Linux Debian

Fundamental Class
Yaniko Dimas Yogo Prasetyo - @okinay

What Will You Get?

Linux Basic
DHCP
Server

DNS Server

Web Server

Mail Server

Proxy
Server

Objective
At the end of this course, the student will:
Be familiar with Linux Debian OS and basic command of
Linux
Be able to configure, manage, do basic troubleshooting
of Linux Debian OS
Be able to build basic server services, such as DNS
Server, Web Server, DHCP Server, Mail Server and Proxy
Server

MODUL 1

Linux Basic

Why Debian?
Unparalleled support
Easy installation
Incredible amounts of software
Easy upgrades
Stability
Fast and easy on memory
Drivers for most hardware is written by GNU/Linux /
GNU/kFreeBSD users, not the manufacturer.
Good system security
Many more

Preparation
DVD Source / ISO Debian 6
Server Computer (or virtual box)
Intel x86 : i386 / Intel 64 or AMD 65 : AMD64
RAM > 2GB
HDD > 40 GB

Internet connection > 512 mbps

A cup of coffee or tea

Install Virtual Box

Configure Virtual Box

Open Oracle VM VirtualBox
Then click New icon to create new virtual machine

Give your Virtual Machine name, such as My Debian

Choose Linux for Type field, then choose Debian (32bit) for Version field

Then follow the Wizard

Configure Virtual Box

And now, your Virtual Machine is almost ready

Configure Virtual Box

Then click Setting icon and choose Network tab

Configure Virtual Box

Choose Bridge Adapter for Attached to field
And choose the adapter which is connected to Internet
(Same as your computer connected to Internet)

Configure Virtual Box

Then choose Storage tab

Configure Virtual Box

Then choose the CD icon in Storage Tree
Click the CD Icon in Attribute section and click
Choose a vitual CD/DVD disk file
And choose your Debian 6 ISO file
Then click OK
2
1

Configure Virtual Box

Then click Start icon and now you can start to Install
you Debian

Install Debian 6
When you already start your virtual machine, you can
find the option of installing debian

Install Debian 6
When you already start your virtual machine, you can find
the option of installing debian

And choos Install then press Enter

And now you can start to follow the wizard

Install Debian 6

And now your Debian 6 is ready to use

Topology

192.168.50.100/24

Intern
et

192.168.50.254/24

192.168.50.x/25 (dhcp)

Basic Setup (Configure Network)

Run this script to setup your new IP Address:
# nano /etc/network/interfaces
Then it will show you a configuration file to configure
network

Basic Setup (Configure Network)

At the section of # The primary network interface
change the configuration script like below
# The primary network interface
auto eth0
iface eth0 inet static
address 192.168.50.100
netmask 255.255.255.0
gateway 192.168.50.254

Then run this script to restart the network service

# /etc/init.d/networking restart

Basic Setup (Configure Network)

To check the new configuration of your netwok, run this
script
# ifconfig

New IP Configuration

Basic Setup (Configure Network)

Run this script to setup DNS:
# nano /etc/resolv.conf
Then write the script with the following format
nameserver <DNS Server IP Address>
And you can add more than one DNS Server IP Address

Basic Setup (Configure Network)

Now you can test your configuration by doing ping test
# ping google.com

Basic Setup (Configure APT Package

Source)
Run this script to setup APT Package Source:
# nano /etc/apt/sources.list
Then write the script with the following format

Then save the configuration, and run the script below to upgrade your
package source
# apt-get update

Basic Setup (Configure SSh Server)

Install SSh Server with the following script below
# apt-get install openssh-server
then you wait the installing process
Now you can test the SSh Server
with Remote SSh Program,
such as Putty

Basic Setup (Testing SSh Server)

Enter the Server IP Address in Host Name (or IP
Address) section and choose SSH for connection type

Then click Open

MODUL 2

DNS Server

Installing DNS Server

Bind9 (Berkeley Internet Name Domain Ver. 9)
One of the most popular DNS Server Application in
Linux, and most of Linux Distro use it for DNS Server
and its pretty easy to be configured and understood
You can install bind9 by following this script below
# apt-get install bind9
And follow the wizard

Configuring DNS Server

There are 4 important files that we will be configured
a.
b.
c.
d.

