well. Notice how we are setting these options to the IP of eth1 that we setup. This is because our linux VM will act as the router and DNS for our clients as well.
# When you are done, press save, and then on the Edit Subnet page, press save again.
# Now that you are back on the DHCP server page, press the Start Server button. If all goes good, the button should change to "Stop Server". If this does not happen, then the server was unable start. If that happens, re-check your DHCP server configurations to make sure everything is correct.
== Setup a 2nd VM ==
# Now we are going to setup a 2nd VM on the VMWare server so we can have a client to connect to our network we just created. For this though, we will be using Ubuntu Desktop instead of Debian so we have a user interface to help us with testing.
# Once you have Ubuntu installed, reboot the machine and login. Notice how the machine is able to connect to the network. Now, press the Unity Icon in the top left corner, and enter "Terminal". Then, open the terminal application.
# You now have a shell on the system. From here, use sudo ifconfig to check your network settings. Notice how you have a IP from the DHCP pool we created earlier. Now try pinging 172.17.50.10. Are you able to ping? If so, NAT is working properly on your network.
# Now run ping google.com. If you are able to ping, this shows that not only is NAT working, but DNS resolving as well.
# At this point we have a fully functional LAN environment.
== Port Forwarding and Firewalling ==
# Now we are going to enable port forwarding to our VM. This will allow you to access the 2nd VM from the IHITC network.
# So back in webmin, go to Networking, and then Linux Firewall. Now change the Showing IPTable option to Network Address Translation (nat). Now under PREROUTING, press Add Rule.
# For our rule we are going to forward port 2222 to port 22 on our Ubuntu VM. You will need to know the IP address of the Ubuntu Machine, but for this example it will be 192.168.1.100
# Use the following information to create the new rule:
<pre>
Rule comment: Forward 2222 to SSH
Action to take: Destination NAT
IPs and ports for DNAT: IP range: 192.168.1.100: Port range: 22
Network protocol: Equals: TCP
Destination TCP or UDP Port: Equals: 2222
</pre>
* Help: Use the following image for extra reference if required: [http://wiki.ihitc.net/mw/images/f/f3/Port_Forward.png Link]
# When you are done press save, and then Apply Configuration. Now on the Ubuntu VM, make sure openssh-server is installed. From a computer on the IHITC network, try to SSH to port 2222 on your VM. If everything was setup successfully, you will be able to sign into the Ubuntu Desktop VM through the Debian VM.
# Now that we have our network setup up, it is time to secure it with firewall rules. Go back into Webmin. Go to Networking, then Linux Firewall.
# When we first setup iptables we used some default rules, but we are going to secure it a bit by limiting access to only allow clients from the 172.17.0.0/16 networks.
# Under the Incoming packets (INPUT) category, on the top rule, press the upward arrow under the Add category. Use the following options in the ruleset:
<pre>Rule comment: Limit Access
Action to take: Drop
Source address or network: Does not equal: 172.17.0.0/16
Incoming interface: Equals: eth0
</pre>
# Now press save, then press Apply Configuration. This ends the Firewall setup.
== iptables from the command line ==
# Now that you know how to create rules with webmin, lets learn how to do it from the command line.
# If you want to view the current rulesets applied on a system, or you want to backup your current configuration, you would use the iptables-save command. Run it, and review the output. Notice how all of the rules we created in webmin show up.
# Now if you want to backup your rules, you would use iptables-save > rules.txt. This would dump the current configuration into a file called rules.txt.
# To reload the rules into iptables, you would use iptables-restore. With the file we created, we would load it back in by running iptables-restore rules.txt
# Lastly you can create and delete select roles from the command line using the iptables command directly. Use the man page to help you understand the arguments, and try to figure out how to remove the default firewall rule that Accepts packets if the destination port is between 1024 and 65535.

Franske ITC-2480 Lab 10

2014-03-25T23:06:36Z

Riptide wave:

=Introduction=
=Lab Procedure=
== Prerequisites ==
# Open an SSH console to your Linux system using the PuTTY software, login with your standard user account
# Have a browser window set to the webmin interface for your linux VM.

== Setup a 2nd NIC Interface ==
# To start this lab we will need to create a second network interface called eth1. We will use eth1 as our LAN interface that will allow other computers to connect to the internet.
# In putty, open up /etc/network/interfaces with your favorite text editor, then go to the bottom of the file and add the following:
<pre>auto eth1
iface eth1 inet static
address 192.168.1.1
netmask 255.255.255.0</pre>
* As this is a LAN only interface, we do not need to define a gateway for the VM, as the VM is the gateway for this network.
# Once this is done, save the file and then run "ifup eth1". This should bring up the new interface. You can check to see if its enabled by using ifconfig.
== Enable NAT ==
# Now we will need to enable NAT so we can forward traffic to our LAN interface.
# In your console, you will need to open up /etc/sysctl.conf with a text editor. This file is used to change and tweak multiple system variables. Scroll down until you find the following:
<pre># Uncomment the next line to enable packet forwarding for IPv4
#net.ipv4.ip_forward=1
</pre>
# Uncomment the net.ipv4.ip_forward line. This will enable packet forwarding in the kernel. When you are done, save the file.
# Changes to the sysctl.conf file require a reboot, but most can be set without a reboot by echoing response codes to files in /proc. We will get into that more in a later chapter, but for now run the following command to enable ip_forwarding without rebooting the machine. ''echo 1 > /proc/sys/net/ipv4/ip_forward''
# Now we will need to use webmin to setup iptables to allow for NAT. In webmin, Go to Networking, then Linux Firewall. You will be taken to a page that will ask you to setup iptables for the first time. To start, select the option "Block all except SSH, IDENT, ping and high ports on interface eth0." Also select the Enable firewall at boot time option, then press Setup Firewall.
# You will now be shown the firewall setup page. notice how webmin was nice enough to create a handful of default rules for you. We will get into creating custom rules later in this lab, but for now we need to enable NAT in iptables.
# On the top of the page where it says Showing IPtable:, change the dropdown option to Network address translation (nat).
# On this page, under the POSTROUTING category, press the Add Rule button. Use the following configuration to enable NAT:
<pre>Rule comment: Enable NAT for eth1
Action to take: Masquerade
Source ports for masquerading: any
IPs and ports to SNAT: Default
Source address or network: Equals: 192.168.1.1/24
Outgoing Interfce: Equals: eth0</pre>
# When you are done, press Save at the bottom, and then on the firewall page press Apply Configuration. At this point you can use your linux VM as a router, but only with static IP addresses set on clients. So, next we will setup a DHCP server.
== Setup a DHCP Server ==
# To setup a DHCP server, we will first need to install the required software. In your SSH console use your favorite package manager to install isc-dhcp-server.
# After you install the package you may get a warning about isc-dhcp-server being unable to start. This is normal as we have yet to define the interface and settings we want used.
# Now back in Webmin, select the Refresh Modules option. After it is done, go to Servers, then DHCP Server.
# Before we define our DHCP range, we need to set our listening interface. Click on the Edit Network Interface option, and select eth1 and press save.
# Now under Subnets and Shared Networks, select Add a new subnet. Use the following settings:
<pre>Subnet description: LAN DHCP Range
Network Address: 192.168.1.0
Netmask: 255.255.255.0
Address Ranges: 192.168.1.100-192.168.1.254</pre>
# When you are done, press Save. Now, click on the network you just created to review the settings, then press Edit Client Options at the bottom.
# From here we will setup the default gateway and DNS servers for the clients to use. Under Default Routers, set the option to 192.168.1.1 and under DNS servers, set it to 192.168.1.1 as well. Notice how we are setting these options to the IP of eth1 that we setup. This is because our linux VM will act as the router and DNS for our clients as well.
# When you are done, press save, and then on the Edit Subnet page, press save again.
# Now that you are back on the DHCP server page, press the Start Server button. If all goes good, the button should change to "Stop Server". If this does not happen, then the server was unable start. If that happens, re-check your DHCP server configurations to make sure everything is correct.
== Setup a 2nd VM ==
# Now we are going to setup a 2nd VM on the VMWare server so we can have a client to connect to our network we just created. For this though, we will be using Ubuntu Desktop instead of Debian so we have a user interface to help us with testing.
# Once you have Ubuntu installed, reboot the machine and login. Notice how the machine is able to connect to the network. Now, press the Unity Icon in the top left corner, and enter "Terminal". Then, open the terminal application.
# You now have a shell on the system. From here, use sudo ifconfig to check your network settings. Notice how you have a IP from the DHCP pool we created earlier. Now try pinging 172.17.50.10. Are you able to ping? If so, NAT is working properly on your network.
# Now run ping google.com. If you are able to ping, this shows that not only is NAT working, but DNS resolving as well.
# At this point we have a fully functional LAN environment.
== Port Forwarding and Firewalling ==
# Now we are going to enable port forwarding to our VM. This will allow you to access the 2nd VM from the IHITC network.
# So back in webmin, go to Networking, and then Linux Firewall. Now change the Showing IPTable option to Network Address Translation (nat). Now under PREROUTING, press Add Rule.
# For our rule we are going to forward port 2222 to port 22 on our Ubuntu VM. You will need to know the IP address of the Ubuntu Machine, but for this example it will be 192.168.1.100
# Use the following information to create the new rule:
<pre>
Rule comment: Forward 2222 to SSH
Action to take: Destination NAT
IPs and ports for DNAT: IP range: 192.168.1.100: Port range: 22
Network protocol: Equals: TCP
Destination TCP or UDP Port: Equals: 2222
</pre>
* Help: Use the following image for extra reference if required: [http://wiki.ihitc.net/mw/images/f/f3/Port_Forward.png Link]
# When you are done press save, and then Apply Configuration. Now on the Ubuntu VM, make sure openssh-server is installed. From a computer on the IHITC network, try to SSH to port 2222 on your VM. If everything was setup successfully, you will be able to sign into the Ubuntu Desktop VM through the Debian VM.
# Now that we have our network setup up, it is time to secure it with firewall rules. Go back into Webmin. Go to Networking, then Linux Firewall.
# When we first setup iptables we used some default rules, but we are going to secure it a bit by limiting access to only allow clients from the 172.17.0.0/16 networks.
# Under the Incoming packets (INPUT) category, on the top rule, press the upward arrow under the Add category. Use the following options in the ruleset:
<pre>Rule comment: Limit Access
Action to take: Drop
Source address or network: Does not equal: 172.17.0.0/16
Incoming interface: Equals: eth0
</pre>
# Now press save, then press Apply Configuration. This ends the Firewall setup.
== iptables on the Command Line ==
# Now that you know how to create rules with webmin, lets learn how to do it from the command line.
# If you want to view the current rulesets applied on a system, or you want to backup your current configuration, you would use the iptables-save command. Run it, and review the output. Notice how all of the rules we created in webmin show up.
# Now if you want to backup your rules, you would use iptables-save > rules.txt. This would dump the current configuration into a file called rules.txt.
# To reload the rules into iptables, you would use iptables-restore. With the file we created, we would load it back in by running iptables-restore rules.txt
# Lastly you can create and delete select roles from the command line using the iptables command directly. Use the man page to help you understand the arguments, and try to figure out how to remove the default firewall rule that Accepts packets if the destination port is between 1024 and 65535.

Franske ITC-2480 Lab 10

2014-03-25T22:52:25Z

Riptide wave:

Franske ITC-2480 Lab 10

2014-03-25T22:51:42Z

Riptide wave:

File:Port Forward.png

2014-03-25T22:51:04Z

Riptide wave:

Franske ITC-2480 Lab 10

2014-03-25T15:32:04Z

Riptide wave:

Franske ITC-2480 Lab 10

2014-03-23T20:28:44Z

=Introduction=
=Lab Procedure=
== Prerequisites ==
# Open an SSH console to your Linux system using the PuTTY software, login with your standard user account

== Setup a 2nd NIC Interface ==

== Enable NAT ==

== Setup a DHCP Server ==

Franske ITC-2480 Assignments

2014-03-23T20:25:44Z

Riptide wave: /* Labs */

=Labs=
You are responsible for completing ALL of these labs. You must submit a [[Franske Lab Report Format|lab report]] for each chapter (you may combine multiple labs from the chapter into a single report). If you work with a partner on a lab you only need to submit a single lab report for the two of you but it must have both your names on it. Each lab report is worth up to 20 points. This falls into the Labs/Homework category of your course grade.

# [[Franske ITC-2480 Lab 1|Lab 1: Install Debian, check IP, remote access with ssh/sftp]]
# [[Franske ITC-2480 Lab 2|Lab 2: Install Links, install Apache, download, copy, move, remove files, tar file extraction, directories]]
# [[Franske ITC-2480 Lab 3|Lab 3: Install sudo, create new user, change ownership and permissions on files/dirs, view man pages, install webmin]]
# [[Franske ITC-2480 Lab 4|Lab 4: redirect/pipe output, create links, create compressed files, text editing]]
# [[Franske ITC-2480 Lab 5|Lab 5: Set static IP, install PHP/mySQL, experiment with websites and databases, view logfiles]]
# [[Franske ITC-2480 Lab 6|Lab 6: Install forum & blog software, experiment with PHP]]
# [[Franske ITC-2480 Lab 7|Lab 7: Install Samba, configure for basic workgroup filesharing]]
# [[Franske ITC-2480 Lab 8|Lab 8: Install Postfix MTA, courier-imap]]
# [[Franske ITC-2480 Lab 9|Lab 9: Install BIND and configure as caching plus zones for a local domain]]
# [[Franske ITC-2480 Lab 10|Lab 10: 2nd NIC internal network configuration]]
# Lab 11: Explore /proc /dev, Partition/format/mount 2nd HDD
# Lab 12: Use of nmap, netstat, MRTG/cacti, Nagios
# Lab 13: Write BASH scripts

=Homework=
Any homework assigned in the course will go here. This falls into the Labs/Homework category of your course grade. Remember, for homework assignments turn in the actual pages from your lab book or printouts from the curriculum and not a lab report. Homework assignment are individual, you and your lab partner need to both turn them in separately even if you work on them together.

=Participation Activities=
Any participation activities completed in the course will go here. This falls into the participation category of your course grade.
* Meet with the instructor once per week to discuss course progress and ask questions (up to 10 points each based on progress)

=Unit Assessments=
You are responsible for completing an online unit assessment for each chapter. These fall into the online assessments category of your course grade.

=Other=
You are also responsible for completing these things, see the course syllabus for category and weighting information.
* Online Final Exam
* Skills Final Exam

=Skills Final Exam=
The Skills Final Exam is designed to test your ability to apply the concepts learned in this class and practiced in labs to common, real-world scenarios.

[[Franske ITC-2480|Return to ITC-2480 Homepage]]

Franske ITC-2480 Lab 9

2014-03-19T23:01:58Z

Riptide wave: /* Adding a AAAA record */

=Introduction=

=Lab Procedure=
== Prerequisites ==
# Open an SSH console to your Linux system using the PuTTY software, login with your standard user account.
# Make sure that webmin is installed on your system.
== Install BIND & Enable Caching ==
# First you will need to install bind. Bind is one of the few available DNS server applications for linux. To install it, use your favorite package manager to install bind9.
# Now we will need to enable DNS caching and forwarding on the bind server. This will allow us to use it for DNS resolving locally, as well as speed up frequent DNS requests. To do this, open up /etc/bind/named.conf.options with your favorite text editor.
# You are now in the local options file for bind. You will need to uncomment out the following lines:
<pre># forwarders {
# 0.0.0.0;
# };</pre>
* Note that you will need to replace 0.0.0.0 with 172.17.139.10 for outside DNS lookups to function.
# The reason we setup a forwarder address is so that domain requests that are not on our system are passed to another DNS server instead of being searched against the root nameservers. You may want to do this in domain or enterprise environments as most large networks have internal domain names setup that only redirect inside of a local LAN. By using a forwarder, as long as the DNS server you push requests to is able to access those internal records, you will be able to access local content from internal domain names instead of needing to rely on IP addresses.
# To apply this change, you will need to restart the Bind DNS serice. to do this run "sudo service bind9 restart". This will restart the Bind DNS service.
# Next we will need to change our DNS server set in /etc/network/interfaces so our eth0 interfaces uses our local system for DNS lookups. To do this, open up your interfaces file with your favorite file editor, and change the dns server to 127.0.0.1. Remember to restart your interface eth0 to apply the changes.
# To test if its working, run the command "nslookup inverhills.edu". If bind is working, you should now see the following output:
<pre>Server: 127.0.0.1
Address: 127.0.0.1#53

Non-authoritative answer:
Name: inverhills.edu
Address: 134.29.183.71
</pre>
* Notice how it shows it is using 127.0.0.1 as the server. If you do not see this, then your interface file is not set to use the local machine for DNS lookups.

== Create a Domain using Webmin ==
# Now we are going to use webmin to create a few different type of domain records. We will go over A (Host), AAAA (IPv6 host), MX (Mail Exchange), and CNAME (Canonical Name).
# Open up your Webmin panel and sign in. Now that we have bind9 installed, you will need to click the Refresh Modules option on the left sidebar to have Webmin recheck the system for installed packages and services.
# Now under the Servers tab, open up BIND DNS Server. Now under Existing DNS Zones, clock Create master zone. From here we will create a new domain name for our server to host.
# Now use the following options, where * is your System ID that was defined in [[Franske ITC-2480 Lab 5|Lab 5.]]
<pre>Zone type: Forward (Names to Addresses)
Domain name / Network: debserv-*.test
Records file: Automatic
Master server: Leave as your hostname
Email address: root@debserv-*.test</pre>
# Now click the create button to add our domain. As this point you should now be on the Edit Master Zone page. From here you can add and edit domain record settings.
# To create our A record which will point your domain to a IP address, click the Address button. For the Name enter @. the @ symbol in DNS Zones defines the parent domain. Now under address, enter your VM's static IP we set back in [[Franske ITC-2480 Lab 5|Lab 5]] and click Create. Now return back to the main BIND DNS Server page again. When there, click the Apply Configuration option in the top right corner.
# Now we will test the A record we just created. .use nslookup to lookup the domain you just created, which should be debserv-*.test by entering "nslookup debserv-*.test"
* Remember, * is used to represent your given letter to use in lab 5. Also, if you have issues looking up the domain, make sure that nslookup is still set to use 127.0.0.1 as the Server. If not, check your /etc/resolv.conf file.
== Adding additional record types ==
# Now we are going to add a few more record types to our Domain. This will include a MX (Mail Exchange) and CNAME (Canonical Name) record.
# We will start with the MX record. MX records are used by email servers to look up where to forward email for a specific domain.
# So to create a MX record we will use Webmin again. In Webmin on the BIND DNS Server page, click the domain on the bottom named debserv-*.test and then click the Mail Server button. Under name, enter @ again, and for the address enter your VM's static IP address. Now for Priority, enter 1. The Priority entry allows people to define more than 1 MX record for a domain, and the Priority defines which one should be used before the rest.
# Now go back to the domain zone overview page. We are now going to create a CNAME record. CNAME records are useful as they allow you to create virtual A records, but point them to a domain name instead of a host. This is most helpful in situations where you have a dynamic IP address on a system that always has a common DNS name.
# Now on the Edit Master Zone page for your domain, click the Name Alias button. For the Name, enter "blog" and for the Real Name, enter your domain "debserv-*.test." but remember to put a period at the end of the domain as this is an absolute name. Then press create to add the record.
# Now press the Apply Configuration option in the top right of the page again. This will apply the records you have created. Now back in putty, run "nslookup blog.debserv-*.test". You should get a response similar to:
<pre>Server: 127.0.0.1
Address: 127.0.0.1#53

blog.debserv-*.test canonical name = debserv-*.test.
Name: debserv-*.test
Address: 172.17.50.XXX
</pre>
# Now we are going to create a virtual web host in apache that listens for the domain blog.debserv-*.test, and then forwards you directly to your blog folder.
# In Webmin under the servers tab, select Apache Webserver. Then on the top, click the Create virtual host button and use the following Configuration:
<pre>Handle Connections to Address: any address
Port: 80
Document Root: /var/www/blog/
Server Name: blog.debserv-*.test
Add virtual server to file: new file under virtual servers directory
Copy directives from: nowhere
</pre>
# When done, press Create Now. When you are back at the Apache Webserver page, then click Apply Changes in the top right.
# Now in a SSH session, open up your favorite command line web browser like w3m and visit blog.debserv-*.test. Notice how you are now visiting the blog directly, instead of your modified index.html file. This is because we setup a virtual host in apache that listens for requests directly from the CNAME we created.
# Congrats, at this point you have a basic domain working with a MX, CNAME, and A record.

