Instalacion Servidor Centos 6.4

Actualizar
# yum update

Algunas herramientas
# yum install wget  ccze bind-utils

# chkconfig --del iptables

Firewall (shorewall)
#  cd /tmp
#  wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
#  rpm -Uvh epel-release*rpm
#  yum install shorewall
# cp  /usr/share/doc/shorewall-4.5.4/Samples/one-interface/* /etc/shorewall/
# vim /etc/shorewall/shorewall.conf
    Cambiar:
    STARTUP_ENABLED=No
    
    Por:
    STARTUP_ENABLED=Yes

# vim /etc/shorewall/rules
   Todas las reglas que necesites.

Reiniciar
# shorewall restart

Activar para el arranque
# chkconfig shorewall on


Dns Cache
# yum install bind bind-chroot
# time nslookup yahoo.com
   Server:         8.8.8.8
   Address:        8.8.8.8#53

   Non-authoritative answer:
   Name:   yahoo.com
   Address: 98.139.183.24
   Name:   yahoo.com
   Address: 206.190.36.45
   Name:   yahoo.com
   Address: 98.138.253.109

   real    0m0.034s
   user    0m0.001s
   sys     0m0.002s

# cd /var/named/chroot/etc/
# cp /usr/share/doc/bind-9.8.2/sample/etc/named.conf .
# cp /usr/share/doc/bind-9.8.2/sample/etc/named.rfc1912.zones .

Editamos o creamos este archivo y colocamos este contenido (las any, en listen en un vps no debería estar)
# vim /var/named/chroot/etc/named.conf
   // /var/named/chroot/etc/named.conf
   options {
        listen-on port 53 { 127.0.0.1; any; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { localhost; any; };
        allow-query-cache    { localhost; any; };
        recursion yes;

        dnssec-enable yes;
        dnssec-validation yes;
        dnssec-lookaside auto;

        /* Path to ISC DLV key */
        bindkeys-file "/etc/named.iscdlv.key";

        managed-keys-directory "/var/named/dynamic";
   };

   logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
           };
   };

   include "/etc/named.rfc1912.zones";

Validamos el arhivo creado
# named-checkconf named.conf

Permisos
# chown root:named named.conf named.rfc1912.zones


Reiniciar el servicio
# service named restart

Activar el servicio
# chkconfig named on

Agregar un usuario de trabajo
# useradd terracenter
# passwd terracenter

Permiso para cambiar a root
# gpasswd -a terracenter wheel

SSH (algo de seguridad)
# vim /etc/ssh/sshd_config
   Cambiar
     Port 22
     PermitRootLogin yes

    Por:
     Port 2222 (usar cualquier otro si quiere este es referencial)
     PermitRootLogin no

# service sshd restart






Fuentes:
http://pkgs.org/centos-6-rhel-6/epel-i386/shorewall-4.5.4-1.el6.noarch.rpm.html
http://www.oesopen.com/blog/2012/10/05/definir-ip-estatica-en-centos-6-3/
http://www.blogger.com/blogger.g?blogID=321285284891717474#editor/target=post;postID=1654244154044292894;onPublishedMenu=allposts;onClosedMenu=allposts;postNum=9;src=postname
http://tecadmin.net/configure-caching-name-server-on-centos-6/#
http://www.electrictoolbox.com/nslookup-command-not-found-centos-5/

Comentarios

Entradas populares