Scribd Logo
Unggah

Selamat datang di Scribd!

  • Catatan Konfigurasi Server

    Diunggah oleh

    Syukur Alhamdulillah
    8 tayangan7 halaman
    untuk dibaca

    Hak Cipta

    © © All Rights Reserved

    Format Tersedia

    DOCX, PDF, TXT atau baca online dari Scribd

    Apakah menurut Anda dokumen ini bermanfaat?

    Apakah konten ini tidak pantas?

    Laporkan Dokumen Ini
    untuk dibaca

    Hak Cipta:

    © All Rights Reserved
    Unduh sebagai DOCX, PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    8 tayangan7 halaman

    Catatan Konfigurasi Server

    Diunggah oleh

    Syukur Alhamdulillah
    untuk dibaca

    Hak Cipta:

    © All Rights Reserved
    Unduh sebagai DOCX, PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    dari 7

    TOPOLOGI JARINGAN

    PC CLIENT WITH WIN 7

    SWITCH
    Inernet
    PC ROUTER

    PC SERVER

    PROXY

    DNS
    WEB
    FTP
    MAIL SERVER

    KONFIGURASI IP ADDRESS PADA PC SERVER


    #pico /etc/network/interfaces
    auto eth0
    iface eth0 inet static
    address 192.168.40.XX
    (XX No AbsenSiswa)
    netmask 255.255.255.0
    gateway 192.168.40.1
    #/etc/init.d/networking restart
    #pico /etc/resolv.conf
    Search tkjnusantara.sch.id
    nameserver 192.168.40.XX
    nameserver 202.134.1.10
    nameserver 202.134.0.155

    KONFIGURASI DNS
    #apt-get install bind9
    #pico /etc/bind/named.conf.default-zones
    zone "tkjnusantara.sch.id" {
    type master;
    file "/var/cache/bind/db.tkj";
    };
    zone "40.168.192.in-addr.arpa" {
    type master;
    file "/var/cache/bind/db.192";
    };
    #cp /etc/bind/db.local /var/cache/bind/db.tkj
    #cp /etc/bind/db.127 /var/cache/bind/db.192
    1

    Administrasi Server

    #pico /var/cache/bind/db.tkj
    ;
    ; BIND data file for local loopback interface
    ;
    $TTL 604800
    @
    IN
    SOA tkjnusantara.sch.id. root.tkjnusantara.sch.id. (
    2
    ; Serial
    604800
    ; Refresh
    86400
    ; Retry
    2419200
    ; Expire
    604800 )
    ; Negative Cache TTL
    ;
    @
    IN
    NS
    tkjnusantara.sch.id.
    @
    IN
    A
    192.168.40.XX
    www IN
    A
    192.168.40.XX
    ftp
    IN
    A
    192.168.40.XX
    mail IN
    A
    192.168.40.XX
    #pico /var/cache/bind/db.192
    ;
    ; BIND reverse data file for local loopback interface
    ;
    $TTL 604800
    @
    IN
    SOA tkjnusantara.sch.id. root.tkjnusantara.sch.id. (
    1
    ; Serial
    604800
    ; Refresh
    86400
    ; Retry
    2419200
    ; Expire
    604800 )
    ; Negative Cache TTL
    ;
    @
    IN
    NS
    tkjnusantara.sch.id.
    XX
    IN
    PTR tkjnusantara.sch.id.
    #/etc/init.d/bind9 restart

    KONFIGURASI WEBSERVER
    #apt-get ins tall apache2 php5
    #pico /var/www/index.html
    <html><body><h1>tkjnusantara.sch.id</h1></body></html>
    #/etc/init.d/apache2 restart

    KONFIGURASI SUBDOMAIN WEBSERVER


    #pico /etc/apache2/sites-available/default
    <VirtualHost *:80>
    ServerName tkjnusantara.sch.id
    DocumentRoot /var/www
    </VirtualHost>
    <VirtualHost 192.168.40.XX>
    2