== Adding a AAAA record ==
# Now we are going to add an AAAA (IPv6 host) record to our domain. To do this, we will first need to make sure that IPv6 networking is setup in our virtual machine.
# In putty, using your favorite text editor, open up /etc/network/interfaces. We are going to enable IPv6 over DHCP to make sure that IPv6 is running on our VM. Add "iface eth0 inet6 dhcp" to the end if the eth0 configuration to do this. Your interface should now look similar to this:
<pre>auto eth0
iface eth0 inet static
address 172.17.50.xxx
netmask 255.255.255.0
gateway 172.17.50.1
dns-nameservers xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
iface eth0 inet6 dhcp</pre>
# Afterwords, restart the eth0 interface by using "ifdown eth0 && ifup eth0". Remember that you need to run this command as root otherwise it will not work.
# Now use ifconfig to find your IPv6 address. Remember this as we will use it in webmin to create our AAAA record.
# Back in webmin, under servers and BIND DNS Server, select your debserv-*.test domain from the bottom and then click the IPv6 Address button. For the name, enter @ and for the address enter your IPv6 address WITHOUT the subnet prefix. It should look similar to this. 2607:f930:1c00:50:xxxx:xxxx:xxxx:xxxx
# When done press create. Remember to press the apply configuration button in the top right to make these changes applied. Now use nslookup to lookup your domain, and notice how you now have a IPv6 and IPv4 record for your domain.
# Congratulations, you have not setup a dual-stack DNS server for your debian server.

== Adding a Delegated Domain ==
# Now we are going to add another domain to the system, but this domain is a delegated domain. Luckily we can add this to BIND the same way we added our first domain.
# So in Webmin, go to Servers, then BIND DNS Server. Then under Existing DNS Zones, Click on Create Master Zone and use the following settings:
<pre>Zone type: Forward (Names to Addresses)
Domain name / Network: *.itc2480.campus.ihitc.net
Records file: Automatic
Master server: Leave as your hostname
Email address: root@ *.itc2480.campus.ihitc.net</pre>
* NOTE: the * stands for your hostname letter, the same as you used for the other domain we created.
# Now using webmin, create an A record for @ the same way as we did for the last domain. If you need help with this step, you can review the process we did earlier.

== Manually editing a zone file ==
# Lastly we are going to look at the domain zone file. While webmin provides a nice interface to add records, all it is doing is manually adding our records to our zone file. When you use BIND for DNS, every domain created gets its own record file which is called the zone file. In this file all subdomains and records are stored for said domain.
# By default, the location for these records will be in /var/lib/bind, so cd into that folder and ls the contents.
# Now, with your favorite text editor, open up the file. It should look similar to this:
<pre>$ttl 38400
debserv-A.test. IN SOA VMHostname. root.debserv-A.test. (
1395013947
10800
3600
604800
38400 )
debserv-A.test. IN NS VMHostname.
debserv-A.test. IN A 172.17.50.XXX
debserv-A.test. IN MX 1 172.17.50.XXX
cname.debserv-A.test. IN CNAME debserv-A.test.</pre>
# Notice the formatting for domain records. Each record is defined by the domain or subdomain, IN, then the record type, followed by what the record is pointed to.
# For this example, we want to change the MX priority from 1 to 10, so change the MX record settings using your text editor.
# When you are done, restart the bind9 service to reload the changes. We will now use a new command, dig, to lookup the record to make sure the changes were applied correctly.
* Note: when restarting bind, if you have any errors restarting the service this normally means you have a typo in one of your zone files. If this is the case, go through the file again in a text editor to make sure you did not add anything extra.
# dig is a very powerful DNS tool that allows you to lookup specific records for DNS domains, as well as many other things such as PTR, or reverse records. For our reasons though, we will use it to lookup the edited MX record. To do this, run "dig MX debserv-*.test".
* Note: If you are having issues, add @127.0.0.1 to the end of the dig command to force dig to use the local DNS server.
# You should see the following response:
<pre>; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> MX debserv-*.test @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59875
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;debserv-*.test. IN MX

;; ANSWER SECTION:
debserv-*.test. 38400 IN MX 10 172.17.50.XXX.debserv-*.test.

;; AUTHORITY SECTION:
debserv-*.test. 38400 IN NS VMHostname.

;; Query time: 4 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sun Mar 16 20:40:02 2014
;; MSG SIZE rcvd: 78</pre>
# Notice how the Answer Section shows the MX record is pointed to the IP of the domain, and that the priority is set to 10.
# Congrats, you have now setup a functional DNS server.

Franske ITC-2480 Lab 9

2014-03-19T02:25:38Z

Riptide wave: /* Adding a Forwarded Domain */

=Introduction=

=Lab Procedure=
== Prerequisites ==
# Open an SSH console to your Linux system using the PuTTY software, login with your standard user account.
# Make sure that webmin is installed on your system.
== Install BIND & Enable Caching ==
# First you will need to install bind. Bind is one of the few available DNS server applications for linux. To install it, use your favorite package manager to install bind9.
# Now we will need to enable DNS caching and forwarding on the bind server. This will allow us to use it for DNS resolving locally, as well as speed up frequent DNS requests. To do this, open up /etc/bind/named.conf.options with your favorite text editor.
# You are now in the local options file for bind. You will need to uncomment out the following lines:
<pre># forwarders {
# 0.0.0.0;
# };</pre>
* Note that you will need to replace 0.0.0.0 with 172.17.139.10 for outside DNS lookups to function.
# The reason we setup a forwarder address is so that domain requests that are not on our system are passed to another DNS server instead of being searched against the root nameservers. You may want to do this in domain or enterprise environments as most large networks have internal domain names setup that only redirect inside of a local LAN. By using a forwarder, as long as the DNS server you push requests to is able to access those internal records, you will be able to access local content from internal domain names instead of needing to rely on IP addresses.
# To apply this change, you will need to restart the Bind DNS serice. to do this run "sudo service bind9 restart". This will restart the Bind DNS service.
# Next we will need to change our DNS server set in /etc/network/interfaces so our eth0 interfaces uses our local system for DNS lookups. To do this, open up your interfaces file with your favorite file editor, and change the dns server to 127.0.0.1. Remember to restart your interface eth0 to apply the changes.
# To test if its working, run the command "nslookup inverhills.edu". If bind is working, you should now see the following output:
<pre>Server: 127.0.0.1
Address: 127.0.0.1#53

Non-authoritative answer:
Name: inverhills.edu
Address: 134.29.183.71
</pre>
* Notice how it shows it is using 127.0.0.1 as the server. If you do not see this, then your interface file is not set to use the local machine for DNS lookups.

== Create a Domain using Webmin ==
# Now we are going to use webmin to create a few different type of domain records. We will go over A (Host), AAAA (IPv6 host), MX (Mail Exchange), and CNAME (Canonical Name).
# Open up your Webmin panel and sign in. Now that we have bind9 installed, you will need to click the Refresh Modules option on the left sidebar to have Webmin recheck the system for installed packages and services.
# Now under the Servers tab, open up BIND DNS Server. Now under Existing DNS Zones, clock Create master zone. From here we will create a new domain name for our server to host.
# Now use the following options, where * is your System ID that was defined in [[Franske ITC-2480 Lab 5|Lab 5.]]
<pre>Zone type: Forward (Names to Addresses)
Domain name / Network: debserv-*.test
Records file: Automatic
Master server: Leave as your hostname
Email address: root@debserv-*.test</pre>
# Now click the create button to add our domain. As this point you should now be on the Edit Master Zone page. From here you can add and edit domain record settings.
# To create our A record which will point your domain to a IP address, click the Address button. For the Name enter @. the @ symbol in DNS Zones defines the parent domain. Now under address, enter your VM's static IP we set back in [[Franske ITC-2480 Lab 5|Lab 5]] and click Create. Now return back to the main BIND DNS Server page again. When there, click the Apply Configuration option in the top right corner.
# Now we will test the A record we just created. .use nslookup to lookup the domain you just created, which should be debserv-*.test by entering "nslookup debserv-*.test"
* Remember, * is used to represent your given letter to use in lab 5. Also, if you have issues looking up the domain, make sure that nslookup is still set to use 127.0.0.1 as the Server. If not, check your /etc/resolv.conf file.
== Adding additional record types ==
# Now we are going to add a few more record types to our Domain. This will include a MX (Mail Exchange) and CNAME (Canonical Name) record.
# We will start with the MX record. MX records are used by email servers to look up where to forward email for a specific domain.
# So to create a MX record we will use Webmin again. In Webmin on the BIND DNS Server page, click the domain on the bottom named debserv-*.test and then click the Mail Server button. Under name, enter @ again, and for the address enter your VM's static IP address. Now for Priority, enter 1. The Priority entry allows people to define more than 1 MX record for a domain, and the Priority defines which one should be used before the rest.
# Now go back to the domain zone overview page. We are now going to create a CNAME record. CNAME records are useful as they allow you to create virtual A records, but point them to a domain name instead of a host. This is most helpful in situations where you have a dynamic IP address on a system that always has a common DNS name.
# Now on the Edit Master Zone page for your domain, click the Name Alias button. For the Name, enter "blog" and for the Real Name, enter your domain "debserv-*.test." but remember to put a period at the end of the domain as this is an absolute name. Then press create to add the record.
# Now press the Apply Configuration option in the top right of the page again. This will apply the records you have created. Now back in putty, run "nslookup blog.debserv-*.test". You should get a response similar to:
<pre>Server: 127.0.0.1
Address: 127.0.0.1#53

blog.debserv-*.test canonical name = debserv-*.test.
Name: debserv-*.test
Address: 172.17.50.XXX
</pre>
# Now we are going to create a virtual web host in apache that listens for the domain blog.debserv-*.test, and then forwards you directly to your blog folder.
# In Webmin under the servers tab, select Apache Webserver. Then on the top, click the Create virtual host button and use the following Configuration:
<pre>Handle Connections to Address: any address
Port: 80
Document Root: /var/www/blog/
Server Name: blog.debserv-*.test
Add virtual server to file: new file under virtual servers directory
Copy directives from: nowhere
</pre>
# When done, press Create Now. When you are back at the Apache Webserver page, then click Apply Changes in the top right.
# Now in a SSH session, open up your favorite command line web browser like w3m and visit blog.debserv-*.test. Notice how you are now visiting the blog directly, instead of your modified index.html file. This is because we setup a virtual host in apache that listens for requests directly from the CNAME we created.
# Congrats, at this point you have a basic domain working with a MX, CNAME, and A record.

== Adding a AAAA record ==
# Now we are going to add an AAAA (IPv6 host) record to our domain. To do this, we will first need to make sure that IPv6 networking is setup in our virtual machine.
# In putty, using your favorite text editor, open up /etc/network/interfaces. We are going to enable IPv6 over DHCP to make sure that IPv6 is running on our VM. Add "iface eth0 inet6 dhcp" to the end if the eth0 configuration to do this. Your interface should now look similar to this:
<pre>auto eth0
iface eth0 inet static
address 172.17.50.xxx
netmask 255.255.255.0
gateway 172.17.50.1
dns-nameservers xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
iface eth0 inet6 dhcp</pre>
# Afterwords, restart the eth0 interface by using "ifdown eth0 && ifup eth0". Remember that you need to run this command as root otherwise it will not work.
# Now use ifconfig to find your IPv6 address. Remember this as we will use it in webmin to create our AAAA record.
# Back in webmin, under servers and BIND DNS Server, select your debserv-*.test domain from the bottom and then click the IPv6 Address button. For the name, enter @ and for the address enter your IPv6 address as well as the subnet prefix. It should look similar to this. 2607:f930:1c00:50:xxxx:xxxx:xxxx:xxxx/64
# When done press create. Remember to press the apply configuration button in the top right to make these changes applied. Now use nslookup to lookup your domain, and notice how you now have a IPv6 and IPv4 record for your domain.
# Congratulations, you have not setup a dual-stack DNS server for your debian server.

== Adding a Forwarded Domain ==
# Now we are going to add another domain to the system, but this domain is a forwarded domain. Luckily we can add this to BIND the same way we added our first domain.
# So in Webmin, go to Servers, then BIND DNS Server. Then under Existing DNS Zones, Click on Create Master Zone and use the following settings:
<pre>Zone type: Forward (Names to Addresses)
Domain name / Network: *.itc2480.campus.ihitc.net
Records file: Automatic
Master server: Leave as your hostname
Email address: root@ *.itc2480.campus.ihitc.net</pre>
* NOTE: the * stands for your hostname letter, the same as you used for the other domain we created.
# Now using webmin, create an A record for @ the same way as we did for the last domain. If you need help with this step, you can review the process we did earlier.

== Manually editing a zone file ==
# Lastly we are going to look at the domain zone file. While webmin provides a nice interface to add records, all it is doing is manually adding our records to our zone file. When you use BIND for DNS, every domain created gets its own record file which is called the zone file. In this file all subdomains and records are stored for said domain.
# By default, the location for these records will be in /var/lib/bind, so cd into that folder and ls the contents.
# Now, with your favorite text editor, open up the file. It should look similar to this:
<pre>$ttl 38400
debserv-A.test. IN SOA VMHostname. root.debserv-A.test. (
1395013947
10800
3600
604800
38400 )
debserv-A.test. IN NS VMHostname.
debserv-A.test. IN A 172.17.50.XXX
debserv-A.test. IN MX 1 172.17.50.XXX
cname.debserv-A.test. IN CNAME debserv-A.test.</pre>
# Notice the formatting for domain records. Each record is defined by the domain or subdomain, IN, then the record type, followed by what the record is pointed to.
# For this example, we want to change the MX priority from 1 to 10, so change the MX record settings using your text editor.
# When you are done, restart the bind9 service to reload the changes. We will now use a new command, dig, to lookup the record to make sure the changes were applied correctly.
* Note: when restarting bind, if you have any errors restarting the service this normally means you have a typo in one of your zone files. If this is the case, go through the file again in a text editor to make sure you did not add anything extra.
# dig is a very powerful DNS tool that allows you to lookup specific records for DNS domains, as well as many other things such as PTR, or reverse records. For our reasons though, we will use it to lookup the edited MX record. To do this, run "dig MX debserv-*.test".
* Note: If you are having issues, add @127.0.0.1 to the end of the dig command to force dig to use the local DNS server.
# You should see the following response:
<pre>; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> MX debserv-*.test @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59875
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;debserv-*.test. IN MX

;; ANSWER SECTION:
debserv-*.test. 38400 IN MX 10 172.17.50.XXX.debserv-*.test.

;; AUTHORITY SECTION:
debserv-*.test. 38400 IN NS VMHostname.

;; Query time: 4 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sun Mar 16 20:40:02 2014
;; MSG SIZE rcvd: 78</pre>
# Notice how the Answer Section shows the MX record is pointed to the IP of the domain, and that the priority is set to 10.
# Congrats, you have now setup a functional DNS server.

Franske ITC-2480 Lab 9

2014-03-18T23:18:06Z

Riptide wave: /* Adding an AAAA record */

=Introduction=

=Lab Procedure=
== Prerequisites ==
# Open an SSH console to your Linux system using the PuTTY software, login with your standard user account.
# Make sure that webmin is installed on your system.
== Install BIND & Enable Caching ==
# First you will need to install bind. Bind is one of the few available DNS server applications for linux. To install it, use your favorite package manager to install bind9.
# Now we will need to enable DNS caching and forwarding on the bind server. This will allow us to use it for DNS resolving locally, as well as speed up frequent DNS requests. To do this, open up /etc/bind/named.conf.options with your favorite text editor.
# You are now in the local options file for bind. You will need to uncomment out the following lines:
<pre># forwarders {
# 0.0.0.0;
# };</pre>
* Note that you will need to replace 0.0.0.0 with 172.17.139.10 for outside DNS lookups to function.
# The reason we setup a forwarder address is so that domain requests that are not on our system are passed to another DNS server instead of being searched against the root nameservers. You may want to do this in domain or enterprise environments as most large networks have internal domain names setup that only redirect inside of a local LAN. By using a forwarder, as long as the DNS server you push requests to is able to access those internal records, you will be able to access local content from internal domain names instead of needing to rely on IP addresses.
# To apply this change, you will need to restart the Bind DNS serice. to do this run "sudo service bind9 restart". This will restart the Bind DNS service.
# Next we will need to change our DNS server set in /etc/network/interfaces so our eth0 interfaces uses our local system for DNS lookups. To do this, open up your interfaces file with your favorite file editor, and change the dns server to 127.0.0.1. Remember to restart your interface eth0 to apply the changes.
# To test if its working, run the command "nslookup inverhills.edu". If bind is working, you should now see the following output:
<pre>Server: 127.0.0.1
Address: 127.0.0.1#53

Non-authoritative answer:
Name: inverhills.edu
Address: 134.29.183.71
</pre>
* Notice how it shows it is using 127.0.0.1 as the server. If you do not see this, then your interface file is not set to use the local machine for DNS lookups.

== Create a Domain using Webmin ==
# Now we are going to use webmin to create a few different type of domain records. We will go over A (Host), AAAA (IPv6 host), MX (Mail Exchange), and CNAME (Canonical Name).
# Open up your Webmin panel and sign in. Now that we have bind9 installed, you will need to click the Refresh Modules option on the left sidebar to have Webmin recheck the system for installed packages and services.
# Now under the Servers tab, open up BIND DNS Server. Now under Existing DNS Zones, clock Create master zone. From here we will create a new domain name for our server to host.
# Now use the following options, where * is your System ID that was defined in [[Franske ITC-2480 Lab 5|Lab 5.]]
<pre>Zone type: Forward (Names to Addresses)
Domain name / Network: debserv-*.test
Records file: Automatic
Master server: Leave as your hostname
Email address: root@debserv-*.test</pre>
# Now click the create button to add our domain. As this point you should now be on the Edit Master Zone page. From here you can add and edit domain record settings.
# To create our A record which will point your domain to a IP address, click the Address button. For the Name enter @. the @ symbol in DNS Zones defines the parent domain. Now under address, enter your VM's static IP we set back in [[Franske ITC-2480 Lab 5|Lab 5]] and click Create. Now return back to the main BIND DNS Server page again. When there, click the Apply Configuration option in the top right corner.
# Now we will test the A record we just created. .use nslookup to lookup the domain you just created, which should be debserv-*.test by entering "nslookup debserv-*.test"
* Remember, * is used to represent your given letter to use in lab 5. Also, if you have issues looking up the domain, make sure that nslookup is still set to use 127.0.0.1 as the Server. If not, check your /etc/resolv.conf file.
== Adding additional record types ==
# Now we are going to add a few more record types to our Domain. This will include a MX (Mail Exchange) and CNAME (Canonical Name) record.
# We will start with the MX record. MX records are used by email servers to look up where to forward email for a specific domain.
# So to create a MX record we will use Webmin again. In Webmin on the BIND DNS Server page, click the domain on the bottom named debserv-*.test and then click the Mail Server button. Under name, enter @ again, and for the address enter your VM's static IP address. Now for Priority, enter 1. The Priority entry allows people to define more than 1 MX record for a domain, and the Priority defines which one should be used before the rest.
# Now go back to the domain zone overview page. We are now going to create a CNAME record. CNAME records are useful as they allow you to create virtual A records, but point them to a domain name instead of a host. This is most helpful in situations where you have a dynamic IP address on a system that always has a common DNS name.
# Now on the Edit Master Zone page for your domain, click the Name Alias button. For the Name, enter "blog" and for the Real Name, enter your domain "debserv-*.test." but remember to put a period at the end of the domain as this is an absolute name. Then press create to add the record.
# Now press the Apply Configuration option in the top right of the page again. This will apply the records you have created. Now back in putty, run "nslookup blog.debserv-*.test". You should get a response similar to:
<pre>Server: 127.0.0.1
Address: 127.0.0.1#53

blog.debserv-*.test canonical name = debserv-*.test.
Name: debserv-*.test
Address: 172.17.50.XXX
</pre>
# Now we are going to create a virtual web host in apache that listens for the domain blog.debserv-*.test, and then forwards you directly to your blog folder.
# In Webmin under the servers tab, select Apache Webserver. Then on the top, click the Create virtual host button and use the following Configuration:
<pre>Handle Connections to Address: any address
Port: 80
Document Root: /var/www/blog/
Server Name: blog.debserv-*.test
Add virtual server to file: new file under virtual servers directory
Copy directives from: nowhere
</pre>
# When done, press Create Now. When you are back at the Apache Webserver page, then click Apply Changes in the top right.
# Now in a SSH session, open up your favorite command line web browser like w3m and visit blog.debserv-*.test. Notice how you are now visiting the blog directly, instead of your modified index.html file. This is because we setup a virtual host in apache that listens for requests directly from the CNAME we created.
# Congrats, at this point you have a basic domain working with a MX, CNAME, and A record.