/etc/bind/named.conf
file forward
file reverse
/etc/resolv.conf

Edit and add some configuration script for Forward

and Reverse in named.conf file

Configuring DNS Server

Run this script below:
# nano /etc/bind/named.conf.local
Then Add this following script to it
zone "debiancourse.com" { //Your domain zone
type master;
file "db.debian"; //FORWARD file location, by default located in /var/cache/bind/
};
zone "192.in-addr.arpa" { //The first IP Address block
type master;
file "db.192"; //REVERSE file location, by default located in /var/cache/bind/
};

Configuring Forward File

Run this script below:
# cp /etc/bind/db.local /var/cache/bind/db.debian
# nano /var/cache/bind/db.debian
Then Add this following script to it

$TTL 604800
@ IN SOA debiancourse.com. root.debiancourse.com. (
2
; Serial
604800
; Refresh
86400
; Retry
2419200
; Expire
604800 )
; Negative Cache TTL
;
@ IN NS debiancourse.com.
;add .dot. in every single domain you wrote
@ IN A
192.168.50.1
www
IN A
192.168.50.1
my IN A
192.168.50.1

Configuring Reverse File

Run this script below:
# cp /etc/bind/db.127 /var/cache/bind/db.192
# nano /var/cache/bind/db.192
Then Add this following script to it

$TTL 604800
@ IN SOA debiancourse.com. root.debiancourse.com. (
1
; Serial
604800
; Refresh
86400
; Retry
2419200
; Expire
604800 )
; Negative Cache TTL
;
@
IN NS debiancourse.com.
100.50.168
IN PTR debiancourse.com.
;write the IP reversed

Configuring DNS Client

Run this script below:
# nano /etc/resolv.conf
Then Add this following script to first line
search debaincourse.com
Nameserver 192.168.50.100
nameserver 192.168.50.254
nameserver 202.134.0.155
nameserver 202.134.1.10

Restart bind9 service:

# /etc/init.d/bind9 restart

Testing DNS Server

From Debian 6, run this script
# ping debiancourse.com

From Windows
First, set your primary DNS to your server IP Address
Then run ping command to debiancourse.com on Command Prompt

MODUL 3

Web Server

Installing Web Server

Apache 2
One of the most popular Web Server Application in
Linux, and most of Linux Distro use it for Web Server
and its pretty easy to be configured and understood
also have a lot of feature inside
You can install Apache2 by following this script below
# apt-get install apt-get install apache2 php5
libapache2-mod-php5
And follow the wizard

Testing Web Server

After you have finished for installing Apache, you can test your
Web Server by accessing your server IP Address or Domain

Access via IP Address

Access via Domain

What is Virtual Host?

Virtual hostingis a method forhostingmultiple domain names
(with separate handling of each name) on a single server (or pool
of servers). This allows one server to share its resources, such as
memory and processor cycles, without requiring all services
provided to use the samehostname.

Configuring Virtual Host

In the DNS Modul, we have created a subdomain which is called
my.debiancourse.com. Now, we will create virtual host for this
subdomain

Now, run this script:

# nano /etc/apache2/sites-available/my.debiancourse.com
Then Add this following script to first line
<VirtualHost *:80>
ServerAdmin webmaster@debiancourse.com
ServerName my.debiancourse.com
DocumentRoot /var/www/my.debiancourse.com
</VirtualHost>

#a2ensite my.debiancourse.com

Configuring Virtual Host

Now, we will make a directory for subdomain
my.debiancourse.com
# mkdir /var/www/my.debiancourse.com
Make index page for my.debiancourse.com
# nano /var/www/my.debiancourse.com/index.php
Then
<?phpAdd this following script to first line
phpinfo();
?>

And now restart you webserver service

# /etc/init.d/apache2 restart

Testing Virtual Host

After you have finished to configure virtual host, you can test
your Web Server by accessing your server Subdomain:
my.debiancourse.com

MODUL 4

DHCP Server

What is DHCP?
Dynamic Host Configuration Protocol (DHCP) is a network protocol
that enables aserverto automatically assign an IP address to a
computer from a defined range of numbers (i.e., a scope)
configured for a given network.DHCPassigns an IP address when
a system is started

Installing DHCP Server

DHCP3-Server
This is the default program of DHCP server for Linux.
This program is compatible for all kinds of linux distro
You can install DHCP Server by following this script
below
# apt-get install dhcp3-server
And follow the wizard

Configuring DHCP Server

Now, run this script:
# nano /etc/dhcp3/dhcp.conf
Then Add this following script to last line
# A slightly different configuration for an internal subnet.
subnet 192.168.50.0 netmask 255.255.255.0 {
range 192.168.50.10 192.168.50.50;
option domain-name-servers debiancourse.com;
option domain-name debiancourse.com";
option routers 192.168.50.254;
option broadcast-address 192.168.50.255;
default-lease-time 600;
max-lease-time 7200;
}

And now restart the DHCP Server service

# /etc/init.d/isc-dhcp-server restart

Testing DHCP Server

It quite simple to test your DHCP Server, just connect your device
directly to Server. And now, look at your network configuration
detail

MODUL 5

Email Server

What is Email Server?