    Administrasi Server

    ServerName tkjnusantara.sch.id
    DocumentRoot /var/www
    </VirtualHost>
    #/etc/init.d/apache2 restart

    KONFIGURASI FTP
    #apt-cdrom add
    #apt-get update
    #apt-get install proftpd
    #mkdir /home/nusantara
    #chmod 777 /home/nusantara -R
    #useradd d /home/nusantara nusantara
    #passwd nusantara
    #mkdir /home/tkjsmk
    #useradd d /home/tkjsmk
    #passwd tkjsmk
    #pico /etc/proftpd/proftpd.conf
    DefaultRoot
    ~
    #/etc/init.d/proftpd restart
    Apt-get purge bind9
    Cd /var/bind enter
    Rm r db.tkj db.192

    KONFIGURASI FILE SHARING


    #apt-get install samba
    #mkdir /home/samba
    #chmod 777 /home/samba R
    #pico /etc/samba/smb.conf
    security = share
    [samba]
    path = /home/samba
    comment = file sharing
    writeable = yes
    browseable = yes
    guest ok = yes
    #/etc/init.d/samba restart

    KONFIGURASI MAIL SERVER


    #apt-get install postfix courier-imap courier-pop
    Internet site = tkjnusantara.sch.id
    Create directories for web-based administration?<Tidak>
    #maildirmake /etc/skel/Maildir
    #adduser udin
    3

    Administrasi Server

    #adduser dinu
    #pico /etc/postfix/main.cf
    home_mailbox = Maildir/
    #dpkg-reconfigure postfix
    Internet site = tkjnusantara.sch.id
    Root and postmaster mail recipient:
    <ok>
    Other destinations to accept mail for (blank for none):
    Force synchronous updates on mail queue?
    <tidak>
    Local networks: 0.0.0.0/0
    <ok>
    Use procmail for local delivery?
    <tidak>
    Mailbox size limit (bytes): 0
    <ok>
    Local address extension character: +
    <ok>
    Internet protocols to use: ipv4
    #/etc/init.d/postfix restart
    #telnet tkjnusantara.sch.id 25
    mail from: dani
    rcpt to: anit
    data
    hallo
    .
    Quit

    <ok>

    #telnet tkjnusantara.sch.id 110


    User anit
    pass 123
    stat
    retr 1
    quit

    KONFIGURASI WEBMAIL
    #apt-get install squirrelmail
    #pico /etc/squirrelmail/apache.conf
    <VirtualHost *:80>
    DocumentRoot /usr/share/squirrelmail
    ServerName tkjnusantara.sch.id
    </VirtualHost>
    <VirtualHost 192.168.40.XX>
    DocumentRoot /usr/share/squirrelmail
    ServerName tkjnusantara.sch.id
    </VirtualHost>
    #pico /etc/apache2/apache2.conf
    Include "/etc/squirrelmail/apache.conf"
    #/etc/init.d/apache2 restart

    KONFIGURASI HTTPS
    #openssl req -new -x509 -days 365 -nodes -out /etc/apache2/apache.pe
    -keyout /etc/apache2/apache.pem
    #a2enmod ssl
    4

    Administrasi Server

    #pico /etc/apache2/sites-available/default
    <VirtualHost *:443>
    ServerName tkjnusantara.sch.id
    DocumentRoot /var/www
    SSLEngine on
    SSLCertificateFile /etc/apache2/apache.pem
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
    </VirtualHost>
    #/etc/init.d/apache2 restart

    KONFIGURASI IP ADDRESS PADA PC ROUTER

    PROXY SERVER AUTHENTICATION


    #pico /etc/network/interfaces
    auto eth0
    iface eth0 inet static
    address 192.168.30.10
    netmask 255.255.255.0
    Gateway 192.168.30.1
    auto eth1
    iface eth1 inet static
    address 192.168.40.1
    netmask 255.255.255.0
    #/etc/init.d/networking restart
    #pico /etc/resolv.conf
    Search tkjnusantara.sch.id
    nameserver192.168.40.XX
    nameserver 202.134.1.10
    nameserver 202.134.0.155