== Adding a AAAA record ==
# Now we are going to add an AAAA (IPv6 host) record to our domain. To do this, we will first need to make sure that IPv6 networking is setup in our virtual machine.
# In putty, using your favorite text editor, open up /etc/network/interfaces. We are going to enable IPv6 over DHCP to make sure that IPv6 is running on our VM. Add "iface eth0 inet6 dhcp" to the end if the eth0 configuration to do this. Your interface should now look similar to this:
<pre>auto eth0
iface eth0 inet static
address 172.17.50.xxx
netmask 255.255.255.0
gateway 172.17.50.1
dns-nameservers xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
iface eth0 inet6 dhcp</pre>
# Afterwords, restart the eth0 interface by using "ifdown eth0 && ifup eth0". Remember that you need to run this command as root otherwise it will not work.
# Now use ifconfig to find your IPv6 address. Remember this as we will use it in webmin to create our AAAA record.
# Back in webmin, under servers and BIND DNS Server, select your debserv-*.test domain from the bottom and then click the IPv6 Address button. For the name, enter @ and for the address enter your IPv6 address as well as the subnet prefix. It should look similar to this. 2607:f930:1c00:50:xxxx:xxxx:xxxx:xxxx/64
# When done press create. Remember to press the apply configuration button in the top right to make these changes applied. Now use nslookup to lookup your domain, and notice how you now have a IPv6 and IPv4 record for your domain.
# Congratulations, you have not setup a dual-stack DNS server for your debian server.

== Adding a Forwarded Domain ==

== Manually editing a zone file ==
# Lastly we are going to look at the domain zone file. While webmin provides a nice interface to add records, all it is doing is manually adding our records to our zone file. When you use BIND for DNS, every domain created gets its own record file which is called the zone file. In this file all subdomains and records are stored for said domain.
# By default, the location for these records will be in /var/lib/bind, so cd into that folder and ls the contents.
# Now, with your favorite text editor, open up the file. It should look similar to this:
<pre>$ttl 38400
debserv-A.test. IN SOA VMHostname. root.debserv-A.test. (
1395013947
10800
3600
604800
38400 )
debserv-A.test. IN NS VMHostname.
debserv-A.test. IN A 172.17.50.XXX
debserv-A.test. IN MX 1 172.17.50.XXX
cname.debserv-A.test. IN CNAME debserv-A.test.</pre>
# Notice the formatting for domain records. Each record is defined by the domain or subdomain, IN, then the record type, followed by what the record is pointed to.
# For this example, we want to change the MX priority from 1 to 10, so change the MX record settings using your text editor.
# When you are done, restart the bind9 service to reload the changes. We will now use a new command, dig, to lookup the record to make sure the changes were applied correctly.
* Note: when restarting bind, if you have any errors restarting the service this normally means you have a typo in one of your zone files. If this is the case, go through the file again in a text editor to make sure you did not add anything extra.
# dig is a very powerful DNS tool that allows you to lookup specific records for DNS domains, as well as many other things such as PTR, or reverse records. For our reasons though, we will use it to lookup the edited MX record. To do this, run "dig MX debserv-*.test".
* Note: If you are having issues, add @127.0.0.1 to the end of the dig command to force dig to use the local DNS server.
# You should see the following response:
<pre>; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> MX debserv-*.test @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59875
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;debserv-*.test. IN MX

;; ANSWER SECTION:
debserv-*.test. 38400 IN MX 10 172.17.50.XXX.debserv-*.test.

;; AUTHORITY SECTION:
debserv-*.test. 38400 IN NS VMHostname.

;; Query time: 4 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sun Mar 16 20:40:02 2014
;; MSG SIZE rcvd: 78</pre>
# Notice how the Answer Section shows the MX record is pointed to the IP of the domain, and that the priority is set to 10.
# Congrats, you have now setup a functional DNS server.

Franske ITC-2480 Lab 9

2014-03-18T23:16:15Z

Riptide wave: /* Adding an AAAA record */

=Introduction=

=Lab Procedure=
== Prerequisites ==
# Open an SSH console to your Linux system using the PuTTY software, login with your standard user account.
# Make sure that webmin is installed on your system.
== Install BIND & Enable Caching ==
# First you will need to install bind. Bind is one of the few available DNS server applications for linux. To install it, use your favorite package manager to install bind9.
# Now we will need to enable DNS caching and forwarding on the bind server. This will allow us to use it for DNS resolving locally, as well as speed up frequent DNS requests. To do this, open up /etc/bind/named.conf.options with your favorite text editor.
# You are now in the local options file for bind. You will need to uncomment out the following lines:
<pre># forwarders {
# 0.0.0.0;
# };</pre>
* Note that you will need to replace 0.0.0.0 with 172.17.139.10 for outside DNS lookups to function.
# The reason we setup a forwarder address is so that domain requests that are not on our system are passed to another DNS server instead of being searched against the root nameservers. You may want to do this in domain or enterprise environments as most large networks have internal domain names setup that only redirect inside of a local LAN. By using a forwarder, as long as the DNS server you push requests to is able to access those internal records, you will be able to access local content from internal domain names instead of needing to rely on IP addresses.
# To apply this change, you will need to restart the Bind DNS serice. to do this run "sudo service bind9 restart". This will restart the Bind DNS service.
# Next we will need to change our DNS server set in /etc/network/interfaces so our eth0 interfaces uses our local system for DNS lookups. To do this, open up your interfaces file with your favorite file editor, and change the dns server to 127.0.0.1. Remember to restart your interface eth0 to apply the changes.
# To test if its working, run the command "nslookup inverhills.edu". If bind is working, you should now see the following output:
<pre>Server: 127.0.0.1
Address: 127.0.0.1#53

Non-authoritative answer:
Name: inverhills.edu
Address: 134.29.183.71
</pre>
* Notice how it shows it is using 127.0.0.1 as the server. If you do not see this, then your interface file is not set to use the local machine for DNS lookups.

== Create a Domain using Webmin ==
# Now we are going to use webmin to create a few different type of domain records. We will go over A (Host), AAAA (IPv6 host), MX (Mail Exchange), and CNAME (Canonical Name).
# Open up your Webmin panel and sign in. Now that we have bind9 installed, you will need to click the Refresh Modules option on the left sidebar to have Webmin recheck the system for installed packages and services.
# Now under the Servers tab, open up BIND DNS Server. Now under Existing DNS Zones, clock Create master zone. From here we will create a new domain name for our server to host.
# Now use the following options, where * is your System ID that was defined in [[Franske ITC-2480 Lab 5|Lab 5.]]
<pre>Zone type: Forward (Names to Addresses)
Domain name / Network: debserv-*.test
Records file: Automatic
Master server: Leave as your hostname
Email address: root@debserv-*.test</pre>
# Now click the create button to add our domain. As this point you should now be on the Edit Master Zone page. From here you can add and edit domain record settings.
# To create our A record which will point your domain to a IP address, click the Address button. For the Name enter @. the @ symbol in DNS Zones defines the parent domain. Now under address, enter your VM's static IP we set back in [[Franske ITC-2480 Lab 5|Lab 5]] and click Create. Now return back to the main BIND DNS Server page again. When there, click the Apply Configuration option in the top right corner.
# Now we will test the A record we just created. .use nslookup to lookup the domain you just created, which should be debserv-*.test by entering "nslookup debserv-*.test"
* Remember, * is used to represent your given letter to use in lab 5. Also, if you have issues looking up the domain, make sure that nslookup is still set to use 127.0.0.1 as the Server. If not, check your /etc/resolv.conf file.
== Adding additional record types ==
# Now we are going to add a few more record types to our Domain. This will include a MX (Mail Exchange) and CNAME (Canonical Name) record.
# We will start with the MX record. MX records are used by email servers to look up where to forward email for a specific domain.
# So to create a MX record we will use Webmin again. In Webmin on the BIND DNS Server page, click the domain on the bottom named debserv-*.test and then click the Mail Server button. Under name, enter @ again, and for the address enter your VM's static IP address. Now for Priority, enter 1. The Priority entry allows people to define more than 1 MX record for a domain, and the Priority defines which one should be used before the rest.
# Now go back to the domain zone overview page. We are now going to create a CNAME record. CNAME records are useful as they allow you to create virtual A records, but point them to a domain name instead of a host. This is most helpful in situations where you have a dynamic IP address on a system that always has a common DNS name.
# Now on the Edit Master Zone page for your domain, click the Name Alias button. For the Name, enter "blog" and for the Real Name, enter your domain "debserv-*.test." but remember to put a period at the end of the domain as this is an absolute name. Then press create to add the record.
# Now press the Apply Configuration option in the top right of the page again. This will apply the records you have created. Now back in putty, run "nslookup blog.debserv-*.test". You should get a response similar to:
<pre>Server: 127.0.0.1
Address: 127.0.0.1#53

blog.debserv-*.test canonical name = debserv-*.test.
Name: debserv-*.test
Address: 172.17.50.XXX
</pre>
# Now we are going to create a virtual web host in apache that listens for the domain blog.debserv-*.test, and then forwards you directly to your blog folder.
# In Webmin under the servers tab, select Apache Webserver. Then on the top, click the Create virtual host button and use the following Configuration:
<pre>Handle Connections to Address: any address
Port: 80
Document Root: /var/www/blog/
Server Name: blog.debserv-*.test
Add virtual server to file: new file under virtual servers directory
Copy directives from: nowhere
</pre>
# When done, press Create Now. When you are back at the Apache Webserver page, then click Apply Changes in the top right.
# Now in a SSH session, open up your favorite command line web browser like w3m and visit blog.debserv-*.test. Notice how you are now visiting the blog directly, instead of your modified index.html file. This is because we setup a virtual host in apache that listens for requests directly from the CNAME we created.
# Congrats, at this point you have a basic domain working with a MX, CNAME, and A record.

== Adding an AAAA record ==
# Now we are going to add an AAAA (IPv6 host) record to our domain. To do this, we will first need to make sure that IPv6 networking is setup in our virtual machine.
# In putty, using your favorite text editor, open up /etc/network/interfaces. We are going to enable IPv6 over DHCP to make sure that IPv6 is running on our VM. Add "iface eth0 inet6 dhcp" to the end if the eth0 configuration to do this. Your interface should now look similar to this:
<pre>auto eth0
iface eth0 inet static
address 172.17.50.xxx
netmask 255.255.255.0
gateway 172.17.50.1
dns-nameservers xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
iface eth0 inet6 dhcp</pre>
# Afterwords, restart the eth0 interface by using "ifdown eth0 && ifup eth0". Remember that you need to run this command as root otherwise it will not work.
# Now use ifconfig to find your IPv6 address. Remember this as we will use it in webmin to create our AAAA record.
# Back in webmin, under servers and BIND DNS Server, select your debserv-*.test domain from the bottom and then click the IPv6 Address button. For the name, enter @ and for the address enter your IPv6 address as well as the subnet prefix. It should look similar to this. 2607:f930:1c00:50:xxxx:xxxx:xxxx:xxxx/64
# When done press create. Remember to press the apply configuration button in the top right to make these changes applied. Now use nslookup to lookup your domain, and notice how you now have a IPv6 and IPv4 record for your domain.
# Congratulations, you have not setup a dual-stack DNS server for your debian server.

== Adding a Forwarded Domain ==

== Manually editing a zone file ==
# Lastly we are going to look at the domain zone file. While webmin provides a nice interface to add records, all it is doing is manually adding our records to our zone file. When you use BIND for DNS, every domain created gets its own record file which is called the zone file. In this file all subdomains and records are stored for said domain.
# By default, the location for these records will be in /var/lib/bind, so cd into that folder and ls the contents.
# Now, with your favorite text editor, open up the file. It should look similar to this:
<pre>$ttl 38400
debserv-A.test. IN SOA VMHostname. root.debserv-A.test. (
1395013947
10800
3600
604800
38400 )
debserv-A.test. IN NS VMHostname.
debserv-A.test. IN A 172.17.50.XXX
debserv-A.test. IN MX 1 172.17.50.XXX
cname.debserv-A.test. IN CNAME debserv-A.test.</pre>
# Notice the formatting for domain records. Each record is defined by the domain or subdomain, IN, then the record type, followed by what the record is pointed to.
# For this example, we want to change the MX priority from 1 to 10, so change the MX record settings using your text editor.
# When you are done, restart the bind9 service to reload the changes. We will now use a new command, dig, to lookup the record to make sure the changes were applied correctly.
* Note: when restarting bind, if you have any errors restarting the service this normally means you have a typo in one of your zone files. If this is the case, go through the file again in a text editor to make sure you did not add anything extra.
# dig is a very powerful DNS tool that allows you to lookup specific records for DNS domains, as well as many other things such as PTR, or reverse records. For our reasons though, we will use it to lookup the edited MX record. To do this, run "dig MX debserv-*.test".
* Note: If you are having issues, add @127.0.0.1 to the end of the dig command to force dig to use the local DNS server.
# You should see the following response:
<pre>; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> MX debserv-*.test @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59875
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;debserv-*.test. IN MX

;; ANSWER SECTION:
debserv-*.test. 38400 IN MX 10 172.17.50.XXX.debserv-*.test.

;; AUTHORITY SECTION:
debserv-*.test. 38400 IN NS VMHostname.

;; Query time: 4 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sun Mar 16 20:40:02 2014
;; MSG SIZE rcvd: 78</pre>
# Notice how the Answer Section shows the MX record is pointed to the IP of the domain, and that the priority is set to 10.
# Congrats, you have now setup a functional DNS server.

Franske ITC-2480 Lab 9

2014-03-18T22:22:38Z

Riptide wave:

=Introduction=

=Lab Procedure=
== Prerequisites ==
# Open an SSH console to your Linux system using the PuTTY software, login with your standard user account.
# Make sure that webmin is installed on your system.
== Install BIND & Enable Caching ==
# First you will need to install bind. Bind is one of the few available DNS server applications for linux. To install it, use your favorite package manager to install bind9.
# Now we will need to enable DNS caching and forwarding on the bind server. This will allow us to use it for DNS resolving locally, as well as speed up frequent DNS requests. To do this, open up /etc/bind/named.conf.options with your favorite text editor.
# You are now in the local options file for bind. You will need to uncomment out the following lines:
<pre># forwarders {
# 0.0.0.0;
# };</pre>
* Note that you will need to replace 0.0.0.0 with 172.17.139.10 for outside DNS lookups to function.
# The reason we setup a forwarder address is so that domain requests that are not on our system are passed to another DNS server instead of being searched against the root nameservers. You may want to do this in domain or enterprise environments as most large networks have internal domain names setup that only redirect inside of a local LAN. By using a forwarder, as long as the DNS server you push requests to is able to access those internal records, you will be able to access local content from internal domain names instead of needing to rely on IP addresses.
# To apply this change, you will need to restart the Bind DNS serice. to do this run "sudo service bind9 restart". This will restart the Bind DNS service.
# Next we will need to change our DNS server set in /etc/network/interfaces so our eth0 interfaces uses our local system for DNS lookups. To do this, open up your interfaces file with your favorite file editor, and change the dns server to 127.0.0.1. Remember to restart your interface eth0 to apply the changes.
# To test if its working, run the command "nslookup inverhills.edu". If bind is working, you should now see the following output:
<pre>Server: 127.0.0.1
Address: 127.0.0.1#53

Non-authoritative answer:
Name: inverhills.edu
Address: 134.29.183.71
</pre>
* Notice how it shows it is using 127.0.0.1 as the server. If you do not see this, then your interface file is not set to use the local machine for DNS lookups.

== Create a Domain using Webmin ==
# Now we are going to use webmin to create a few different type of domain records. We will go over A (Host), AAAA (IPv6 host), MX (Mail Exchange), and CNAME (Canonical Name).
# Open up your Webmin panel and sign in. Now that we have bind9 installed, you will need to click the Refresh Modules option on the left sidebar to have Webmin recheck the system for installed packages and services.
# Now under the Servers tab, open up BIND DNS Server. Now under Existing DNS Zones, clock Create master zone. From here we will create a new domain name for our server to host.
# Now use the following options, where * is your System ID that was defined in [[Franske ITC-2480 Lab 5|Lab 5.]]
<pre>Zone type: Forward (Names to Addresses)
Domain name / Network: debserv-*.test
Records file: Automatic
Master server: Leave as your hostname
Email address: root@debserv-*.test</pre>
# Now click the create button to add our domain. As this point you should now be on the Edit Master Zone page. From here you can add and edit domain record settings.
# To create our A record which will point your domain to a IP address, click the Address button. For the Name enter @. the @ symbol in DNS Zones defines the parent domain. Now under address, enter your VM's static IP we set back in [[Franske ITC-2480 Lab 5|Lab 5]] and click Create. Now return back to the main BIND DNS Server page again. When there, click the Apply Configuration option in the top right corner.
# Now we will test the A record we just created. .use nslookup to lookup the domain you just created, which should be debserv-*.test by entering "nslookup debserv-*.test"
* Remember, * is used to represent your given letter to use in lab 5. Also, if you have issues looking up the domain, make sure that nslookup is still set to use 127.0.0.1 as the Server. If not, check your /etc/resolv.conf file.
== Adding additional record types ==
# Now we are going to add a few more record types to our Domain. This will include a MX (Mail Exchange) and CNAME (Canonical Name) record.
# We will start with the MX record. MX records are used by email servers to look up where to forward email for a specific domain.
# So to create a MX record we will use Webmin again. In Webmin on the BIND DNS Server page, click the domain on the bottom named debserv-*.test and then click the Mail Server button. Under name, enter @ again, and for the address enter your VM's static IP address. Now for Priority, enter 1. The Priority entry allows people to define more than 1 MX record for a domain, and the Priority defines which one should be used before the rest.
# Now go back to the domain zone overview page. We are now going to create a CNAME record. CNAME records are useful as they allow you to create virtual A records, but point them to a domain name instead of a host. This is most helpful in situations where you have a dynamic IP address on a system that always has a common DNS name.
# Now on the Edit Master Zone page for your domain, click the Name Alias button. For the Name, enter "blog" and for the Real Name, enter your domain "debserv-*.test." but remember to put a period at the end of the domain as this is an absolute name. Then press create to add the record.
# Now press the Apply Configuration option in the top right of the page again. This will apply the records you have created. Now back in putty, run "nslookup blog.debserv-*.test". You should get a response similar to:
<pre>Server: 127.0.0.1
Address: 127.0.0.1#53

blog.debserv-*.test canonical name = debserv-*.test.
Name: debserv-*.test
Address: 172.17.50.XXX
</pre>
# Now we are going to create a virtual web host in apache that listens for the domain blog.debserv-*.test, and then forwards you directly to your blog folder.
# In Webmin under the servers tab, select Apache Webserver. Then on the top, click the Create virtual host button and use the following Configuration:
<pre>Handle Connections to Address: any address
Port: 80
Document Root: /var/www/blog/
Server Name: blog.debserv-*.test
Add virtual server to file: new file under virtual servers directory
Copy directives from: nowhere
</pre>
# When done, press Create Now. When you are back at the Apache Webserver page, then click Apply Changes in the top right.
# Now in a SSH session, open up your favorite command line web browser like w3m and visit blog.debserv-*.test. Notice how you are now visiting the blog directly, instead of your modified index.html file. This is because we setup a virtual host in apache that listens for requests directly from the CNAME we created.
# Congrats, at this point you have a basic domain working with a MX, CNAME, and A record.

== Adding an AAAA record ==
# Now we are going to add an AAAA (IPv6 host) record to our domain. To do this, we will first need to make sure that IPv6 networking is setup in our virtual machine.

== Adding a Forwarded Domain ==

== Manually editing a zone file ==
# Lastly we are going to look at the domain zone file. While webmin provides a nice interface to add records, all it is doing is manually adding our records to our zone file. When you use BIND for DNS, every domain created gets its own record file which is called the zone file. In this file all subdomains and records are stored for said domain.
# By default, the location for these records will be in /var/lib/bind, so cd into that folder and ls the contents.
# Now, with your favorite text editor, open up the file. It should look similar to this:
<pre>$ttl 38400
debserv-A.test. IN SOA VMHostname. root.debserv-A.test. (
1395013947
10800
3600
604800
38400 )
debserv-A.test. IN NS VMHostname.
debserv-A.test. IN A 172.17.50.XXX
debserv-A.test. IN MX 1 172.17.50.XXX
cname.debserv-A.test. IN CNAME debserv-A.test.</pre>
# Notice the formatting for domain records. Each record is defined by the domain or subdomain, IN, then the record type, followed by what the record is pointed to.
# For this example, we want to change the MX priority from 1 to 10, so change the MX record settings using your text editor.
# When you are done, restart the bind9 service to reload the changes. We will now use a new command, dig, to lookup the record to make sure the changes were applied correctly.
* Note: when restarting bind, if you have any errors restarting the service this normally means you have a typo in one of your zone files. If this is the case, go through the file again in a text editor to make sure you did not add anything extra.
# dig is a very powerful DNS tool that allows you to lookup specific records for DNS domains, as well as many other things such as PTR, or reverse records. For our reasons though, we will use it to lookup the edited MX record. To do this, run "dig MX debserv-*.test".
* Note: If you are having issues, add @127.0.0.1 to the end of the dig command to force dig to use the local DNS server.
# You should see the following response:
<pre>; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> MX debserv-*.test @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59875
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;debserv-*.test. IN MX

;; ANSWER SECTION:
debserv-*.test. 38400 IN MX 10 172.17.50.XXX.debserv-*.test.

