Instalacion Servidor Centos 6.4
Actualizar
# yum update
Algunas herramientas
# yum install wget ccze bind-utils
# chkconfig --del iptables
# wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
# rpm -Uvh epel-release*rpm
# yum install shorewall
# cp /usr/share/doc/shorewall-4.5.4/Samples/one-interface/* /etc/shorewall/
# vim /etc/shorewall/shorewall.conf
Cambiar:
Por:
# vim /etc/shorewall/rules
Todas las reglas que necesites.
Reiniciar
# shorewall restart
Activar para el arranque
# chkconfig shorewall on
Dns Cache
# yum install bind bind-chroot
# time nslookup yahoo.com
options {
listen-on port 53 { 127.0.0.1; any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; any; };
allow-query-cache { localhost; any; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
include "/etc/named.rfc1912.zones";
Validamos el arhivo creado
# named-checkconf named.conf
Permisos
# chown root:named named.conf named.rfc1912.zones
Reiniciar el servicio
# service named restart
Activar el servicio
# chkconfig named on
Agregar un usuario de trabajo
# useradd terracenter
# passwd terracenter
Permiso para cambiar a root
# gpasswd -a terracenter wheel
SSH (algo de seguridad)
# vim /etc/ssh/sshd_config
Cambiar
Port 22
PermitRootLogin yes
Por:
Port 2222 (usar cualquier otro si quiere este es referencial)
PermitRootLogin no
# service sshd restart
Fuentes:
http://pkgs.org/centos-6-rhel-6/epel-i386/shorewall-4.5.4-1.el6.noarch.rpm.html
http://www.oesopen.com/blog/2012/10/05/definir-ip-estatica-en-centos-6-3/
http://www.blogger.com/blogger.g?blogID=321285284891717474#editor/target=post;postID=1654244154044292894;onPublishedMenu=allposts;onClosedMenu=allposts;postNum=9;src=postname
http://tecadmin.net/configure-caching-name-server-on-centos-6/#
http://www.electrictoolbox.com/nslookup-command-not-found-centos-5/
# yum update
Algunas herramientas
# yum install wget ccze bind-utils
# chkconfig --del iptables
Firewall (shorewall)
# cd /tmp# wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
# rpm -Uvh epel-release*rpm
# yum install shorewall
# cp /usr/share/doc/shorewall-4.5.4/Samples/one-interface/* /etc/shorewall/
# vim /etc/shorewall/shorewall.conf
Cambiar:
STARTUP_ENABLED=No
Por:
STARTUP_ENABLED=Yes
# vim /etc/shorewall/rules
Todas las reglas que necesites.
Reiniciar
# shorewall restart
Activar para el arranque
# chkconfig shorewall on
Dns Cache
# yum install bind bind-chroot
# time nslookup yahoo.com
Server: 8.8.8.8
Address: 8.8.8.8#53
Non-authoritative answer:
Name: yahoo.com
Address: 98.139.183.24
Name: yahoo.com
Address: 206.190.36.45
Name: yahoo.com
Address: 98.138.253.109
real 0m0.034s
user 0m0.001s
sys 0m0.002s
# cd /var/named/chroot/etc/
# cp /usr/share/doc/bind-9.8.2/sample/etc/named.conf .
# cp /usr/share/doc/bind-9.8.2/sample/etc/named.rfc1912.zones .
Editamos o creamos este archivo y colocamos este contenido (las any, en listen en un vps no debería estar)
# vim /var/named/chroot/etc/named.conf
// /var/named/chroot/etc/named.confoptions {
listen-on port 53 { 127.0.0.1; any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; any; };
allow-query-cache { localhost; any; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
include "/etc/named.rfc1912.zones";
Validamos el arhivo creado
# named-checkconf named.conf
Permisos
# chown root:named named.conf named.rfc1912.zones
Reiniciar el servicio
# service named restart
Activar el servicio
# chkconfig named on
Agregar un usuario de trabajo
# useradd terracenter
# passwd terracenter
Permiso para cambiar a root
# gpasswd -a terracenter wheel
SSH (algo de seguridad)
# vim /etc/ssh/sshd_config
Cambiar
Port 22
PermitRootLogin yes
Por:
Port 2222 (usar cualquier otro si quiere este es referencial)
PermitRootLogin no
# service sshd restart
Fuentes:
http://pkgs.org/centos-6-rhel-6/epel-i386/shorewall-4.5.4-1.el6.noarch.rpm.html
http://www.oesopen.com/blog/2012/10/05/definir-ip-estatica-en-centos-6-3/
http://www.blogger.com/blogger.g?blogID=321285284891717474#editor/target=post;postID=1654244154044292894;onPublishedMenu=allposts;onClosedMenu=allposts;postNum=9;src=postname
http://tecadmin.net/configure-caching-name-server-on-centos-6/#
http://www.electrictoolbox.com/nslookup-command-not-found-centos-5/
Comentarios
Publicar un comentario