Amail server(also known as amailtransfer agent or MTA,
amailtransport agent, amailrouter or an Internet mailer) is an
application that receives incoming e-mailfrom local users
(people within the same domain) and remote senders and
forwards outgoing e-mailfor delivery.

Installing Email Server

iRedMail
This program is more advance from default Email Server in Linux. It has
simply control panel and very easy to deploy
Download the latest stable release
# wget https://bitbucket.org/zhb/iredmail/downloads/iRedMail-0.8.5.tar.bz2

Install package bzip2

# apt-get install bzip2
Extract iRedMail Package
# tar xjf iRedMail-0.8.5.tar.bz2
Change directory to iRedMail package directory
# cd /root/iRedMail-0.8.5/
And now start iRedMail Installer
# bash iRedMail.sh

Installing Email Server

After you start iRedMail Installer
process, your screen will be like
this
Then choose Yes to continue
the wizard installer

After you choose Yes option, it

will show a new wizard window
like this
Then you choose Next

Installing Email Server

On next wizard, choose OpenLDAP
option using Tab button then click
Space button to select
Then press Tab until cursor appear on
Next option
And press Enter to excecute

Edit LDAP suffix to

dc=debiancourse,dc=com
Then press Enter

Installing Email Server

Specify password for root LDAP
And press Enter to excecute

Specify password for MySQL

Administrator
Then press Enter

Installing Email Server

Specify first virtual domain
Fill the field with
debiancourse.com
And press Enter
Specify password for Domain
Then press Enter

Installing Email Server

Select all optional components
And press Enter

Then it show you a confirmation

to installing iRedMail
Then press y
Press Enter
And it start to download
all components

Configuring MX Record
Your email server is almost ready, now add MX Record in your DNS Forward File
Open DNS forward file
# nano /var/cache/bind/db.debian
Add this script on the last line
@ IN MX 192.168.50.100
Restart bind9 service
# /etc/init.d/bind9 restart

iRedAdmin Control Panel

iRedAdmin is control panel for your email server. Now,
you can easily manage your email server such as
managing user and domain
Open iRedAdmin Control Panel by opening this url
https://debiancourse.com/iredadmin

iRedAdmin Control Panel

Then login to it
Username : postmaster@debiancourse.com
Password : <your email server password>
Now you have entered iRedAdmin Control Panel

Adding Email User

After you enter iRedAdmin Control Panel, now select Add menu
and click User

Then enter your new user

Testing Email Server

After youve created at least 2 user for email server, now open
iRedMail Webmail Page by opening this url
https://debiancourse.com/mail/
Login with user that you have created

Testing Email Server

Then you compose an email to another user that you have created before

In another kind of browser, open IRedMail Webmail. Then login to second user
that you have created. And you can find a message that you have sent from
first user account

MODUL 6

Proxy Server

What is Proxy Server?

In computer networks, aproxy serveris a server(a computer
system or an application) that acts as an intermediary for requests
from clients seeking resources from otherservers.

Installing Proxy Server

Squid
A proxyserverand web cache daemon. It has a wide
variety of uses, from speeding up a webserverby
caching repeated requests; to caching web, DNS and other
computer network lookups for a group of people sharing
network resources; to aiding security by filtering traffic.
Install Squid Proxy Server
# apt-get install squid

Configuring Proxy Server

Open Squid configuration file
# nano /etc/squid/squid.conf

Delete command sign (#) in front of this script below and edit if it
#. . .
necessary
http_port 3128 transparent
#add transparent
cache_mem 16 MB
cache_mgr admin@debiancourse.com
visible_hostname proxy.debiancourse.com
#. . .
aclurl
dstdomain
/etc/squid/url
#blocked
domains
For
access
list, add script
below
to
acl key url_regex i /etc/squid/key #blocked words
http_access deny url
http_access deny key
acl lan src 192.168.50.0/24
#local IP Address
http_access allow lan
http_access allow all

ACL section

Configuring Proxy Server

Make a blocked site list
# nano /etc/squid/url

And enter the site that you will be blocked and save it
detik.com
kaskus.co.id

Make a blocked words list

# nano /etc/squid/key

And enter the site that you will be blocked and save it
sex
porn

And start
# squid -z

Testing Proxy Server

Point your browser proxy setting to your proxy IP Address

Testing Proxy Server

Point your browser proxy setting to your proxy IP Address

Testing Proxy Server

And now open site url that you have blocked before

Additional
If you use your Proxy Server, you make as a Gateway Server other
than as Proxy Server. You can make a Transparent Proxy with it.
Transparent proxy will force every single package to pass through
the proxy before it go to Internet
How?
Just add this IPTABLES to your server
# iptables t nat A PREROUTING s 192.168.50.0/24 p tcp --dport 80 j
REDIRECT --to-port 3128
# iptables-save > /etc/iptables