;; AUTHORITY SECTION:
debserv-*.test. 38400 IN NS VMHostname.

;; Query time: 4 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sun Mar 16 20:40:02 2014
;; MSG SIZE rcvd: 78</pre>
# Notice how the Answer Section shows the MX record is pointed to the IP of the domain, and that the priority is set to 10.
# Congrats, you have now setup a functional DNS server.

Franske ITC-2480 Lab 9

2014-03-17T12:37:44Z

Riptide wave:

=Introduction=

=Lab Procedure=
== Prerequisites ==
# Open an SSH console to your Linux system using the PuTTY software, login with your standard user account.
# Make sure that webmin is installed on your system.
== Install BIND & Enable Caching ==
# First you will need to install bind. Bind is one of the few available DNS server applications for linux. To install it, use your favorite package manager to install bind9.
# Now we will need to enable DNS caching and forwarding on the bind server. This will allow us to use it for DNS resolving locally, as well as speed up frequent DNS requests. To do this, open up /etc/bind/named.conf.options with your favorite text editor.
# You are now in the local options file for bind. You will need to uncomment out the following lines:
<pre># forwarders {
# 0.0.0.0;
# };</pre>
* Note that you will need to replace 0.0.0.0 with 172.17.139.10 for outside DNS lookups to function.
# The reason we setup a forwarder address is so that domain requests that are not on our system are passed to another DNS server instead of being searched against the root nameservers. You may want to do this in domain or enterprise environments as most large networks have internal domain names setup that only redirect inside of a local LAN. By using a forwarder, as long as the DNS server you push requests to is able to access those internal records, you will be able to access local content from internal domain names instead of needing to rely on IP addresses.
# To apply this change, you will need to restart the Bind DNS serice. to do this run "sudo service bind9 restart". This will restart the Bind DNS service.
# Next we will need to change our DNS server set in /etc/network/interfaces so our eth0 interfaces uses our local system for DNS lookups. To do this, open up your interfaces file with your favorite file editor, and change the dns server to 127.0.0.1. Remember to restart your interface eth0 to apply the changes.
# To test if its working, run the command "nslookup inverhills.edu". If bind is working, you should now see the following output:
<pre>Server: 127.0.0.1
Address: 127.0.0.1#53

Non-authoritative answer:
Name: inverhills.edu
Address: 134.29.183.71
</pre>
* Notice how it shows it is using 127.0.0.1 as the server. If you do not see this, then your interface file is not set to use the local machine for DNS lookups.

== Create a Domain using Webmin ==
# Now we are going to use webmin to create a few different type of domain records. We will go over A (Host), AAAA (IPv6 host), MX (Mail Exchange), and CNAME (Canonical Name).
# Open up your Webmin panel and sign in. Now that we have bind9 installed, you will need to click the Refresh Modules option on the left sidebar to have Webmin recheck the system for installed packages and services.
# Now under the Servers tab, open up BIND DNS Server. Now under Existing DNS Zones, clock Create master zone. From here we will create a new domain name for our server to host.
# Now use the following options, where * is your System ID that was defined in [[Franske ITC-2480 Lab 5|Lab 5.]]
<pre>Zone type: Forward (Names to Addresses)
Domain name / Network: debserv-*.test
Records file: Automatic
Master server: Leave as your hostname
Email address: root@debserv-*.test</pre>
# Now click the create button to add our domain. As this point you should now be on the Edit Master Zone page. From here you can add and edit domain record settings.
# To create our A record which will point your domain to a IP address, click the Address button. For the Name enter @. the @ symbol in DNS Zones defines the parent domain. Now under address, enter your VM's static IP we set back in [[Franske ITC-2480 Lab 5|Lab 5]] and click Create. Now return back to the main BIND DNS Server page again. When there, click the Apply Configuration option in the top right corner.
# Now we will test the A record we just created. .use nslookup to lookup the domain you just created, which should be debserv-*.test by entering "nslookup debserv-*.test"
* Remember, * is used to represent your given letter to use in lab 5. Also, if you have issues looking up the domain, make sure that nslookup is still set to use 127.0.0.1 as the Server. If not, check your /etc/resolv.conf file.
== Adding additional record types ==
# Now we are going to add a few more record types to our Domain. This will include a MX (Mail Exchange) and CNAME (Canonical Name) record.
# We will start with the MX record. MX records are used by email servers to look up where to forward email for a specific domain.
# So to create a MX record we will use Webmin again. In Webmin on the BIND DNS Server page, click the domain on the bottom named debserv-*.test and then click the Mail Server button. Under name, enter @ again, and for the address enter your VM's static IP address. Now for Priority, enter 1. The Priority entry allows people to define more than 1 MX record for a domain, and the Priority defines which one should be used before the rest.
# Now go back to the domain zone overview page. We are now going to create a CNAME record. CNAME records are useful as they allow you to create virtual A records, but point them to a domain name instead of a host. This is most helpful in situations where you have a dynamic IP address on a system that always has a common DNS name.
# Now on the Edit Master Zone page for your domain, click the Name Alias button. For the Name, enter "cname" and for the Real Name, enter your domain "debserv-*.test." but remember to put a period at the end of the domain as this is an absolute name. Then press create to add the record.
# Now press the Apply Configuration option in the top right of the page again. This will apply the records you have created. Now back in putty, run "nslookup cname.debserv-*.test". You should get a response similar to:
<pre>Server: 127.0.0.1
Address: 127.0.0.1#53

cname.debserv-*.test canonical name = debserv-*.test.
Name: debserv-*.test
Address: 172.17.50.XXX
</pre>
# Congrats, at this point you have a basic domain working with a MX, CNAME, and A record.
== Manually editing a zone file ==
# Lastly we are going to look at the domain zone file. While webmin provides a nice interface to add records, all it is doing is manually adding our records to our zone file. When you use BIND for DNS, every domain created gets its own record file which is called the zone file. In this file all subdomains and records are stored for said domain.
# By default, the location for these records will be in /var/lib/bind, so cd into that folder and ls the contents.
# Now, with your favorite text editor, open up the file. It should look similar to this:
<pre>$ttl 38400
debserv-A.test. IN SOA VMHostname. root.debserv-A.test. (
1395013947
10800
3600
604800
38400 )
debserv-A.test. IN NS VMHostname.
debserv-A.test. IN A 172.17.50.XXX
debserv-A.test. IN MX 1 172.17.50.XXX
cname.debserv-A.test. IN CNAME debserv-A.test.</pre>
# Notice the formatting for domain records. Each record is defined by the domain or subdomain, IN, then the record type, followed by what the record is pointed to.
# For this example, we want to change the MX priority from 1 to 10, so change the MX record settings using your text editor.
# When you are done, restart the bind9 service to reload the changes. We will now use a new command, dig, to lookup the record to make sure the changes were applied correctly.
* Note: when restarting bind, if you have any errors restarting the service this normally means you have a typo in one of your zone files. If this is the case, go through the file again in a text editor to make sure you did not add anything extra.
# dig is a very powerful DNS tool that allows you to lookup specific records for DNS domains, as well as many other things such as PTR, or reverse records. For our reasons though, we will use it to lookup the edited MX record. To do this, run "dig MX debserv-*.test".
* Note: If you are having issues, add @127.0.0.1 to the end of the dig command to force dig to use the local DNS server.
# You should see the following response:
<pre>; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> MX debserv-*.test @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59875
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;debserv-*.test. IN MX

;; ANSWER SECTION:
debserv-*.test. 38400 IN MX 10 172.17.50.XXX.debserv-*.test.

;; AUTHORITY SECTION:
debserv-*.test. 38400 IN NS VMHostname.

;; Query time: 4 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sun Mar 16 20:40:02 2014
;; MSG SIZE rcvd: 78</pre>
# Notice how the Answer Section shows the MX record is pointed to the IP of the domain, and that the priority is set to 10.
# Congrats, you have now setup a functional DNS server.

Franske ITC-2480 Lab 9

2014-03-17T01:45:16Z

Riptide wave: /* Install BIND & Enable Caching */

Franske ITC-2480 Lab 9

2014-03-17T01:44:47Z

Franske ITC-2480 Assignments

2014-03-17T00:45:19Z

Riptide wave:

=Labs=
You are responsible for completing ALL of these labs. You must submit a [[Franske Lab Report Format|lab report]] for each chapter (you may combine multiple labs from the chapter into a single report). If you work with a partner on a lab you only need to submit a single lab report for the two of you but it must have both your names on it. Each lab report is worth up to 20 points. This falls into the Labs/Homework category of your course grade.

# [[Franske ITC-2480 Lab 1|Lab 1: Install Debian, check IP, remote access with ssh/sftp]]
# [[Franske ITC-2480 Lab 2|Lab 2: Install Links, install Apache, download, copy, move, remove files, tar file extraction, directories]]
# [[Franske ITC-2480 Lab 3|Lab 3: Install sudo, create new user, change ownership and permissions on files/dirs, view man pages, install webmin]]
# [[Franske ITC-2480 Lab 4|Lab 4: redirect/pipe output, create links, create compressed files, text editing]]
# [[Franske ITC-2480 Lab 5|Lab 5: Set static IP, install PHP/mySQL, experiment with websites and databases, view logfiles]]
# [[Franske ITC-2480 Lab 6|Lab 6: Install forum & blog software, experiment with PHP]]
# [[Franske ITC-2480 Lab 7|Lab 7: Install Samba, configure for basic workgroup filesharing]]
# [[Franske ITC-2480 Lab 8|Lab 8: Install Postfix MTA, courier-imap]]
# [[Franske ITC-2480 Lab 9|Lab 9: Install BIND and configure as caching plus zones for a local domain]]
# Lab 10: 2nd NIC internal network configuration
# Lab 11: Explore /proc /dev, Partition/format/mount 2nd HDD
# Lab 12: Use of nmap, netstat, MRTG/cacti, Nagios
# Lab 13: Write BASH scripts

=Homework=
Any homework assigned in the course will go here. This falls into the Labs/Homework category of your course grade. Remember, for homework assignments turn in the actual pages from your lab book or printouts from the curriculum and not a lab report. Homework assignment are individual, you and your lab partner need to both turn them in separately even if you work on them together.

=Participation Activities=
Any participation activities completed in the course will go here. This falls into the participation category of your course grade.
* Meet with the instructor once per week to discuss course progress and ask questions (up to 10 points each based on progress)

=Unit Assessments=
You are responsible for completing an online unit assessment for each chapter. These fall into the online assessments category of your course grade.

=Other=
You are also responsible for completing these things, see the course syllabus for category and weighting information.
* Online Final Exam
* Skills Final Exam

=Skills Final Exam=
The Skills Final Exam is designed to test your ability to apply the concepts learned in this class and practiced in labs to common, real-world scenarios.

[[Franske ITC-2480|Return to ITC-2480 Homepage]]

Franske ITC-2480 Lab 8

2014-03-06T00:11:46Z

Riptide wave: /* Install the Postfix MTA */

=Introduction=
In this lab you will setup a basic email server on your Debian Linux server including both MTA and MDA software.

The MTA to be installed is Postfix. MTA software listens for incoming connections from other MTA servers on port 25 and accepts mail on behalf of users on the system. Once the mail is received it is stored locally for users to retrieve. The most common methods for storing messages is in an .mbox file, where all messages are stored in a single file, or in a Maildir, which is a directory where each message is stored in a separate file. The MTA also listens for connections from client software (MUA) and accepts outbound messages from them and forwards them on to the destination domain's mail server. Advanced configuration of MTA software can allow for anti-spam filtering, mailing list support or other programs to intercept and manipulate mail as it passes through the server.

Local users accessing their mailbox with MUA software can read and write to the .mbox file or Maildir directly. If a user not locally logged on to the system wants to access their mailbox the server runs MDA software which typically uses the POP3 or IMAP protocol for accessing the .mbox file or Maildir remotely.

=Lab Procedure=
== Prerequisites ==
# Open an SSH console to your Linux system using the PuTTY software, login with your standard user account
# Make sure that webmin is installed on your system.
# Get the IP address of someone else's system in the class who you can send mail to

== Install the Postfix MTA ==
# Install the postfix package using a package management program
#* During the installation process select "Internet Site" as the type of mailserver and set the domain name to "yourhostname.test"
# Use the telnet command to connect to your SMTP server on port 25 (telnet localhost 25)
#* Type quit and press enter after verifying Postfix is running.
# Because the Courier IMAP and POP3 server software only supports Maildir style message stores and Postfix stores in mbox files by default you must edit the /etc/postfix/main.cf file and set the "home_mailbox = Maildir/" parameter.
# Restart the postfix service to apply your change
# Install the mailutils package to test your setup by sending and receiving mail directly from the command line.
# Try sending a message: <pre>echo "This is my message" | mail -s "Email Subject" username@localhost</pre>
# Check to see if the message was received using the mail command, press q to return to the command line.
#* If you do not see the message listed you may need to quit the mail program and set an environment variable "MAIL=/home/yourusername/Maildir"
# You should also be able to see the message in /home/yourusername/Maildir/
# Create an "alias" for sysadmin which forwards mail to your username and send a copy of all mail to the root account to your username as well by editing the /etc/aliases file and then running the newalises program
# It might be a good time to try logging on to Webmin again, re-scanning for modules and then taking a look at the Postfix module in the "Servers" section.
# Take a look at your /var/log/mail.info log to see Postfix sending and receiving messages for users.

== Install Courier MDA ==
# Most users prefer to retrieve mail from a mail server using an MDA protocol like POP3 or IMAP which can be provided by the Courier programs. Install the "courier-pop" and "courier-imap" packages.
#* Do not create the directories for web-based administration as they are unneeded for our setup
# Install an email client (MUA) on your host system such as [http://www.mozilla.org/en-US/thunderbird/ Mozilla Thunderbird] and setup a new account which connects over IMAP to the IP address of your server for each of the different user accounts you have on your server. Test receiving mail using this client.
#* Note: If your user has not yet received any mail Postfix has not created a Maildir for the user and the courier software will send an error to the client software. Use the sendmail program explained above to send some mail to the user, see that the Maildir is then created and then try retrieving the messages again with your MUA.

== Allow Remote Users to Send Mail ==
# Try setting up your MUA software to send mail by creating an SMTP server entry and sending an email to anotheruser@localhost This should work because localhost is your own server but if you try sending email to someuser@anotherIP like root@172.17.50.10 that will fail.
# The problem is you don't want just anyone to send mail through your mailserver (we did allow this in the olden days) because a spammer could then use your server to send mail worldwide and it would all trace back to the IP of your server, we call servers setup like this "open relays" because they relay mail for anyone and they are generally considered very bad practice and can get your mailserver on lists of servers to ignore all messages from. There are a number of ways to solve this. By default Postfix will only allow mail relaying from computers on the same network (based on IP) as set in the /etc/postfix/main.cf mynetworks parameter but this is inconvenient for remote users. The SASL protocol allows users to authenticate with a username and password before sending mail and then relay messages are accepted from them.
# See if you can follow [https://wiki.debian.org/PostfixAndSASL these instructions] for setting up SASL with Postfix.
#* Note: You do not need to setup TLS to support SASL (more on that in the additional considerations section)
# Now modify your MUA to use a username and password when connecting to your SMTP server and try sending mail to someone else's system from your MUA using a destination address like root@172.17.50.10
# Troubleshoot as needed using the mail log files on your system.

=Additional Considerations=
Running a mailserver is tricky business. The basic server we have setup does not use encryption for connections meaning usernames, passwords, and mail contents are all set in plaintext. This is very undesirable from a security standpoint and it would be suggested to support SSL/TLS encryption for both the MTA and MDA portions. In addition, you will almost certainly want spam filtering at the server. More complicated setups also use database tables for users, passwords and domains so that you can host multiple domains on a single server and have email user boxes for people who do not have local logins on the system.

=Additional Resources=
* [https://help.ubuntu.com/community/PostfixBasicSetupHowto Ubuntu Postfix Basic Setup]
* [https://wiki.debian.org/Postfix Debian Wiki - Postfix Installation]

Franske ITC-2480 Lab 7

2014-02-28T14:48:16Z

Riptide wave:

=Introduction=

=Lab Procedure=
== Prerequisites ==
# Open an SSH console to your Linux system using the PuTTY software, login with your standard user account
# Make sure that webmin is installed on your system.
== Install Samba ==
# With your favorite package manager, install the samba package.
# After samba is installed, login into webmin on your local computers web browser.
# Under the servers tab, notice how samba does not show up. This is because we just installed the package.
# On the bottom of the left toolbar, click refresh modules. After a minute, it should refresh the page. Now look under the servers tab again. Does samba now show up?
== Setup a Guest Folder ==
# The first thing we are going to do is we are going to create a guest share. This share will allow for all users, even those who have not authenticated, to read files.
# To help you better understand samba, this first share will be configured from putty and command line. First, cd into /etc/samba/ and run a ls. In here we have two main files. smb.conf, which holds all of the samba share and authentication settings, and dhcp.conf which is no longer used, but used to be used to define host names and dns servers for samba to use.
# Now with your favorite text editor, open up smb.conf as root (remember to use sudo).
# Scroll to the bottom of the file, and notice how shares are defined. They all have a similar format such as:
<pre>
[Share Name]
comment = Share Comment
options....</pre>
# Where options are the different configuration settings. Lets try creating the guest share folder from the config file manually.
# Exit out of nano, and create the folder /srv/Guest-Files as root. This will be the folder we are sharing.
# Now open up /etc/samba/smb.conf in a text editor again as root, and go to the bottom of the file.
# Enter the following:
<pre>[Guest Share]
comment = Public File Share
public = yes
path = /srv/Guest-Files</pre>
# You have now created the public share. To test this share, go into /srv/Guest-Files and create a text file and enter some information. We will use this file to test the read-only settings of the share.
# At this point, we should be ready to test out our configuration. On your Local Computer, open up command line, and enter \\172.17.50.xx (Your IP you setup for the static address), and press enter. You should see a share folder called Guest Share. Open it up, and see if your text file is in the share. Open up the file, and try to edit and save the file. What error do you get?
== Share Home Folders ==
# Now we are going to setup Home Folders. By default they are enabled, but write access is not. Notice what other folders are enabled in samba by default.
# First it must be noted that samba requires separate user accounts from the system, just like mysql. So first, we are going to add your user account.
# To do this, we are now going to use webmin to configure the shares. Remember you can access webmin from 172.17.50.xx:10000.
# On the Webmin Samba config page, click Samba Users. Notice how none are currently defined. Go back, and then click Convert Users. This is the tool we will use to convert the local unix user accounts to samba.
# Leave the Unix users to convert option set to all except listed users and UID ranges with the option of -499. This will add all user counts with a UID of 500 or more to samba.
# Now on the bottom, select "No password". We are doing this as we will define unique passwords for each user. Then click Convert Users when ready.
# When you are done, go to the Samba Users page again. Notice how your user account is now listed. From here you can now add passwords to the different user accounts you added in the last step.
# Lastly we are going to setup write access to home folders, so you will be able to add files to your home directory over samba.
# On the samba config page, under Shares, click the home share. Next click Security and Access Control. Now set the Writable option to Yes, and then click save.
# Now go back to the Samba config page, and click the Restart Samba Servers option at the bottom. We do this to force samba to load the new configuration. You can also wait a minute or two if you don't want to disconnect any connected users.
# At this point, we should be ready to test out our configuration. On your Local Computer, open up command line, and enter \\172.17.50.xx (Your IP you setup for the static address), and press enter. Notice how you have an empty share because you are connected without any authentication. Now, in the top URL window, add \username to the path, so ex \\172.17.50.xx\user. You should now get a login popup. Login as your user, and you should be greeted with your home folder.
# Test creating and deleting a file to verify write access is working.
# Now try to access a home share of another user that was added to samba. Notice how you do not have permissions. Try logging in with another user account to access a different home share.
#Note: To use another user account in a samba share, you may have to logout and then back in on your local machine.
== Setup a Group Share Folder ==
# Now we are going to setup a group folder share that will allow for all samba users to read and write to the folder.
# Now back in the webmin samba config panel, we are going to create a new share. Under shares, select the Create a new file share link.
# Use the following base configuration:
<pre>Share Name: Share-Files
Directory to share: /srv/Group-Share
Automatically Create Directory: Yes
Create with owner: root
Create with permissions: 775
Create with group: users
Available: yes
Browsable: yes
Share Comment: group share folder
</pre>
# Once the share is setup, click it to edit it. Once you are at the Edit File Share page, click File Permissions. Notice how the New Unix file and New Unix directory are set to 755 by default, even though we set the share to use 775 to create the directory. This is done for security purposes.
# Now set the New Unix file and New Unix directory mode to 775, and set Force Unix group to users. You can now press save. We do this to allow authenticated users to modify and edit files that may have been added by other users.
# Now we will need to enable write access to the folder. On the Edit file share page again, click Security and Access Control. Now set the Writable option to Yes, and press save.
# At this point, you can test the share exactly the same way we did with the home folder share. Notice though how this share is set to browsable, so it shows up in the root share folder. Go ahead and create a file, and in putty, look at the user and group assigned to the files you created.

