Anda di halaman 1dari 66

1

Buka VirtualBox, Klik New. Ikuti petunjuk gambar dibawah ini :-D

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

10

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

11

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

12

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

13

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

14

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

15

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

16

Muncul error, klik Continue saja (karena network adapternya di-matikan tadi). Kita ON nanti setelah
instalasi Ubuntu Servernya selesai :-D

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

17

Isi nama komputernya

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

18

Isi full user name

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

19

Isi user name

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

20

Isi password

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

21

Isikan lagi password yang sama

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

22

Pilih No saja

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

23

Pilih Timezone

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

24

Pilih Partition Method Guided use entire disk

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

25

Enter saja

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

26

Yes

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

27

Tekan Enter saja

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

28

Pilih No automatic update

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

29

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

30

Tekan SPASI untuk memilih OpenSSHServer

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

31

Pilih Yes

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

32

Tekan Enter

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

33

Beres. Selesai sudah Install Ubuntu Server. Mudah bukan????.....bukaaaaaaaaaaaaaaan

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

34

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

35
Lanjut mau aktifkan Network Adapter di VirtualBox
Login lalu shutdown Ubuntu Virtual Machine

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

36

Kembali ke VirtualBox, pilih Settings dan centang Enable Network Adapter

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

37

Start kembali Ubuntu Server VirtualBox. Login dan aktifkan network adapter eth0
sudo ifconfig eth0 up

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

38

Cek apakah eth0 sudah UP atau belum. Ketik ifconfig

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

39

Lanjut, isi ip address. Ketik sudo nano /etc/network/interfaces. Isi sesuai ip address di tempatmu

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

40

Tekan tombol Ctrl+O lalu Enter

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

41

Tekan tombol Ctrl+X untuk keluar dari nano editor.


Lanjut dengan test ping ke ip address gateway

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

42

Network is unreachable..hehelupa restart dulu service networkingnya. Ketik sudo service networking
restart

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

43

Test ping pasti gagal jugalupa di adapter virtualbox nya belum connect cable :-D. Poweroff dulu,
kembali ke VirtualBox SettingsSorry pemirsawis tuohahaha

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

44

Start lagi bray..wkwkwkw


Test ping ke gateway

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

45

Ping ke www.dokter-squid-indonesia.com

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

46

Ok. Good. Koneksi internet lancar. Lanjut install squid.

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

47
Update Ubuntu Servernya terlebih dahulu
Ketik sudo apt-get update

Sabar menunggu sampai selesai..

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

48

Kita lanjut pake Aplikasi WinSCP dan Putty (biar mudah copy pastenya)..itukan yang kamu
mau..heuheuheu. Kalau belum ada download dan install
http://winscp.net/download/winscp556setup.exe
http://the.earth.li/~sgtatham/putty/latest/x86/putty-0.63-installer.exe

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

49

Pilih Yes

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

50

Open Putty dengan meng-klik toolbar Putty

Klik Yes

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

51

Masukin password user yang tadi dibuat

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

52

Install SQUID
Copy paste command dibawah ini :
sudo su
sudo apt-get install devscripts -y
sudo apt-get install libcap-*
sudo apt-get install openssl -y
sudo apt-get install ccze -y
wget http://www.squid-cache.org/Versions/v3/3.4/squid-3.4.9.tar.gz
tar xzvf squid-3*
cd squid-3*

./configure --prefix=/usr \
--bindir=/usr/bin \
--sbindir=/usr/sbin \
--libexecdir=/usr/lib/squid \
--sysconfdir=/etc/squid \
--localstatedir=/var \
--libdir=/usr/lib \
--includedir=/usr/include \
--datadir=/usr/share/squid \
--enable-err-languages=English \
--enable-default-err-language=English \
--infodir=/usr/share/info \
--mandir=/usr/share/man \
Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

53
--disable-dependency-tracking \
--enable-storeio=ufs,aufs,diskd \
--enable-removal-policies=lru,heap \
--enable-icap-client \
--disable-wccp \
--disable-wccpv2 \
--enable-follow-x-forwarded-for \
--enable-x-accelerator-vary \
--enable-zph-qos \
--enable-snmp \
--with-default-user=proxy \
--with-logdir=/var/log/squid \
--with-pidfile=/var/run/squid.pid \
--with-large-files \
--enable-underscores \
--disable-auth \
--enable-async-io \
--with-pthreads \
--disable-ipv6
make && make install
sudo cp /etc/squid/squid.conf /etc/squid/squid.conf.asli
sudo chmod a-w /etc/squid/squid.conf.asli
cd
mkdir /cache
chown -R proxy:proxy /cache
chown -R proxy:proxy /var/log/squid
nano etc/squid/squid.conf
EDIT bagian yang saya HIGHLIGHT KUNING(sesuaikan dengan nama folder dan besaran cache
Anda)
#
# Recommended minimum configuration:
#
# Example rule allowing access from your local networks.
# Adapt to list your (internal) IP networks from where browsing
# should be allowed
acl localnet src 10.0.0.0/8
# RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl localnet src fc00::/7
# RFC 4193 local private network range
acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