    KONFIGURASI PROXY SERVER AUTHENTICATION


    KONFIGURASI PROXY SERVER
    # apt-get install squid
    # nano /etc/squid/squid.conf
    Cari kata dibawah ini, Ubah dan hilangkan tanda (#)
    http_port 3128
    http_port 3128 transparent
    cache_mem
    cache_mem 16MB
    cache_mgr webmaster
    cache_mgr udin@tkjnusantara.sch.id
    visible_hostname
    visible_hostname www.nusantara.sch.id
    Kemudian cari kata ACL CONNECT method CONNECT dan tambahkan script
    berikut tepat dibawahnya.
    acl CONNECT method CONNECT
    acl url dstdomain "/etc/squid/url"
    5

    Administrasi Server

    acl key url_regex -i "/etc/squid/key"


    acl lan src 192.168.XX.0/24
    http_access deny url
    http_access deny key
    http_access allow lan
    http_access allow all
    # pico /etc/squid/url
    www.facebook.com
    # pico /etc/squid/key
    facebook
    # squid -z
    2011/03/01 10:56:46| Squid is already running! Process ID 2314
    # iptables t nat A PREROUTING i eth1 p tcp --dport 80 j REDIRECT
    --to-ports 3128
    # iptables-save > /etc/iptables
    # /etc/init.d/squid restart

    KONFIGURASI PROXY SERVER AUTHENTICATION


    #apt-get install squid
    #pico /etc/squid/squid.conf
    http_port 3128 transparent
    acl net src 0.0.0.0/24
    http_access allow net

    acl site dstdomain "/etc/squid/site"


    acl word url_regex -i "/etc/squid/word"
    http_access deny site
    http_access deny word
    acl passwd proxy_auth REQUIRED
    http_access allow passwd
    cache_mgr udin@tkjnusantara.sch.id
    visible_hostname tkjnusantara.sch.id
    auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/passwd
    #pico /etc/squid/site
    .facebook.com
    #pico /etc/squid/word
    facebook
    #htpasswd -c /etc/squid/passwd nusantara
    #squid z
    #/etc/init.d/squid restart

    KONFIGURASI NTP
    6

    Administrasi Server

    #apt-get install ntp ntpdate


    #pico /etc/ntp.conf
    #server 0.debian.pool.ntp.org iburst
    #server 1.debian.pool.ntp.org iburst
    #server 2.debian.pool.ntp.org iburst
    #server 3.debian.pool.ntp.org iburst
    server id.pool.ntp.org
    fudge id.pool.ntp.org stratum 1
    restrict 0.0.0.0 mask 255.255.255.0nomodify notrap
    #/etc/init.d/ntp restart
    #ntpdate -u id.pool.ntp.org
    #ntpq p

    KONFIGURASI DHCP
    #apt-get install isc-dhcp-server
    #pico /etc/dhcp/dhcpd.conf
    subnet 192.168.40.0 netmask 255.255.255.240 {
    range 192.168.40.XX 192.168.40.XX;
    option domain-name-servers 192.168.40.XX, 8.8.8.8;
    option domain-name "tkjnusantara.sch.id";
    option routers 192.168.30.10;
    option broadcast-address 192.168.40.255;
    default-lease-time 600;
    max-lease-time 7200;
    }
    #pico /etc/default/isc-dhcp-server
    INTERFACES="eth0"
    #/etc/init.d/isc-dhcp-server restart

    KONFIGURASI ROUTING
    #pico /etc/sysctl.conf
    net.ipv4.ip_forward=1
    # iptables t nat A POSTROUTING o eth0 j MASQUERADE

    KONFIGURASI FIREWALL
    1. NAT
    iptables t nat A POSTROUTING o eth0 j MASQUERADE
    2. REDIRECT PORT
    iptables t nat A PREROUTING i eth1 p tcp --dport 80 j REDIRECT --toports 3128

    Administrasi Server

    Anda mungkin juga menyukai