Franske ITC-2480 Lab 7

2014-02-27T15:57:05Z

Riptide wave:

=Introduction=

=Lab Procedure=
== Prerequisites ==
# Open an SSH console to your Linux system using the PuTTY software, login with your standard user account
# Make sure that webmin is installed on your system.
== Install Samba ==
# With your favorite package manager, install the samba package.
# After samba is installed, login into webmin on your local computers web browser.
# Under the servers tab, notice how samba does not show up. This is because we just installed the package.
# On the bottom of the left toolbar, click refresh modules. After a minute, it should refresh the page. Now look under the servers tab again. Does samba now show up?
== Setup a Guest Folder ==
# The first thing we are going to do is we are going to create a guest share. This share will allow for all users, even those who have not authenticated, to read files.
# To help you better understand samba, this first share will be configured from putty and command line. First, cd into /etc/samba/ and run a ls. In here we have two main files. smb.conf, which holds all of the samba share and authentication settings, and dhcp.conf which is no longer used, but used to be used to define host names and dns servers for samba to use.
# Now with your favorite text editor, open up smb.conf as root (remember to use sudo).
# Scroll to the bottom of the file, and notice how shares are defined. They all have a similar format such as:
<pre>
[Share Name]
comment = Share Comment
options....</pre>
# Where options are the different configuration settings. Lets try creating the guest share folder from the config file manually.
# Exit out of nano, and create the folder /srv/Guest-Files as root. This will be the folder we are sharing.
# Now open up /etc/samba/smb.conf in a text editor again as root, and go to the bottom of the file.
# Enter the following:
<pre>[Guest Share]
comment = Public File Share
public = yes
path = /srv/Guest-Files</pre>
# You have now created the public share. To test this share, go into /srv/Guest-Files and create a text file and enter some information. We will use this file to test the read-only settings of the share.
# At this point, we should be ready to test out our configuration. On your Local Computer, open up command line, and enter \\172.17.50.xx (Your IP you setup for the static address), and press enter. You should see a share folder called Guest Share. Open it up, and see if your text file is in the share. Open up the file, and try to edit and save the file. What error do you get?
== Share Home Folders ==
# Now we are going to setup Home Folders. By default they are enabled, but write access is not. Notice what other folders are enabled in samba by default.
# First it must be noted that samba requires separate user accounts from the system, just like mysql. So first, we are going to add your user account.
# To do this, we are now going to use webmin to configure the shares. Remember you can access webmin from 172.17.50.xx:10000.
# On the Webmin Samba config page, click Samba Users. Notice how none are currently defined. Go back, and then click Convert Users. This is the tool we will use to convert the local unix user accounts to samba.
# Now select the "Only listed users or UID ranges", and enter your username.
# Now on the bottom, select "Use this password" and create a password for your samba user. Then click Convert Users when ready.
# When you are done, go to the Samba Users page again. Notice how your user account is now listed.
# Lastly we are going to setup write access to home folders, so you will be able to add files to your home directory over samba.
# On the samba config page, under Shares, click the home share. Next click Security and Access Control. Now set the Writable option to Yes, and then click save.
# Now go back to the Samba config page, and click the Restart Samba Servers option at the bottom. We do this to force samba to load the new configuration. You can also wait a minute or two if you don't want to disconnect any connected users.
# At this point, we should be ready to test out our configuration. On your Local Computer, open up command line, and enter \\172.17.50.xx (Your IP you setup for the static address), and press enter. Notice how you have an empty share because you are connected without any authentication. Now, in the top URL window, add \username to the path, so ex \\172.17.50.xx\user. You should now get a login popup. Login as your user, and you should be greeted with your home folder.
# Test creating and deleting a file to verify write access is working.
== Setup a Group Share Folder ==
# Now we are going to setup a group folder share that will allow for all samba users to read and write to the folder.
# Now back in the webmin samba config panel, we are going to create a new share. Under shares, select the Create a new file share link.
# Use the following base configuration:
<pre>Share Name: Share-Files
Directory to share: /srv/Group-Share
Automatically Create Directory: Yes
Create with owner: root
Create with permissions: 775
Create with group: users
Available: yes
Browsable: yes
Share Comment: group share folder
</pre>
# Once the share is setup, click it to edit it. Once you are at the Edit File Share page, click File Permissions. Notice how the New Unix file and New Unix directory are set to 755 by default, even though we set the share to use 775 to create the directory. This is done for security purposes.
# Now set the New Unix file and New Unix directory mode to 775, and set Force Unix group to users. You can now press save. We do this to allow authenticated users to modify and edit files that may have been added by other users.
# Now we will need to enable write access to the folder. On the Edit file share page again, click Security and Access Control. Now set the Writable option to Yes, and press save.
# At this point, you can test the share exactly the same way we did with the home folder share. Notice though how this share is set to browsable, so it shows up in the root share folder. Go ahead and create a file, and in putty, look at the user and group assigned to the files you created.

Franske ITC-2480 Lab 7

2014-02-25T14:33:42Z

Riptide wave: /* Share Home Folders */

=Introduction=

=Lab Procedure=
== Prerequisites ==
# Open an SSH console to your Linux system using the PuTTY software, login with your standard user account
# Make sure that webmin is installed on your system.
== Install Samba ==
# With your favorite package manager, install the samba package.
# After samba is installed, login into webmin on your local computers web browser.
# Under the servers tab, notice how samba does not show up. This is because we just installed the package.
# On the bottom of the left toolbar, click refresh modules. After a minute, it should refresh the page. Now look under the servers tab again. Does samba now show up?
== Setup a Guest Folder ==
# The first thing we are going to do is we are going to create a guest share. This share will allow for all users, even those who have not authenticated, to read files.
# To help you better understand samba, this first share will be configured from putty and command line. First, cd into /etc/samba/ and run a ls. In here we have two main files. smb.conf, which holds all of the samba share and authentication settings, and dhcp.conf which is no longer used, but used to be used to define host names and dns servers for samba to use.
# Now with your favorite text editor, open up smb.conf as root (remember to use sudo).
# Scroll to the bottom of the file, and notice how shares are defined. They all have a similar format such as:
<pre>
[Share Name]
comment = Share Comment
options....</pre>
# Where options are the different configuration settings. Lets try creating the guest share folder from the config file manually.
# Exit out of nano, and create the folder /srv/Guest-Files as root. This will be the folder we are sharing.
# Now open up /etc/samba/smb.conf in a text editor again as root, and go to the bottom of the file.
# Enter the following:
<pre>[Guest Share]
comment = Public File Share
path = /srv/Guest-Files</pre>
# You have now created the public share. To test this share, go into /srv/Guest-Files and create a text file and enter some information. We will use this file to test the read-only settings of the share.
# At this point, we should be ready to test out our configuration. On your Local Computer, open up command line, and enter \\172.17.50.xx (Your IP you setup for the static address), and press enter. You should see a share folder called Guest Share. Open it up, and see if your text file is in the share. Open up the file, and try to edit and save the file. What error do you get?
== Share Home Folders ==
# Now we are going to setup Home Folders. By default they are enabled, but write access is not. Notice what other folders are enabled in samba by default.
# First it must be noted that samba requires separate user accounts from the system, just like mysql. So first, we are going to add your user account.
# To do this, we are now going to use webmin to configure the shares. Remember you can access webmin from 172.17.50.xx:10000.
# On the Webmin Samba config page, click Samba Users. Notice how none are currently defined. Go back, and then click Convert Users. This is the tool we will use to convert the local unix user accounts to samba.
# Now select the "Only listed users or UID ranges", and enter your username.
# Now on the bottom, select "Use this password" and create a password for your samba user. Then click Convert Users when ready.
# When you are done, go to the Samba Users page again. Notice how your user account is now listed.
# Lastly we are going to setup write access to home folders, so you will be able to add files to your home directory over samba.
# On the samba config page, under Shares, click the home share. Next click Security and Access Control. Now set the Writable option to Yes, and then click save.
# Now go back to the Samba config page, and click the Restart Samba Servers option at the bottom. We do this to force samba to load the new configuration. You can also wait a minute or two if you don't want to disconnect any connected users.
# At this point, we should be ready to test out our configuration. On your Local Computer, open up command line, and enter \\172.17.50.xx (Your IP you setup for the static address), and press enter. Notice how you have an empty share because you are connected without any authentication. Now, in the top URL window, add \username to the path, so ex \\172.17.50.xx\user. You should now get a login popup. Login as your user, and you should be greeted with your home folder.
# Test creating and deleting a file to verify write access is working.

== Setup a Group Share Folder ==
# Now we are going to setup a group folder share that will allow for all samba users to read and write to the folder.
# Now back in the webmin samba config panel, we are going to create a new share. Under shares, select the Create a new file share link.
# Use the following base configuration:
<pre>Share Name: Share-Files
Directory to share: /srv/Group-Share
Automatically Create Directory: Yes
Create with owner: root
Create with permissions: 775
Create with group: users
Available: yes
Browsable: yes
Share Comment: group share folder
</pre>
# Once the share is setup, click it to edit it. Once you are at the Edit File Share page, click File Permissions. Notice how the New Unix file and New Unix directory are set to 755 by default, even though we set the share to use 775 to create the directory. This is done for security purposes.
# Now set the New Unix file and New Unix directory mode to 775, and set Force Unix group to users. You can now press save. We do this to allow authenticated users to modify and edit files that may have been added by other users.
# Now we will need to enable write access to the folder. On the Edit file share page again, click Security and Access Control. Now set the Writable option to Yes, and press save.
# At this point, you can test the share exactly the same way we did with the home folder share. Notice though how this share is set to browsable, so it shows up in the root share folder. Go ahead and create a file, and in putty, look at the user and group assigned to the files you created.

Franske ITC-2480 Lab 7

2014-02-25T14:30:47Z

Riptide wave:

=Introduction=

=Lab Procedure=
== Prerequisites ==
# Open an SSH console to your Linux system using the PuTTY software, login with your standard user account
# Make sure that webmin is installed on your system.
== Install Samba ==
# With your favorite package manager, install the samba package.
# After samba is installed, login into webmin on your local computers web browser.
# Under the servers tab, notice how samba does not show up. This is because we just installed the package.
# On the bottom of the left toolbar, click refresh modules. After a minute, it should refresh the page. Now look under the servers tab again. Does samba now show up?
== Setup a Guest Folder ==
# The first thing we are going to do is we are going to create a guest share. This share will allow for all users, even those who have not authenticated, to read files.
# To help you better understand samba, this first share will be configured from putty and command line. First, cd into /etc/samba/ and run a ls. In here we have two main files. smb.conf, which holds all of the samba share and authentication settings, and dhcp.conf which is no longer used, but used to be used to define host names and dns servers for samba to use.
# Now with your favorite text editor, open up smb.conf as root (remember to use sudo).
# Scroll to the bottom of the file, and notice how shares are defined. They all have a similar format such as:
<pre>
[Share Name]
comment = Share Comment
options....</pre>
# Where options are the different configuration settings. Lets try creating the guest share folder from the config file manually.
# Exit out of nano, and create the folder /srv/Guest-Files as root. This will be the folder we are sharing.
# Now open up /etc/samba/smb.conf in a text editor again as root, and go to the bottom of the file.
# Enter the following:
<pre>[Guest Share]
comment = Public File Share
path = /srv/Guest-Files</pre>
# You have now created the public share. To test this share, go into /srv/Guest-Files and create a text file and enter some information. We will use this file to test the read-only settings of the share.
# At this point, we should be ready to test out our configuration. On your Local Computer, open up command line, and enter \\172.17.50.xx (Your IP you setup for the static address), and press enter. You should see a share folder called Guest Share. Open it up, and see if your text file is in the share. Open up the file, and try to edit and save the file. What error do you get?
== Share Home Folders ==
# Now we are going to setup Home Folders. By default they are enabled, but write access is not. Notice what other folders are enabled in samba by default.
# First it must be noted that samba requires separate user accounts from the system, just like mysql. So first, we are going to add your user account.
# On the Webmin Samba config page, click Samba Users. Notice how none are currently defined. Go back, and then click Convert Users. This is the tool we will use to convert the local unix user accounts to samba.
# Now select the "Only listed users or UID ranges", and enter your username.
# Now on the bottom, select "Use this password" and create a password for your samba user. Then click Convert Users when ready.
# When you are done, go to the Samba Users page again. Notice how your user account is now listed.
# Lastly we are going to setup write access to home folders, so you will be able to add files to your home directory over samba.
# On the samba config page, under Shares, click the home share. Next click Security and Access Control. Now set the Writable option to Yes, and then click save.
# Now go back to the Samba config page, and click the Restart Samba Servers option at the bottom. We do this to force samba to load the new configuration. You can also wait a minute or two if you don't want to disconnect any connected users.
# At this point, we should be ready to test out our configuration. On your Local Computer, open up command line, and enter \\172.17.50.xx (Your IP you setup for the static address), and press enter. Notice how you have an empty share because you are connected without any authentication. Now, in the top URL window, add \username to the path, so ex \\172.17.50.xx\user. You should now get a login popup. Login as your user, and you should be greeted with your home folder.
# Test creating and deleting a file to verify write access is working.
== Setup a Group Share Folder ==
# Now we are going to setup a group folder share that will allow for all samba users to read and write to the folder.
# Now back in the webmin samba config panel, we are going to create a new share. Under shares, select the Create a new file share link.
# Use the following base configuration:
<pre>Share Name: Share-Files
Directory to share: /srv/Group-Share
Automatically Create Directory: Yes
Create with owner: root
Create with permissions: 775
Create with group: users
Available: yes
Browsable: yes
Share Comment: group share folder
</pre>
# Once the share is setup, click it to edit it. Once you are at the Edit File Share page, click File Permissions. Notice how the New Unix file and New Unix directory are set to 755 by default, even though we set the share to use 775 to create the directory. This is done for security purposes.
# Now set the New Unix file and New Unix directory mode to 775, and set Force Unix group to users. You can now press save. We do this to allow authenticated users to modify and edit files that may have been added by other users.
# Now we will need to enable write access to the folder. On the Edit file share page again, click Security and Access Control. Now set the Writable option to Yes, and press save.
# At this point, you can test the share exactly the same way we did with the home folder share. Notice though how this share is set to browsable, so it shows up in the root share folder. Go ahead and create a file, and in putty, look at the user and group assigned to the files you created.

Franske ITC-2480 Lab 7

2014-02-25T14:15:52Z

Riptide wave:

=Introduction=

=Lab Procedure=
== Prerequisites ==
# Open an SSH console to your Linux system using the PuTTY software, login with your standard user account
# Make sure that webmin is installed on your system.
== Install Samba ==
# With your favorite package manager, install the samba package.
# After samba is installed, login into webmin on your local computers web browser.
# Under the servers tab, notice how samba does not show up. This is because we just installed the package.
# On the bottom of the left toolbar, click refresh modules. After a minute, it should refresh the page. Now look under the servers tab again. Does samba now show up?
== Share Home Folders ==
# Now we are going to setup Home Folders. By default they are enabled, but write access is not. Notice what other folders are enabled in samba by default.
# First it must be noted that samba requires separate user accounts from the system, just like mysql. So first, we are going to add your user account.
# On the Webmin Samba config page, click Samba Users. Notice how none are currently defined. Go back, and then click Convert Users. This is the tool we will use to convert the local unix user accounts to samba.
# Now select the "Only listed users or UID ranges", and enter your username.
# Now on the bottom, select "Use this password" and create a password for your samba user. Then click Convert Users when ready.
# When you are done, go to the Samba Users page again. Notice how your user account is now listed.
# Lastly we are going to setup write access to home folders, so you will be able to add files to your home directory over samba.
# On the samba config page, under Shares, click the home share. Next click Security and Access Control. Now set the Writable option to Yes, and then click save.
# Now go back to the Samba config page, and click the Restart Samba Servers option at the bottom. We do this to force samba to load the new configuration. You can also wait a minute or two if you don't want to disconnect any connected users.
# At this point, we should be ready to test out our configuration. On your Local Computer, open up command line, and enter \\172.17.50.xx (Your IP you setup for the static address), and press enter. Notice how you have an empty share because you are connected without any authentication. Now, in the top URL window, add \username to the path, so ex \\172.17.50.xx\user. You should now get a login popup. Login as your user, and you should be greeted with your home folder.
# Test creating and deleting a file to verify write access is working.
== Setup a Group Share Folder ==
# Now we are going to setup a group folder share that will allow for all samba users to read and write to the folder.
# Now back in the webmin samba config panel, we are going to create a new share. Under shares, select the Create a new file share link.
# Use the following base configuration:
<pre>Share Name: Share-Files
Directory to share: /srv/Group-Share
Automatically Create Directory: Yes
Create with owner: root
Create with permissions: 775
Create with group: users
Available: yes
Browsable: yes
Share Comment: group share folder
</pre>
# Once the share is setup, click it to edit it. Once you are at the Edit File Share page, click File Permissions. Notice how the New Unix file and New Unix directory are set to 755 by default, even though we set the share to use 775 to create the directory. This is done for security purposes.
# Now set the New Unix file and New Unix directory mode to 775, and set Force Unix group to users. You can now press save. We do this to allow authenticated users to modify and edit files that may have been added by other users.
# Now we will need to enable write access to the folder. On the Edit file share page again, click Security and Access Control. Now set the Writable option to Yes, and press save.
# At this point, you can test the share exactly the same way we did with the home folder share. Notice though how this share is set to browsable, so it shows up in the root share folder. Go ahead and create a file, and in putty, look at the user and group assigned to the files you created.

== Setup a Guest Folder ==
# Now we are going to setup a guest share folder. For this share, we will want to disable all authentication, but set the files to read only for security purposes.
# Back on the Samba Windows File Sharing config page in webmin, click Create a new file share.
# Use the following base configuration:
<pre>Share Name: Guest Share
Directory to share: /srv/Guest-Files
Automatically Create Directory: Yes
Create with owner: root
Create with permissions: 755
Create with group: root
Available: yes
Browsable: yes
Share Comment: Public File Share
</pre>
# Now click the Guest Share link to open its configuration page, and then click Security and Access Control. As we are setting this to be accessible by everyone, under Guest Access, set the option to yes and then press save.
# Now back in putty, browse to /srv/Guest-Files/ and using sudo, create a text file with some contents, then save the file. We will use this to test our permission settings.
# Now back on your local machine, browse back to the root of the share (\\172.17.50.xx\). Notice how there is now a folder called Guest Share, and when you enter it, your text file shows up. Open up the file, and try to edit and save the file. What error do you get?
# At this point you have successfully setup a guest share, PAM share, and home folder shares.

Franske ITC-2480 Lab 7

2014-02-25T14:15:46Z

Riptide wave: Blanked the page

Franske ITC-2480 Lab 7

2014-02-24T02:15:44Z

Riptide wave: /* Setup a PAM Auth Folder */

=Introduction=

=Lab Procedure=
== Prerequisites ==
# Open an SSH console to your Linux system using the PuTTY software, login with your standard user account
# Make sure that webmin is installed on your system.
== Install Samba ==
# With your favorite package manager, install the samba package.
# After samba is installed, login into webmin on your local computers web browser.
# Under the servers tab, notice how samba does not show up. This is because we just installed the package.
# On the bottom of the left toolbar, click refresh modules. After a minute, it should refresh the page. Now look under the servers tab again. Does samba now show up?
== Share Home Folders ==
# Now we are going to setup Home Folders. By default they are enabled, but write access is not. Notice what other folders are enabled in samba by default.
# First it must be noted that samba requires separate user accounts from the system, just like mysql. So first, we are going to add your user account.
# On the Webmin Samba config page, click Samba Users. Notice how none are currently defined. Go back, and then click Convert Users. This is the tool we will use to convert the local unix user accounts to samba.
# Now select the "Only listed users or UID ranges", and enter your username.
# Now on the bottom, select "Use this password" and create a password for your samba user. Then click Convert Users when ready.
# When you are done, go to the Samba Users page again. Notice how your user account is now listed.
# Lastly we are going to setup write access to home folders, so you will be able to add files to your home directory over samba.
# On the samba config page, under Shares, click the home share. Next click Security and Access Control. Now set the Writable option to Yes, and then click save.
# Now go back to the Samba config page, and click the Restart Samba Servers option at the bottom. We do this to force samba to load the new configuration. You can also wait a minute or two if you don't want to disconnect any connected users.
# At this point, we should be ready to test out our configuration. On your Local Computer, open up command line, and enter \\172.17.50.xx (Your IP you setup for the static address), and press enter. Notice how you have an empty share because you are connected without any authentication. Now, in the top URL window, add \username to the path, so ex \\172.17.50.xx\user. You should now get a login popup. Login as your user, and you should be greeted with your home folder.
# Test creating and deleting a file to verify write access is working.
== Setup a PAM Auth Folder ==
# Now we are going to setup a PAM authentication folder share. PAM (Pluggable Authentication Modules) allows for dynamic authorization for applications and services on a Linux system. This means that as long as a user has an account defined in samba, they will have access to this shared folder we are creating.
# Now back in the webmin samba config panel, we are going to create a new share. Under shares, select the Create a new file share link.
# Use the following base configuration:
<pre>Share Name: PAM-Files
Directory to share: /srv/PAM-Share
Automatically Create Directory: Yes
Create with owner: root
Create with permissions: 775
Create with group: users
Available: yes
Browsable: yes
Share Comment: PAM user share folder
</pre>
# Once the share is setup, click it to edit it. Once you are at the Edit File Share page, click File Permissions. Notice how the New Unix file and New Unix directory are set to 755 by default, even though we set the share to use 775 to create the directory. This is done for security purposes.
# Now set the New Unix file and New Unix directory mode to 775, and set Force Unix group to users. You can now press save. We do this to allow authenticated users to modify and edit files that may have been added by other users.
# Now we will need to enable write access to the folder. On the Edit file share page again, click Security and Access Control. Now set the Writable option to Yes, and press save.
# At this point, you can test the share exactly the same way we did with the home folder share. Notice though how this share is set to browsable, so it shows up in the root share folder. Go ahead and create a file, and in putty, look at the user and group assigned to the files you created.