54
acl SSL_ports port 443
acl Safe_ports port 80
# http
acl Safe_ports port 21
# ftp
acl Safe_ports port 443
# https
acl Safe_ports port 70
# gopher
acl Safe_ports port 210
# wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280
# http-mgmt
acl Safe_ports port 488
# gss-http
acl Safe_ports port 591
# filemaker
acl Safe_ports port 777
# multiling http
acl CONNECT method CONNECT
#
# Recommended minimum Access Permission configuration:
#
# Deny requests to certain unsafe ports
http_access deny !Safe_ports
# Deny CONNECT to other than secure SSL ports
http_access deny CONNECT !SSL_ports
# Only allow cachemgr access from localhost
http_access allow localhost manager
http_access deny manager
# We strongly recommend the following be uncommented to protect innocent
# web applications running on the proxy server who think the only
# one who can access services on "localhost" is a local user
#http_access deny to_localhost
#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
#
# Example rule allowing access from your local networks.
# Adapt localnet in the ACL section to list your (internal) IP networks
# from where browsing should be allowed
http_access allow localnet
http_access allow localhost
# And finally deny all other access to this proxy
http_access deny all

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

55
# Squid normally listens to port 3128
http_port 3128
# Uncomment and adjust the following to add a disk cache directory.
cache_dir ufs /cache 3000 16 256
# Leave coredumps in the first cache dir
coredump_dir /cache
#
# Add any of your own refresh_pattern entries above these.
#
refresh_pattern ^ftp:
1440 20%
10080
refresh_pattern ^gopher:
1440 0%
1440
refresh_pattern -i (/cgi-bin/|\?) 0
0%
0
refresh_pattern .
0
20%
4320
tekan Ctrl+o lalu ENTER untuk menyimpan perubahan
tekan Ctrl+x untuk keluar dari nano editor
lanjut copy paste command dibawah ini
squid -k parse
squid -z
tekan ENTER saja
squid start
Test Manual Proxy di Browser

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

56

Buka salah satu website misalnya detik.com

Tutup dan buka lagi website detik.com, pada Putty ketik command tail -f
/var/log/squid/access.log | ccze

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

57

Selesai untuk caching HTTP :-D .Mudah bukan????? Bukaaaaaaaaaaaaaaaaaaaaaan.wakwow

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

58
Lanjut ke HTTPS caching
Untuk caching HTTPS kita butuh feature SSL_BUMP , DynamicSslCert. Feature ini harus diaktifkan saat
configure
--enable-ssl --enable-ssl-crtd

Ayo kita configure ulang


sudo su
Tambahkan dulu paket pendukung
apt-get install libssl-* -y
apt-get install libsasl2-dev y
cd squid-3*
make clean
./configure --prefix=/usr \
--bindir=/usr/bin \
--sbindir=/usr/sbin \
--libexecdir=/usr/lib/squid \
--sysconfdir=/etc/squid \
--localstatedir=/var \
--libdir=/usr/lib \
--includedir=/usr/include \
--datadir=/usr/share/squid \
--enable-err-languages=English \
--enable-default-err-language=English \
--infodir=/usr/share/info \
--mandir=/usr/share/man \
--disable-dependency-tracking \
--enable-storeio=ufs,aufs,diskd \
--enable-removal-policies=lru,heap \
--enable-icap-client \
Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

59
--disable-wccp \
--disable-wccpv2 \
--enable-follow-x-forwarded-for \
--enable-x-accelerator-vary \
--enable-zph-qos \
--enable-snmp \
--with-default-user=proxy \
--with-logdir=/var/log/squid \
--with-pidfile=/var/run/squid.pid \
--with-large-files \
--enable-underscores \
--disable-auth \
--enable-async-io \
--with-pthreads \
--disable-ipv6 \
--enable-ssl
--enable-ssl-crtd
make && make install

mkdir -p /etc/squid/ssl_cert
cd /etc/squid/ssl_cert
openssl req -new -newkey rsa:2048 -days 365 -nodes -x509 -keyout myCA.pem -out myCA.pem
openssl x509 -in myCA.pem -outform DER -out myCA.der

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

60

mkdir -p /var/squid/ssl_db
/usr/lib/squid/ssl_crtd -c -s /var/squid/ssl_db/certs
chown -R proxy:proxy /var/squid/ssl_db/certs

Edit squid.conf
nano /etc/squid/squid.conf
Tambahkan directive
http_port 3127 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB
cert=/etc/squid/ssl_cert/myCA.pem
sslcrtd_program /usr/lib/squid/ssl_crtd -s /var/squid/ssl_db/certs/ -M 4MB
sslcrtd_children 5
sslproxy_cert_error allow all
sslproxy_flags DONT_VERIFY_PEER

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

61
ssl_bump server-first all

Simpan dengan menekan tombol Ctrl+o dan Enter


Keluar dengan menekan tombol Ctrl+x
Lanjut
squid -k reconfigure
reboot
squid start
Edit manual proxy browser

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

62

Test buka facebook.com

Muncul warning This Connection is Untrusted, browser ga mengenal CA yg ngeluarin certificate palsu
dari SQUID. Maka harus diimport CA certificatenya terlebih dahulu.

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

63
Di Firefox Tools > Options > Advanced > Certificates

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

64

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

65

Close browsernya dan buka lagi facebook.com

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

66

Kurangi Rokokmu Tambahin Sedekahmu http://www.sedekahrombongan.com

Beri Nilai