== Setup a Guest Folder ==
# Now we are going to setup a guest share folder. For this share, we will want to disable all authentication, but set the files to read only for security purposes.
# Back on the Samba Windows File Sharing config page in webmin, click Create a new file share.
# Use the following base configuration:
<pre>Share Name: Guest Share
Directory to share: /srv/Guest-Files
Automatically Create Directory: Yes
Create with owner: root
Create with permissions: 755
Create with group: root
Available: yes
Browsable: yes
Share Comment: Public File Share
</pre>
# Now click the Guest Share link to open its configuration page, and then click Security and Access Control. As we are setting this to be accessible by everyone, under Guest Access, set the option to yes and then press save.
# Now back in putty, browse to /srv/Guest-Files/ and using sudo, create a text file with some contents, then save the file. We will use this to test our permission settings.
# Now back on your local machine, browse back to the root of the share (\\172.17.50.xx\). Notice how there is now a folder called Guest Share, and when you enter it, your text file shows up. Open up the file, and try to edit and save the file. What error do you get?
# At this point you have successfully setup a guest share, PAM share, and home folder shares.

Franske ITC-2480 Assignments

2014-02-24T02:13:15Z

Riptide wave:

=Labs=
You are responsible for completing ALL of these labs. You must submit a [[Franske Lab Report Format|lab report]] for each chapter (you may combine multiple labs from the chapter into a single report). If you work with a partner on a lab you only need to submit a single lab report for the two of you but it must have both your names on it. Each lab report is worth up to 20 points. This falls into the Labs/Homework category of your course grade.

# [[Franske ITC-2480 Lab 1|Lab 1: Install Debian, check IP, remote access with ssh/sftp]]
# [[Franske ITC-2480 Lab 2|Lab 2: Install Links, install Apache, download, copy, move, remove files, tar file extraction, directories]]
# [[Franske ITC-2480 Lab 3|Lab 3: Install sudo, create new user, change ownership and permissions on files/dirs, view man pages, install webmin]]
# [[Franske ITC-2480 Lab 4|Lab 4: redirect/pipe output, create links, create compressed files, text editing]]
# [[Franske ITC-2480 Lab 5|Lab 5: Set static IP, install PHP/mySQL, experiment with websites and databases, view logfiles]]
# [[Franske ITC-2480 Lab 6|Lab 6: Install forum & blog software, experiment with PHP]]
# [[Franske ITC-2480 Lab 7|Lab 7: Install Samba, configure for basic workgroup filesharing]]
# Lab 8: Install Postfix MTA, courier-imap
# Lab 9: Install BIND and configure as caching plus zones for a local domain
# Lab 10: 2nd NIC internal network configuration
# Lab 11: Explore /proc /dev, Partition/format/mount 2nd HDD
# Lab 12: Use of nmap, netstat, MRTG/cacti, Nagios
# Lab 13: Write BASH scripts

=Homework=
Any homework assigned in the course will go here. This falls into the Labs/Homework category of your course grade. Remember, for homework assignments turn in the actual pages from your lab book or printouts from the curriculum and not a lab report. Homework assignment are individual, you and your lab partner need to both turn them in separately even if you work on them together.

=Participation Activities=
Any participation activities completed in the course will go here. This falls into the participation category of your course grade.
* Meet with the instructor once per week to discuss course progress and ask questions (up to 10 points each based on progress)

=Unit Assessments=
You are responsible for completing an online unit assessment for each chapter. These fall into the online assessments category of your course grade.

=Other=
You are also responsible for completing these things, see the course syllabus for category and weighting information.
* Online Final Exam
* Skills Final Exam

=Skills Final Exam=
The Skills Final Exam is designed to test your ability to apply the concepts learned in this class and practiced in labs to common, real-world scenarios.

[[Franske ITC-2480|Return to ITC-2480 Homepage]]

Franske ITC-2480 Lab 7

2014-02-24T02:12:26Z

Riptide wave:

=Introduction=

=Lab Procedure=
== Prerequisites ==
# Open an SSH console to your Linux system using the PuTTY software, login with your standard user account
# Make sure that webmin is installed on your system.
== Install Samba ==
# With your favorite package manager, install the samba package.
# After samba is installed, login into webmin on your local computers web browser.
# Under the servers tab, notice how samba does not show up. This is because we just installed the package.
# On the bottom of the left toolbar, click refresh modules. After a minute, it should refresh the page. Now look under the servers tab again. Does samba now show up?
== Share Home Folders ==
# Now we are going to setup Home Folders. By default they are enabled, but write access is not. Notice what other folders are enabled in samba by default.
# First it must be noted that samba requires separate user accounts from the system, just like mysql. So first, we are going to add your user account.
# On the Webmin Samba config page, click Samba Users. Notice how none are currently defined. Go back, and then click Convert Users. This is the tool we will use to convert the local unix user accounts to samba.
# Now select the "Only listed users or UID ranges", and enter your username.
# Now on the bottom, select "Use this password" and create a password for your samba user. Then click Convert Users when ready.
# When you are done, go to the Samba Users page again. Notice how your user account is now listed.
# Lastly we are going to setup write access to home folders, so you will be able to add files to your home directory over samba.
# On the samba config page, under Shares, click the home share. Next click Security and Access Control. Now set the Writable option to Yes, and then click save.
# Now go back to the Samba config page, and click the Restart Samba Servers option at the bottom. We do this to force samba to load the new configuration. You can also wait a minute or two if you don't want to disconnect any connected users.
# At this point, we should be ready to test out our configuration. On your Local Computer, open up command line, and enter \\172.17.50.xx (Your IP you setup for the static address), and press enter. Notice how you have an empty share because you are connected without any authentication. Now, in the top URL window, add \username to the path, so ex \\172.17.50.xx\user. You should now get a login popup. Login as your user, and you should be greeted with your home folder.
# Test creating and deleting a file to verify write access is working.
== Setup a PAM Auth Folder ==
# Now we are going to setup a PAM authentication folder share. PAM (Pluggable Authentication Modules) allows for dynamic authorization for applications and services on a Linux system. This means that as long as a user has an account defined in samba, they will have access to this shared folder we are creating.
# Now back in the webmin samba config panel, we are going to create a new share. Under shares, select the Create a new file share link.
# Use the following base configuration:
<pre>Share Name: PAM-Files
Directory to share: /srv/PAM-Share
Automatically Create Directory: Yes
Create with owner: root
Create with permissions: 775
Create with group: users
Available: yes
Browsable: yes
Share Comment: PAM user share folder
</pre>
# Once the share is setup, click it to edit it. Once you are at the Edit File Share page, click File Permissions. Notice how the New Unix file and New Unix directory are set to 755 by default, even though we set the share to use 775 to create the directory. This is done for security purposes.
# Now set the New Unix file and New Unix directory mode to 775, and set Force Unix group to users. You can now press save. We do this to allow authenticated users to modify and edit files that may have been added by other users.
# Now we will need to enable write access to the folder, as well as define what users are valid. On the Edit file share page again, click Security and Access Control. Now set the Writable option to Yes, and press save.
# At this point, you can test the share exactly the same way we did with the home folder share. Notice though how this share is set to browsable, so it shows up in the root share folder. Go ahead and create a file, and in putty, look at the user and group assigned to the files you created.
== Setup a Guest Folder ==
# Now we are going to setup a guest share folder. For this share, we will want to disable all authentication, but set the files to read only for security purposes.
# Back on the Samba Windows File Sharing config page in webmin, click Create a new file share.
# Use the following base configuration:
<pre>Share Name: Guest Share
Directory to share: /srv/Guest-Files
Automatically Create Directory: Yes
Create with owner: root
Create with permissions: 755
Create with group: root
Available: yes
Browsable: yes
Share Comment: Public File Share
</pre>
# Now click the Guest Share link to open its configuration page, and then click Security and Access Control. As we are setting this to be accessible by everyone, under Guest Access, set the option to yes and then press save.
# Now back in putty, browse to /srv/Guest-Files/ and using sudo, create a text file with some contents, then save the file. We will use this to test our permission settings.
# Now back on your local machine, browse back to the root of the share (\\172.17.50.xx\). Notice how there is now a folder called Guest Share, and when you enter it, your text file shows up. Open up the file, and try to edit and save the file. What error do you get?
# At this point you have successfully setup a guest share, PAM share, and home folder shares.

Franske ITC-2480 Lab 7

2014-02-24T02:02:37Z

Riptide wave: Rev 1, incomplete

Franske ITC-2480 Lab 5

2014-02-13T00:20:18Z

Riptide wave:

=Introduction=
In this lab you will learn about static network configuration of Debian Linux systems, how to install PHP and MySQL on your server, experiment with websites and databases, and some of the standard log files on your system.

=Lab Procedure=
==Prerequisites==
# Open an SSH console to your Linux system using the PuTTY software, login with your standard user account
# Make a note of the static IP address information for your particular system in the table below, it is based on the system name identification letter in vmWare. All systems will use a gateway address of 172.17.50.1 and a subnet mask of 255.255.255.0
{| {{table}}
| align="center" style="background:#f0f0f0;"|'''System ID'''
| align="center" style="background:#f0f0f0;"|'''Static IP'''
|-
| A||172.17.50.11
|-
| B||172.17.50.12
|-
| C||172.17.50.13
|-
| D||172.17.50.14
|-
| E||172.17.50.15
|-
| F||172.17.50.16
|-
| G||172.17.50.17
|-
| H||172.17.50.18
|-
| I||172.17.50.19
|-
| J||172.17.50.20
|-
| K||172.17.50.21
|-
| L||172.17.50.22
|-
| M||172.17.50.23
|-
| N||172.17.50.24
|-
| O||172.17.50.25
|-
| P||172.17.50.26
|-
| Q||172.17.50.27
|-
| R||172.17.50.28
|-
| S||172.17.50.29
|-
| T||172.17.50.30
|-
| U||172.17.50.31
|-
| V||172.17.50.32
|-
| W||172.17.50.33
|-
| X||172.17.50.34
|-
| Y||172.17.50.35
|-
| Z||172.17.50.36
|}
==Set a static IP==
# Using your text editor of choice, open up the file /etc/network/interfaces
# Notice how it is currently set to dhcp for the eth0 interface.
# To set a static IP, you will need to change iface eth0 inet dhcp to iface eth0 inet static.
# Now, under the iface line you just edited, you will need to enter the address, netmask, and gateway for the static network.
#* Reminder: it is common practice to indent (tab) static network configuration information in the interfaces file.
# Your configuration should be similar to this:
<pre>auto eth0
iface eth0 inet static
address xxx.xxx.xxx.xxx
netmask xxx.xxx.xxx.xxx
gateway xxx.xxx.xxx.xxx
dns-nameservers xxx.xxx.xxx.xxx</pre>
# Now save the file, and exit your file editor.
# Now we are going to apply the static IP change. Try using ifconfig to view your active configuration now and you should see that your old address is still active.
#* '''NOTE: You should only do network configuration changes when you have physical access to a machine. This way, if you mess up your configuration you will be able to fix it from a local console.'''
# Using the ifdown and ifup command, we are going to restart the network interface, this step is required to apply the change.
# In a terminal, run sudo ifdown eth0 && sudo ifup eth0. Notice the two && symbols. This tells the linux shell that it should run the second command right after the first. If we do not define this, then we would be left with a machine that has its networking turned off.
# At this point, your machine should now be using a static address. You will lose your SSH connection because the IP your SSH session is connected to is no longer in use by your machine.
# Reconnect through SSH to your new IP address and verify it is now applied using the ifconfig command.

==Install PHP & MySQL==
<ol>
<li>Using aptitude, install the php and mysql packages using aptitude install php5 mysql-server</li>
* Note: Remember to do an aptitude update before installing packages to make sure you get the latest versions
<li> After the dependencies are found, go ahead and accept them to continue the install.</li>
<li> During the mysql-server install, you will see a blue window (similar to the debian install screen) that will ask you to create a mysql root password. This password is what will be used to access the root account in mysql. Just like in linux, the mysql root account has full control of all databases hosted on the system. It does not need to be the same as your system root password but just like your system root password it is important that you keep it secure and don't forget what it is.</li>
<li> After the install is complete, cd to /var/www</li>
<li> At this point we will test to verify that php is working properly with Apache. Create a new file named phptest.php, and then open it in a text editor.</li>
<li>Enter the following into the file:
<pre><?php
phpinfo();
?></pre></li>
<li>Now save the file, and on your local machine go to xxx.xxx.xxx.xxx/phptest.php in a web browser where xxx.xxx.xxx.xxx is your VM's static IP. You should now be on a page that shows your PHP Version, and system information. Use the "View Source" option in your browser to see what the HTML source code is for the page you're viewing is. Is it the same or different than the .php file you created? Why? How is this different than a standard .html file?
* Note: PHP files are really tiny scripts that the webserver must execute in order to render them into HTML for the browser, therefore you may need to make adjustments so that the www-data user (which is the user the Apache webserver runs as on Debian Linux) has execute permission for the .php files you create.</li>
</ol>

==Experiment with Websites PHP==
# In a previous lab we learned about editing the /var/www/index.html file to change the default web page displayed by your server. In a future lab you will install some PHP/MySQL based software which powers many Internet sites with forums, blogs, etc. Before we can do that we need to learn a little more about PHP and about databases. Like most software on Linux the Apache webserver configuration files are stored in the /etc directory. Specifically, you can find several of them which work together and are called from each other in /etc/apache2/ take a look in the /etc/apache2/sites-enabled/ directory. See how symlinks are used to point to configuration files which actually reside in the /etc/apache2/sites-available/ directory? This allows us to turn off and on various sites by creating or removing a symlink rather than by deleting the actual configuration file, a handy thing if we just want to temporarily disable a site.
# As you might have guessed the default site for your system is configured by the file linked to at /etc/apache2/sites-enabled/000-default If you open this file in your favorite text editor you will see a series of what Apache calls "directives" which explain how the webserver should function, what port it should listen on, where the website files will reside (/var/www), etc. Going into all of the different Apache directives is outside of the scope of this course but you will find a lot of documentation about them on the Internet.
# In addition to configuring Apache directly through it's configuration files you can also configure it through an interface like Webmin which we installed in a previous lab. Bring up the Webmin configuration page for Apache and take a look at the settings for the default site. Note how the things you saw directly in the configuration file match up with what you see in Webmin. One of the things you may be interested in seeing is how the webserver knows to display the index.html file from a deirctory if it exists and no specific file is requested in the URL. Take a look on the "Directory Indexing" page and see if you can find this information. You'll notice that there is a list of files, not just index.html which the server will display.
# In another section of this lab you created a basic phptest.php file and saw how the server executed the PHP code and turned it into an HTML page your browser could display. Because PHP offers an easy way to write web applications it powers much of the Internet. To prepare us for setting up some PHP applications in a future lab it will be helpful to know a little about how PHP scripts work. Read through the [http://www.w3schools.com/php/default.asp W3 Schools PHP Basics Tutorial] (PHP Intro through PHP Superglobals) and try creating some PHP scripts on your own Linux server like the examples given in the tutorial pages to see if you can get them to run, try modifying them a little bit and see what the results are. There are many great Internet resources devoted to understanding how to do things with PHP so take some time to see how this language can be easily integrated in websites. You should definitely be familiar with editing PHP files to change variables, echo statements, etc. work which are all skills you'll need when installing PHP based website software.
# Try writing some simple PHP scripts on your own using variables and echo statements and make them available through your webserver. Edit your index.html file (or create a new index.php file which will be loaded instead if it exists) so there is a menu for you to find and run the various scripts you have created.

==Experiment with Databases==
# In order to do really powerful things with a website we need a database where we can store dynamic content which can be queried to automatically build site pages from a template. One of the most common databases is an SQL database, and MySQL has long been the most prevalent Linux SQL software. SQL is a standard way of interacting with a specific type of database called a relational database, we'll see why it's called a relational database in a minute. Each database is a collection of data stored in tables. You can think of a table as something like a spreadsheet with rows and columns, except we call the columns fields and the rows records (sometimes we actually call them rows too). The different tables are often related to one another, of course they are usually being used by the same web application, but usually the relationship goes deeper than that as we'll see in a little bit.
# To jumpstart our exploration of databases we'll download a pre-built sample database with a few tables and many records already in it and import it into our MySQL database server. Download the employees database file [https://launchpad.net/test-db/employees-db-1/1.0.6/+download/employees_db-full-1.0.6.tar.bz2 employees_db-full-1.0.6.tar.bz2] (about 26MB) and get it into your home directory. Instead of using the links browser to do this or downloading to your computer and then pushing this large file back across the Internet with an SCP/SFTP client like FileZilla a better choice might be to learn about the wget program which can be used like "wget https://launchpad.net/test-db/employees-db-1/1.0.6/+download/employees_db-full-1.0.6.tar.bz2" to download the file into your current working directory.
# Figure out how to use the TAR program to unpack this .tar.bz2 file. Note that this file uses bz2 compression which takes longer to compress than gzip but can compress the files more. Once unpacked you should have an "employees_db" folder.
# Inside the employees_db folder you should have a number of .sql script files and dump files which can be used to restore the database to your system. Take a look at the employees.sql file, it's just a text file, which describes the format of the database. Also take a look at the load_employees.dump file, also just a text file, which contains all of the records from the employees table of the database. Note there are 300,000 some employee records in this database so you probably don't want to just use cat to view these files as it could take a while to print them out to your screen. Using the less program would be a better choice as it will allow you to exit viewing the file by pressing q at any time.
# We can interact with the MySQL server in many different ways. The first way we'll take a look at is through the command line mysql program. Run the "mysql -u root -p" command and enter the MySQL root password (which may be different than they system root password) to login to the mysql program with root permissions. The MySQL program actually stores it's own usernames and passwords as a MySQL database itself, you can create and modify these permissions from the mysql command line but we'll learn more about modifying them through the Webmin interface later.
# MySQL has it's own command line language the you can use through the "mysql>" prompt you are now running. For example, if we want to see a list of databases on the system we can run "SHOW databases;" run the command and note the databases that already exist by default.
# To import the employee database we can use the "source employees.sql;" command (assuming we were already working in the directory which contains the employees.sql file when we launched mysql. Import the employee database and verify the system now has an employees database.
# If we want to see all of the tables in the employees database we must first select the database we want to work on using the "USE employees;" command, run this followed by the "SHOW tables;" command to see a list of tables.
# To see a list of all the records in a table we need to run an SQL query like "SELECT * from employees" which will list all the records in the employees table of the employees database and display them. Remember that we previously selected to USE the employees database, this will be remembered until we USE a different database. Try displaying the records in a couple of different tables like employees and departments.
# There is much more that we can do from the MySQL command line but that would be a whole class or more itself. The MySQL program is well documented on the Internet and with these basic skills you should be able to figure out most of it. Before we leave the MySQL command line let's see how to delete the employees database. Run the command "DROP DATABASE employees;" to delete the entire database. Obviously the DROP command is one to be careful with as you can easily wipe out a huge database with one line! Type "exit;" to quit the MySQL program and return to a Linux shell.
# Now that you have learned a bit about MySQL databases from the command line let's see how they look in the Webmin web management interface. Log back in to your Webmin interface through a browser on your host system.
# Because MySQL was not installed when we first setup Webmin you need to "scan for new modules" first. Once that process has finished refresh the page to see that MySQL has been added to the server section of Webmin.
# Take a look at the Webmin MySQL module and see how users and permissions are configured.
# Load the employees.sql file through the Webmin MySQL module and see the employees database get added.
# Try browsing through the employees database using the Webmin interface including viewing tables and records inside of the tables.

==View Logfiles==

Franske ITC-2480 Lab 5

2014-02-13T00:19:05Z

Riptide wave:

=Introduction=
In this lab you will learn about static network configuration of Debian Linux systems, how to install PHP and MySQL on your server, experiment with websites and databases, and some of the standard log files on your system.

=Lab Procedure=
==Prerequisites==
# Open an SSH console to your Linux system using the PuTTY software, login with your standard user account
# Make a note of the static IP address information for your particular system in the table below, it is based on the system name identification letter in vmWare. All systems will use a gateway address of 172.17.50.1 and a subnet mask of 255.255.255.0
{| {{table}}
| align="center" style="background:#f0f0f0;"|'''System ID'''
| align="center" style="background:#f0f0f0;"|'''Static IP'''
|-
| A||172.17.50.11
|-
| B||172.17.50.12
|-
| C||172.17.50.13
|-
| D||172.17.50.14
|-
| E||172.17.50.15
|-
| F||172.17.50.16
|-
| G||172.17.50.17
|-
| H||172.17.50.18
|-
| I||172.17.50.19
|-
| J||172.17.50.20
|-
| K||172.17.50.21
|-
| L||172.17.50.22
|-
| M||172.17.50.23
|-
| N||172.17.50.24
|-
| O||172.17.50.25
|-
| P||172.17.50.26
|-
| Q||172.17.50.27
|-
| R||172.17.50.28
|-
| S||172.17.50.29
|-
| T||172.17.50.30
|-
| U||172.17.50.31
|-
| V||172.17.50.32
|-
| W||172.17.50.33
|-
| X||172.17.50.34
|-
| Y||172.17.50.35
|-
| Z||172.17.50.36
|}
==Set a static IP==
# Using your text editor of choice, open up the file /etc/network/interfaces
# Notice how it is currently set to dhcp for the eth0 interface.
# To set a static IP, you will need to change iface eth0 inet dhcp to iface eth0 inet static.
# Now, under the iface line you just edited, you will need to enter the address, netmask, and gateway for the static network.
#* Reminder: it is common practice to indent (tab) static network configuration information in the interfaces file.
# Your configuration should be similar to this:
<pre>auto eth0
iface eth0 inet static
address xxx.xxx.xxx.xxx
netmask xxx.xxx.xxx.xxx
gateway xxx.xxx.xxx.xxx
dns-nameservers xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx</pre>
# Now save the file, and exit your file editor.
# Now we are going to apply the static IP change. Try using ifconfig to view your active configuration now and you should see that your old address is still active.
#* '''NOTE: You should only do network configuration changes when you have physical access to a machine. This way, if you mess up your configuration you will be able to fix it from a local console.'''
# Using the ifdown and ifup command, we are going to restart the network interface, this step is required to apply the change.
# In a terminal, run sudo ifdown eth0 && sudo ifup eth0. Notice the two && symbols. This tells the linux shell that it should run the second command right after the first. If we do not define this, then we would be left with a machine that has its networking turned off.
# At this point, your machine should now be using a static address. You will lose your SSH connection because the IP your SSH session is connected to is no longer in use by your machine.
# Reconnect through SSH to your new IP address and verify it is now applied using the ifconfig command.

==Install PHP & MySQL==
<ol>
<li>Using aptitude, install the php and mysql packages using aptitude install php5 mysql-server</li>
* Note: Remember to do an aptitude update before installing packages to make sure you get the latest versions
<li> After the dependencies are found, go ahead and accept them to continue the install.</li>
<li> During the mysql-server install, you will see a blue window (similar to the debian install screen) that will ask you to create a mysql root password. This password is what will be used to access the root account in mysql. Just like in linux, the mysql root account has full control of all databases hosted on the system. It does not need to be the same as your system root password but just like your system root password it is important that you keep it secure and don't forget what it is.</li>
<li> After the install is complete, cd to /var/www</li>
<li> At this point we will test to verify that php is working properly with Apache. Create a new file named phptest.php, and then open it in a text editor.</li>
<li>Enter the following into the file:
<pre><?php
phpinfo();
?></pre></li>
<li>Now save the file, and on your local machine go to xxx.xxx.xxx.xxx/phptest.php in a web browser where xxx.xxx.xxx.xxx is your VM's static IP. You should now be on a page that shows your PHP Version, and system information. Use the "View Source" option in your browser to see what the HTML source code is for the page you're viewing is. Is it the same or different than the .php file you created? Why? How is this different than a standard .html file?
* Note: PHP files are really tiny scripts that the webserver must execute in order to render them into HTML for the browser, therefore you may need to make adjustments so that the www-data user (which is the user the Apache webserver runs as on Debian Linux) has execute permission for the .php files you create.</li>
</ol>

==Experiment with Websites PHP==
# In a previous lab we learned about editing the /var/www/index.html file to change the default web page displayed by your server. In a future lab you will install some PHP/MySQL based software which powers many Internet sites with forums, blogs, etc. Before we can do that we need to learn a little more about PHP and about databases. Like most software on Linux the Apache webserver configuration files are stored in the /etc directory. Specifically, you can find several of them which work together and are called from each other in /etc/apache2/ take a look in the /etc/apache2/sites-enabled/ directory. See how symlinks are used to point to configuration files which actually reside in the /etc/apache2/sites-available/ directory? This allows us to turn off and on various sites by creating or removing a symlink rather than by deleting the actual configuration file, a handy thing if we just want to temporarily disable a site.
# As you might have guessed the default site for your system is configured by the file linked to at /etc/apache2/sites-enabled/000-default If you open this file in your favorite text editor you will see a series of what Apache calls "directives" which explain how the webserver should function, what port it should listen on, where the website files will reside (/var/www), etc. Going into all of the different Apache directives is outside of the scope of this course but you will find a lot of documentation about them on the Internet.
# In addition to configuring Apache directly through it's configuration files you can also configure it through an interface like Webmin which we installed in a previous lab. Bring up the Webmin configuration page for Apache and take a look at the settings for the default site. Note how the things you saw directly in the configuration file match up with what you see in Webmin. One of the things you may be interested in seeing is how the webserver knows to display the index.html file from a deirctory if it exists and no specific file is requested in the URL. Take a look on the "Directory Indexing" page and see if you can find this information. You'll notice that there is a list of files, not just index.html which the server will display.
# In another section of this lab you created a basic phptest.php file and saw how the server executed the PHP code and turned it into an HTML page your browser could display. Because PHP offers an easy way to write web applications it powers much of the Internet. To prepare us for setting up some PHP applications in a future lab it will be helpful to know a little about how PHP scripts work. Read through the [http://www.w3schools.com/php/default.asp W3 Schools PHP Basics Tutorial] (PHP Intro through PHP Superglobals) and try creating some PHP scripts on your own Linux server like the examples given in the tutorial pages to see if you can get them to run, try modifying them a little bit and see what the results are. There are many great Internet resources devoted to understanding how to do things with PHP so take some time to see how this language can be easily integrated in websites. You should definitely be familiar with editing PHP files to change variables, echo statements, etc. work which are all skills you'll need when installing PHP based website software.
# Try writing some simple PHP scripts on your own using variables and echo statements and make them available through your webserver. Edit your index.html file (or create a new index.php file which will be loaded instead if it exists) so there is a menu for you to find and run the various scripts you have created.

==Experiment with Databases==
# In order to do really powerful things with a website we need a database where we can store dynamic content which can be queried to automatically build site pages from a template. One of the most common databases is an SQL database, and MySQL has long been the most prevalent Linux SQL software. SQL is a standard way of interacting with a specific type of database called a relational database, we'll see why it's called a relational database in a minute. Each database is a collection of data stored in tables. You can think of a table as something like a spreadsheet with rows and columns, except we call the columns fields and the rows records (sometimes we actually call them rows too). The different tables are often related to one another, of course they are usually being used by the same web application, but usually the relationship goes deeper than that as we'll see in a little bit.
# To jumpstart our exploration of databases we'll download a pre-built sample database with a few tables and many records already in it and import it into our MySQL database server. Download the employees database file [https://launchpad.net/test-db/employees-db-1/1.0.6/+download/employees_db-full-1.0.6.tar.bz2 employees_db-full-1.0.6.tar.bz2] (about 26MB) and get it into your home directory. Instead of using the links browser to do this or downloading to your computer and then pushing this large file back across the Internet with an SCP/SFTP client like FileZilla a better choice might be to learn about the wget program which can be used like "wget https://launchpad.net/test-db/employees-db-1/1.0.6/+download/employees_db-full-1.0.6.tar.bz2" to download the file into your current working directory.
# Figure out how to use the TAR program to unpack this .tar.bz2 file. Note that this file uses bz2 compression which takes longer to compress than gzip but can compress the files more. Once unpacked you should have an "employees_db" folder.
# Inside the employees_db folder you should have a number of .sql script files and dump files which can be used to restore the database to your system. Take a look at the employees.sql file, it's just a text file, which describes the format of the database. Also take a look at the load_employees.dump file, also just a text file, which contains all of the records from the employees table of the database. Note there are 300,000 some employee records in this database so you probably don't want to just use cat to view these files as it could take a while to print them out to your screen. Using the less program would be a better choice as it will allow you to exit viewing the file by pressing q at any time.
# We can interact with the MySQL server in many different ways. The first way we'll take a look at is through the command line mysql program. Run the "mysql -u root -p" command and enter the MySQL root password (which may be different than they system root password) to login to the mysql program with root permissions. The MySQL program actually stores it's own usernames and passwords as a MySQL database itself, you can create and modify these permissions from the mysql command line but we'll learn more about modifying them through the Webmin interface later.
# MySQL has it's own command line language the you can use through the "mysql>" prompt you are now running. For example, if we want to see a list of databases on the system we can run "SHOW databases;" run the command and note the databases that already exist by default.
# To import the employee database we can use the "source employees.sql;" command (assuming we were already working in the directory which contains the employees.sql file when we launched mysql. Import the employee database and verify the system now has an employees database.
# If we want to see all of the tables in the employees database we must first select the database we want to work on using the "USE employees;" command, run this followed by the "SHOW tables;" command to see a list of tables.
# To see a list of all the records in a table we need to run an SQL query like "SELECT * from employees" which will list all the records in the employees table of the employees database and display them. Remember that we previously selected to USE the employees database, this will be remembered until we USE a different database. Try displaying the records in a couple of different tables like employees and departments.
# There is much more that we can do from the MySQL command line but that would be a whole class or more itself. The MySQL program is well documented on the Internet and with these basic skills you should be able to figure out most of it. Before we leave the MySQL command line let's see how to delete the employees database. Run the command "DROP DATABASE employees;" to delete the entire database. Obviously the DROP command is one to be careful with as you can easily wipe out a huge database with one line! Type "exit;" to quit the MySQL program and return to a Linux shell.
# Now that you have learned a bit about MySQL databases from the command line let's see how they look in the Webmin web management interface. Log back in to your Webmin interface through a browser on your host system.
# Because MySQL was not installed when we first setup Webmin you need to "scan for new modules" first. Once that process has finished refresh the page to see that MySQL has been added to the server section of Webmin.
# Take a look at the Webmin MySQL module and see how users and permissions are configured.
# Load the employees.sql file through the Webmin MySQL module and see the employees database get added.
# Try browsing through the employees database using the Webmin interface including viewing tables and records inside of the tables.

==View Logfiles==

Franske ITC-2480 Lab 5

2014-02-13T00:15:12Z

Riptide wave:

=Introduction=
In this lab you will learn about static network configuration of Debian Linux systems, how to install PHP and MySQL on your server, experiment with websites and databases, and some of the standard log files on your system.

=Lab Procedure=
==Prerequisites==
# Open an SSH console to your Linux system using the PuTTY software, login with your standard user account
# Make a note of the static IP address information for your particular system in the table below, it is based on the system name identification letter in vmWare. All systems will use a gateway address of 172.17.50.1 and a subnet mask of 255.255.255.0
{| {{table}}
| align="center" style="background:#f0f0f0;"|'''System ID'''
| align="center" style="background:#f0f0f0;"|'''Static IP'''
|-
| A||172.17.50.11
|-
| B||172.17.50.12
|-
| C||172.17.50.13
|-
| D||172.17.50.14
|-
| E||172.17.50.15
|-
| F||172.17.50.16
|-
| G||172.17.50.17
|-
| H||172.17.50.18
|-
| I||172.17.50.19
|-
| J||172.17.50.20
|-
| K||172.17.50.21
|-
| L||172.17.50.22
|-
| M||172.17.50.23
|-
| N||172.17.50.24
|-
| O||172.17.50.25
|-
| P||172.17.50.26
|-
| Q||172.17.50.27
|-
| R||172.17.50.28
|-
| S||172.17.50.29
|-
| T||172.17.50.30
|-
| U||172.17.50.31
|-
| V||172.17.50.32
|-
| W||172.17.50.33
|-
| X||172.17.50.34
|-
| Y||172.17.50.35
|-
| Z||172.17.50.36
|}
==Set a static IP==
# Using your text editor of choice, open up the file /etc/network/interfaces
# Notice how it is currently set to dhcp for the eth0 interface.
# To set a static IP, you will need to change iface eth0 inet dhcp to iface eth0 inet static.
# Now, under the iface line you just edited, you will need to enter the address, netmask, and gateway for the static network.
#* Reminder: it is common practice to indent (tab) static network configuration information in the interfaces file.
# Your configuration should be similar to this:
<pre>auto eth0
iface eth0 inet static
address xxx.xxx.xxx.xxx
netmask xxx.xxx.xxx.xxx
gateway xxx.xxx.xxx.xxx</pre>
# Now save the file, and exit your file editor.
# Now we are going to apply the static IP change. Try using ifconfig to view your active configuration now and you should see that your old address is still active.
#* '''NOTE: You should only do network configuration changes when you have physical access to a machine. This way, if you mess up your configuration you will be able to fix it from a local console.'''
# Using the ifdown and ifup command, we are going to restart the network interface, this step is required to apply the change.
# In a terminal, run sudo ifdown eth0 && sudo ifup eth0. Notice the two && symbols. This tells the linux shell that it should run the second command right after the first. If we do not define this, then we would be left with a machine that has its networking turned off.
# At this point, your machine should now be using a static address. You will lose your SSH connection because the IP your SSH session is connected to is no longer in use by your machine.
# Reconnect through SSH to your new IP address and verify it is now applied using the ifconfig command.

==Install PHP & MySQL==
<ol>
<li>Using aptitude, install the php and mysql packages using aptitude install php5 mysql-server</li>
* Note: Remember to do an aptitude update before installing packages to make sure you get the latest versions
<li> After the dependencies are found, go ahead and accept them to continue the install.</li>
<li> During the mysql-server install, you will see a blue window (similar to the debian install screen) that will ask you to create a mysql root password. This password is what will be used to access the root account in mysql. Just like in linux, the mysql root account has full control of all databases hosted on the system. It does not need to be the same as your system root password but just like your system root password it is important that you keep it secure and don't forget what it is.</li>
<li> After the install is complete, cd to /var/www</li>
<li> At this point we will test to verify that php is working properly with Apache. Create a new file named phptest.php, and then open it in a text editor.</li>
<li>Enter the following into the file:
<pre><?php
phpinfo();
?></pre></li>
<li>Now save the file, and on your local machine go to xxx.xxx.xxx.xxx/phptest.php in a web browser where xxx.xxx.xxx.xxx is your VM's static IP. You should now be on a page that shows your PHP Version, and system information. Use the "View Source" option in your browser to see what the HTML source code is for the page you're viewing is. Is it the same or different than the .php file you created? Why? How is this different than a standard .html file?
* Note: PHP files are really tiny scripts that the webserver must execute in order to render them into HTML for the browser, therefore you may need to make adjustments so that the www-data user (which is the user the Apache webserver runs as on Debian Linux) has execute permission for the .php files you create.</li>
</ol>

==Experiment with Websites PHP==
# In a previous lab we learned about editing the /var/www/index.html file to change the default web page displayed by your server. In a future lab you will install some PHP/MySQL based software which powers many Internet sites with forums, blogs, etc. Before we can do that we need to learn a little more about PHP and about databases. Like most software on Linux the Apache webserver configuration files are stored in the /etc directory. Specifically, you can find several of them which work together and are called from each other in /etc/apache2/ take a look in the /etc/apache2/sites-enabled/ directory. See how symlinks are used to point to configuration files which actually reside in the /etc/apache2/sites-available/ directory? This allows us to turn off and on various sites by creating or removing a symlink rather than by deleting the actual configuration file, a handy thing if we just want to temporarily disable a site.
# As you might have guessed the default site for your system is configured by the file linked to at /etc/apache2/sites-enabled/000-default If you open this file in your favorite text editor you will see a series of what Apache calls "directives" which explain how the webserver should function, what port it should listen on, where the website files will reside (/var/www), etc. Going into all of the different Apache directives is outside of the scope of this course but you will find a lot of documentation about them on the Internet.
# In addition to configuring Apache directly through it's configuration files you can also configure it through an interface like Webmin which we installed in a previous lab. Bring up the Webmin configuration page for Apache and take a look at the settings for the default site. Note how the things you saw directly in the configuration file match up with what you see in Webmin. One of the things you may be interested in seeing is how the webserver knows to display the index.html file from a deirctory if it exists and no specific file is requested in the URL. Take a look on the "Directory Indexing" page and see if you can find this information. You'll notice that there is a list of files, not just index.html which the server will display.
# In another section of this lab you created a basic phptest.php file and saw how the server executed the PHP code and turned it into an HTML page your browser could display. Because PHP offers an easy way to write web applications it powers much of the Internet. To prepare us for setting up some PHP applications in a future lab it will be helpful to know a little about how PHP scripts work. Read through the [http://www.w3schools.com/php/default.asp W3 Schools PHP Basics Tutorial] (PHP Intro through PHP Superglobals) and try creating some PHP scripts on your own Linux server like the examples given in the tutorial pages to see if you can get them to run, try modifying them a little bit and see what the results are. There are many great Internet resources devoted to understanding how to do things with PHP so take some time to see how this language can be easily integrated in websites. You should definitely be familiar with editing PHP files to change variables, echo statements, etc. work which are all skills you'll need when installing PHP based website software.
# Try writing some simple PHP scripts on your own using variables and echo statements and make them available through your webserver. Edit your index.html file (or create a new index.php file which will be loaded instead if it exists) so there is a menu for you to find and run the various scripts you have created.

==Experiment with Databases==
# In order to do really powerful things with a website we need a database where we can store dynamic content which can be queried to automatically build site pages from a template. One of the most common databases is an SQL database, and MySQL has long been the most prevalent Linux SQL software. SQL is a standard way of interacting with a specific type of database called a relational database, we'll see why it's called a relational database in a minute. Each database is a collection of data stored in tables. You can think of a table as something like a spreadsheet with rows and columns, except we call the columns fields and the rows records (sometimes we actually call them rows too). The different tables are often related to one another, of course they are usually being used by the same web application, but usually the relationship goes deeper than that as we'll see in a little bit.
# To jumpstart our exploration of databases we'll download a pre-built sample database with a few tables and many records already in it and import it into our MySQL database server. Download the employees database file [https://launchpad.net/test-db/employees-db-1/1.0.6/+download/employees_db-full-1.0.6.tar.bz2 employees_db-full-1.0.6.tar.bz2] (about 26MB) and get it into your home directory. Instead of using the links browser to do this or downloading to your computer and then pushing this large file back across the Internet with an SCP/SFTP client like FileZilla a better choice might be to learn about the wget program which can be used like "wget https://launchpad.net/test-db/employees-db-1/1.0.6/+download/employees_db-full-1.0.6.tar.bz2" to download the file into your current working directory.
# Figure out how to use the TAR program to unpack this .tar.bz2 file. Note that this file uses bz2 compression which takes longer to compress than gzip but can compress the files more. Once unpacked you should have an "employees_db" folder.
# Inside the employees_db folder you should have a number of .sql script files and dump files which can be used to restore the database to your system. Take a look at the employees.sql file, it's just a text file, which describes the format of the database. Also take a look at the load_employees.dump file, also just a text file, which contains all of the records from the employees table of the database. Note there are 300,000 some employee records in this database so you probably don't want to just use cat to view these files as it could take a while to print them out to your screen. Using the less program would be a better choice as it will allow you to exit viewing the file by pressing q at any time.
# We can interact with the MySQL server in many different ways. The first way we'll take a look at is through the command line mysql program. Run the "mysql -u root -p" command and enter the MySQL root password (which may be different than they system root password) to login to the mysql program with root permissions. The MySQL program actually stores it's own usernames and passwords as a MySQL database itself, you can create and modify these permissions from the mysql command line but we'll learn more about modifying them through the Webmin interface later.
# MySQL has it's own command line language the you can use through the "mysql>" prompt you are now running. For example, if we want to see a list of databases on the system we can run "SHOW databases;" run the command and note the databases that already exist by default.
# To import the employee database we can use the "source employees.sql;" command (assuming we were already working in the directory which contains the employees.sql file when we launched mysql. Import the employee database and verify the system now has an employees database.
# If we want to see all of the tables in the employees database we must first select the database we want to work on using the "USE employees;" command, run this followed by the "SHOW tables;" command to see a list of tables.
# To see a list of all the records in a table we need to run an SQL query like "SELECT * from employees" which will list all the records in the employees table of the employees database and display them. Remember that we previously selected to USE the employees database, this will be remembered until we USE a different database. Try displaying the records in a couple of different tables like employees and departments.
# There is much more that we can do from the MySQL command line but that would be a whole class or more itself. The MySQL program is well documented on the Internet and with these basic skills you should be able to figure out most of it. Before we leave the MySQL command line let's see how to delete the employees database. Run the command "DROP DATABASE employees;" to delete the entire database. Obviously the DROP command is one to be careful with as you can easily wipe out a huge database with one line! Type "exit;" to quit the MySQL program and return to a Linux shell.
# Now that you have learned a bit about MySQL databases from the command line let's see how they look in the Webmin web management interface. Log back in to your Webmin interface through a browser on your host system.
# Because MySQL was not installed when we first setup Webmin you need to "scan for new modules" first. Once that process has finished refresh the page to see that MySQL has been added to the server section of Webmin.
# Take a look at the Webmin MySQL module and see how users and permissions are configured.
# Load the employees.sql file through the Webmin MySQL module and see the employees database get added.
# Try browsing through the employees database using the Webmin interface including viewing tables and records inside of the tables.

==View Logfiles==

Franske ITC-2480 Lab 5

2014-02-10T00:38:49Z

Riptide wave:

=Introduction=

=Lab Procedure=
==Prerequisites==
# Open an SSH console to your Linux system using the PuTTY software, login with your standard user account
==Set a static IP==
# Using your text editor of choice, open up the file /etc/network/interfaces
# Notice how it is currently set to dhcp for the eth0 interface.
# To set a static IP, you will need to change iface eth0 inet dhcp to iface eth0 inet static.
# Now, under the iface line you just edited, you will need to enter the address, netmask, and gateway for the static network.
## Reminder: it is common practice to indent (tab) static network configuration information in the interfaces file.
# Your configuration should be similar to this:
<pre>auto eth0
iface eth0 inet static
address xxx.xxx.xxx.xxx
netmask xxx.xxx.xxx.xxx
gateway xxx.xxx.xxx.xxx</pre>
# Now save the file, and exit your file editor.
# Now we are going to apply the static IP change
## '''NOTE: You should only do network configuration changes when you have physical access to a machine. This way, if you mess up your configuration you will be able to fix it from a local console.'''
# Using the ifdown and ifup command, we are going to restart the network interface
# In a terminal, run ifdown eth0 && ifup eth0. Notice the two && symbols. This tells the linux shell that it should run the second command right after the first. If we do not define this, then we would be left with a machine that has its networking turned off.
# At this point, your machine should now be using a static address. Verify it is now applied using the ifconfig command.

==Install PHP & MySQL==
# Using aptitude, install the php and mysql packages using aptitude install php5 mysql-server
## Note: Remember to do an aptitude update before installing packages.
# After the dependencies are found, go ahead and accept them to continue the install.
# During the mysql-server install, you will see a blue window (similar to the debian install screen) that will ask you to create a mysql root password. This password is what will be used to access the root account in mysql. Just like in linux, the mysql root account has full control of all databases hosted on the system.
# After the install is complete, cd to /var/www
# At this point we will test to verify that php is working properly with apache. Create a new file named phptest.php, and then open it in a text editor.
# Enter the following into the file:
<pre><?php
phpinfo();
?></pre>
# Now save the file, and on your local machine go to xxx.xxx.xxx.xxx/phptest.php in a web browser where xxx.xxx.xxx.xxx is your VM's static IP. You should now be on a page that shows your PHP Version, and system information.

==experiment with websites and databases==

==View Logfiles==

Franske ITC-2480 Lab 5

2014-02-09T15:21:34Z

Riptide wave:

=Introduction=

=Lab Procedure=
==Prerequisites==
# Open an SSH console to your Linux system using the PuTTY software, login with your standard user account
==Set a static IP==
# Using your text editor of choice, open up the file /etc/network/interfaces
# Notice how it is currently set to dhcp for the eth0 interface.
# To set a static IP, you will need to change iface eth0 inet dhcp to iface eth0 inet static.
# Now, under the iface line you just edited, you will need to enter the address, netmask, and gateway for the static network.
## Reminder: it is common practice to indent (tab) static network configuration information in the interfaces file.
# Your configuration should be similar to this:
<pre>auto eth0
iface eth0 inet static
address xxx.xxx.xxx.xxx
netmask xxx.xxx.xxx.xxx
gateway xxx.xxx.xxx.xxx</pre>
# Now save the file, and exit your file editor.
# Now we are going to apply the static IP change
## '''NOTE: You should only do network configuration changes when you have physical access to a machine. This way, if you mess up your configuration you will be able to fix it from a local console.'''
# Using the ifdown and ifup command, we are going to restart the network interface
# In a terminal, run ifdown eth0 && ifup eth0. Notice the two && symbols. This tells the linux shell that it should run the second command right after the first. If we do not define this, then we would be left with a machine that has its networking turned off.
# At this point, your machine should now be using a static address. Verify it is now applied using the ifconfig command.

==Install PHP & MySQL==
# Using aptitude, install the php and mysql packages using aptitude install php5 mysql-server
## Note: Remember to do an aptitude update before installing packages.
# After the dependencies are found, go ahead and accept them to continue the install.
# During the mysql-server install, you will see a blue window (similar to the debian install screen) that will ask you to create a mysql root password. This password is what will be used to access the root account in mysql. Just like in linux, the mysql root account has full control of any database hosted on the system.
# After the install is complete, cd to /var/www
# To test that PHP is installed and functional, we will test it. Create a new file named phptest.php, and then open it in a text editor.
# Enter the following into the file:
<pre><?php
phpinfo();
?></pre>
# Now save the file, and on your local machine go to xxx.xxx.xxx.xxx/phptest.php in a web browser where xxx.xxx.xxx.xxx is your VM's static IP. You should now be on a page that shows your PHP Version, and system information.

==experiment with websites and databases==

==View Logfiles==

Franske ITC-2480 Lab 5

2014-02-09T15:20:48Z

Riptide wave: /* Install PHP & MySQL */

=Introduction=

=Lab Procedure=
==Prerequisites==
# Open an SSH console to your Linux system using the PuTTY software, login with your standard user account
==Set a static IP==
# using your text editor of choice, open up the file /etc/network/interfaces
# Notice how it is currently set to dhcp for the eth0 interface.
# To set a static IP, you will need to change iface eth0 inet dhcp to iface eth0 inet static.
# Now, under the iface line you just edited, you will need to enter the address, netmask, and gateway for the static network.
## Reminder: it is common practice to indent (tab) static network configuration information in the interfaces file.
# Your configuration should be similar to this:
<pre>auto eth0
iface eth0 inet static
address xxx.xxx.xxx.xxx
netmask xxx.xxx.xxx.xxx
gateway xxx.xxx.xxx.xxx</pre>
# Now save the file, and exit your file editor.
# Now we are going to apply the static IP change
## '''NOTE: You should only do network configuration changes when you have physical access to a machine. This way, if you mess up your configuration you will be able to fix it from a local console.'''
# Using the ifdown and ifup command, we are going to restart the network interface
# in a terminal, run ifdown eth0 && ifup eth0. Notice the two && symbols. This tells the linux shell that it should run the second command right after the first. If we do not define this, then we would be left with a machine that has its networking turned off.
# At this point, your machine should now be using a static address. Verify it is now applied using the ifconfig command.

==Install PHP & MySQL==
# Using aptitude, install the php and mysql packages using aptitude install php5 mysql-server
## Note: Remember to do an aptitude update before installing packages.
# After the dependencies are found, go ahead and accept them to continue the install.
# During the mysql-server install, you will see a blue window (similar to the debian install screen) that will ask you to create a mysql root password. This password is what will be used to access the root account in mysql. Just like in linux, the mysql root account has full control of any database hosted on the system.
# After the install is complete, cd to /var/www
# To test that PHP is installed and functional, we will test it. Create a new file named phptest.php, and then open it in a text editor.
# Enter the following into the file:
<pre><?php
phpinfo();
?></pre>
# Now save the file, and on your local machine go to xxx.xxx.xxx.xxx/phptest.php in a web browser where xxx.xxx.xxx.xxx is your VM's static IP. You should now be on a page that shows your PHP Version, and system information.

==experiment with websites and databases==

==View Logfiles==

Franske ITC-2480 Lab 5

2014-02-09T15:20:12Z

Riptide wave: /* Install PHP & MySQL */

=Introduction=

=Lab Procedure=
==Prerequisites==
# Open an SSH console to your Linux system using the PuTTY software, login with your standard user account
==Set a static IP==
# using your text editor of choice, open up the file /etc/network/interfaces
# Notice how it is currently set to dhcp for the eth0 interface.
# To set a static IP, you will need to change iface eth0 inet dhcp to iface eth0 inet static.
# Now, under the iface line you just edited, you will need to enter the address, netmask, and gateway for the static network.
## Reminder: it is common practice to indent (tab) static network configuration information in the interfaces file.
# Your configuration should be similar to this:
<pre>auto eth0
iface eth0 inet static
address xxx.xxx.xxx.xxx
netmask xxx.xxx.xxx.xxx
gateway xxx.xxx.xxx.xxx</pre>
# Now save the file, and exit your file editor.
# Now we are going to apply the static IP change
## '''NOTE: You should only do network configuration changes when you have physical access to a machine. This way, if you mess up your configuration you will be able to fix it from a local console.'''
# Using the ifdown and ifup command, we are going to restart the network interface
# in a terminal, run ifdown eth0 && ifup eth0. Notice the two && symbols. This tells the linux shell that it should run the second command right after the first. If we do not define this, then we would be left with a machine that has its networking turned off.
# At this point, your machine should now be using a static address. Verify it is now applied using the ifconfig command.

==Install PHP & MySQL==
# Using aptitude, install the php and mysql packages using aptitude install php5 mysql-server
## Note: Remember to do an aptitude update before installing packages.
# After the dependencies are found, go ahead and accept them to continue the install.
# During the mysql-server install, you will see a blue window (similar to the debian install screen) that will ask you to create a mysql root password. This password is what will be used to access the root account in mysql. Just like in linux, the mysql root account has full control of any database hosted on the system.
# After the install is complete, cd to /var/www
# To test that PHP is installed and functional, we will test it. Create a new file named phptest.php, and then open it in a text editor.
# Enter the following into the file:
<pre><?php
phpinfo();
?></pre>
# Now save the file, and on your local machine go to vmip/phptest.php in a web browser. You should now be on a page that shows your PHP Version, and system information.

==experiment with websites and databases==

==View Logfiles==

Franske ITC-2480 Lab 5

2014-02-09T15:07:20Z

Riptide wave: Add static IP lab

Franske ITC-2480 Assignments

2014-02-09T14:51:15Z

Riptide wave:

=Labs=
You are responsible for completing ALL of these labs. You must submit a [[Franske Lab Report Format|lab report]] for each chapter (you may combine multiple labs from the chapter into a single report). If you work with a partner on a lab you only need to submit a single lab report for the two of you but it must have both your names on it. Each lab report is worth up to 20 points. This falls into the Labs/Homework category of your course grade.

# [[Franske ITC-2480 Lab 1|Lab 1: Install Debian, check IP, remote access with ssh/sftp]]
# [[Franske ITC-2480 Lab 2|Lab 2: Install Links, install Apache, download, copy, move, remove files, tar file extraction, directories]]
# [[Franske ITC-2480 Lab 3|Lab 3: Install sudo, create new user, change ownership and permissions on files/dirs, view man pages, install webmin]]
# [[Franske ITC-2480 Lab 4|Lab 4: redirect/pipe output, create links, create compressed files, text editing]]
# [[Franske ITC-2480 Lab 5|Lab 5: Set static IP, install PHP/mySQL, experiment with websites and databases, view logfiles]]
# Lab 6: Install forum & blog software, experiment with PHP
# Lab 7: Install Samba, configure for basic workgroup filesharing
# Lab 8: Install Postfix MTA, courier-imap
# Lab 9: Install BIND and configure as caching plus zones for a local domain
# Lab 10: 2nd NIC internal network configuration
# Lab 11: Explore /proc /dev, Partition/format/mount 2nd HDD
# Lab 12: Use of nmap, netstat, MRTG/cacti, Nagios
# Lab 13: Write BASH scripts

=Homework=
Any homework assigned in the course will go here. This falls into the Labs/Homework category of your course grade. Remember, for homework assignments turn in the actual pages from your lab book or printouts from the curriculum and not a lab report. Homework assignment are individual, you and your lab partner need to both turn them in separately even if you work on them together.

=Participation Activities=
Any participation activities completed in the course will go here. This falls into the participation category of your course grade.
* Meet with the instructor once per week to discuss course progress and ask questions (up to 10 points each based on progress)

=Unit Assessments=
You are responsible for completing an online unit assessment for each chapter. These fall into the online assessments category of your course grade.

=Other=
You are also responsible for completing these things, see the course syllabus for category and weighting information.
* Online Final Exam
* Skills Final Exam

=Skills Final Exam=
The Skills Final Exam is designed to test your ability to apply the concepts learned in this class and practiced in labs to common, real-world scenarios.

[[Franske ITC-2480|Return to ITC-2480 Homepage]]

Franske ITC-2480 Assignments

2014-02-09T14:50:56Z

Riptide wave:

=Labs=
You are responsible for completing ALL of these labs. You must submit a [[Franske Lab Report Format|lab report]] for each chapter (you may combine multiple labs from the chapter into a single report). If you work with a partner on a lab you only need to submit a single lab report for the two of you but it must have both your names on it. Each lab report is worth up to 20 points. This falls into the Labs/Homework category of your course grade.

# [[Franske ITC-2480 Lab 1|Lab 1: Install Debian, check IP, remote access with ssh/sftp]]
# [[Franske ITC-2480 Lab 2|Lab 2: Install Links, install Apache, download, copy, move, remove files, tar file extraction, directories]]
# [[Franske ITC-2480 Lab 3|Lab 3: Install sudo, create new user, change ownership and permissions on files/dirs, view man pages, install webmin]]
# [[Franske ITC-2480 Lab 4|Lab 4: redirect/pipe output, create links, create compressed files, text editing]]
# [[Franske ITC-2480 Lab 5|Lab 5: Set static IP, install Apache/mySQL, experiment with websites and databases, view logfiles]]
# Lab 6: Install forum & blog software, experiment with PHP
# Lab 7: Install Samba, configure for basic workgroup filesharing
# Lab 8: Install Postfix MTA, courier-imap
# Lab 9: Install BIND and configure as caching plus zones for a local domain
# Lab 10: 2nd NIC internal network configuration
# Lab 11: Explore /proc /dev, Partition/format/mount 2nd HDD
# Lab 12: Use of nmap, netstat, MRTG/cacti, Nagios
# Lab 13: Write BASH scripts

=Homework=
Any homework assigned in the course will go here. This falls into the Labs/Homework category of your course grade. Remember, for homework assignments turn in the actual pages from your lab book or printouts from the curriculum and not a lab report. Homework assignment are individual, you and your lab partner need to both turn them in separately even if you work on them together.

=Participation Activities=
Any participation activities completed in the course will go here. This falls into the participation category of your course grade.
* Meet with the instructor once per week to discuss course progress and ask questions (up to 10 points each based on progress)

=Unit Assessments=
You are responsible for completing an online unit assessment for each chapter. These fall into the online assessments category of your course grade.

=Other=
You are also responsible for completing these things, see the course syllabus for category and weighting information.
* Online Final Exam
* Skills Final Exam

=Skills Final Exam=
The Skills Final Exam is designed to test your ability to apply the concepts learned in this class and practiced in labs to common, real-world scenarios.

[[Franske ITC-2480|Return to ITC-2480 Homepage]]

Franske ITC-2480 Lab 5

2014-02-09T14:50:30Z

Riptide wave: Created page with "=Introduction= =Lab Procedure= ==Prerequisites== # Open an SSH console to your Linux system using the PuTTY software, login with your standard user account ==Set a static IP=..."

=Introduction=

=Lab Procedure=
==Prerequisites==
# Open an SSH console to your Linux system using the PuTTY software, login with your standard user account
==Set a static IP==

==Install PHP & MySQL==

==experiment with websites and databases==

==View Logfiles==

Franske ITC-2480 Lab 4

2014-02-04T14:57:56Z

Riptide wave: /* Command Output Manipulation */

=Introduction=
Linux is a very text file-oriented operating system. As we've learned most of the settings for the operating system are held in text files in the /etc directory and most of the commands that are used to manipulate the system take text input or give text output. Beause of this it's very important to be able to edit and manipulate text on the system which will be a key focus of this lab. In addition, we'll practice creating compressed files, which is useful for backing up files, and creating links between locations on the system.

These same instructions apply if you are completing this lab using the VirtualBox virtual machine software or if you are connected to a machine running remotely on the VMware platform. If you are completing this on campus remember to switch your network connection to the SafeConnect-free ITCnet.
=Lab Procedure=
==Prerequisites==
# Open an SSH console to your Linux system using the PuTTY software, login with your standard user account
==Text File Editing==
# Change to the /var/www directory which is where the Apache webserver stores it's site files by default.
# Verify you can see an index.html file inside of this directory by listing the contents of the directory.
# Open up a web browser on your host computer and verify that you can browse to the IP address of your Linux system and still see the "It works" page that you saw in lab 2 after installing Apache.
# Before we start making any changes it's a good idea to save an unmodified copy of the file you'll be working on so make a copy of the index.html file and name the copy index.html.orig so that you can always copy it back if you make a mistake.
# There are many different text editors available for Linux but systems almost always include some version of "vi" or "nano" so those are the two we'll focus on. In your ssh window open the index.html file in nano by running "nano index.html"
#*: NOTE: Because your user does not own this file you may need to edit the file as the superuser.
# The nano text editor is fairly simple to use and you should now see the contents of the index.html file on your screen. Try navigating around the file with your arrow keys and changing the "It works" text to "Welcome to My Linux Webserver"
# Basic instructions for using nano abound on the Internet. You can get a basic introduction [http://staffwww.fullcoll.edu/sedwards/Nano/IntroToNano.html here] but it basically comes down to the menu lines at the bottom of the screen showing what your options are. The ^ character is commonly used to indicate the CTRL key so to exit the program (you will be prompted to save changes if you have made any) press CTRL-X or to save without exiting press CTRL-O and follow the prompts at the bottom of the screen.
# Save your file with the changed text and then reload the page in your browser on your host system to see if the changes have taken effect.
# Experiment with some of the nano menu options such as cutting and "un-cutting" lines of text and searching/replacing text. Once you are comfortable with the nano editor save your changes and exit.
# Make a note of which user and group owns your index.html file.
# Delete your index.html file and copy your index.html.orig file back to index.html
# Try loading the website again and see if it's back to the original text. If you encounter an error it's possible that your index.html file is not readbale by the webserver account so you should use the appropriate command to set the index.html file back to the owner and group of the original file.
# Now open the index.html file in vi using "vi index.html"
# The vi editor is probably considered more powerful than nano but is less user friendly without the menu at the bottom and a COMMAND mode as well as an INSERT mode. In the COMMAND mode you cannot directly change the text of the file by typing which can be frustrating to new users. Read through the vi tutorial [http://www.washington.edu/computing/unix/vi.html here] and try making some edits to your webpage. Once you are familiar with how the vi editor works save your file and exit.

==Command Output Manipulation==
# Change back to your home directory using ls ~.
# Run ls -al and notice the files in your home directory.
# Now, run ls -al but redirect the output to a file using > filename. So for example, you would run ls -al > listfiles.txt
# Notice how there is no command output. This is normal as you redirected the command output to the file listfiles.txt
# Use cat to verify the contents of listfiles.txt Notice how it contains the exact same output as running ls -al in the command line.
# Now, run ls -al /var/log. Notice how many files there are in the /var/log directory. Lets say we wanted to just know the information of the dmesg log files. For this, we would use a pipe and the grep command.
# So, now run ls -al /var/log | grep dmesg. Notice how the output is suppressed to all files that contain the string dmesg.
# Whats nice about pipes and redirects is that they can be used back to back in a command.
# So lets say we have a senario where we want to get a file that contains all of the information from all .gz files in /var/log.
# To do this, we would run ls -al /var/log | grep .gz > gzlogfiles.txt
# Now pipe the file into less using cat gzlogfiles.txt | less
# Notice how this command is the exact same as running less gzlogfiles.txt.
# Now remove the files gzlogfiles.txt and listfiles.txt that were created from this part of the lab.

==Creating Archived/Compressed Files==

==Working With Filesystem Links==