certification

DNS — Configure a caching-only name server to forward DNS queries

Posted on

I am not sure what the difference si between forwarding queries and caching queries – they both forward to another location. There is a good walkthrough of setting up a chaching nameserver at http://www.redhat.com/magazine/025nov06/features/dns/ Install the needed components yum install bind bind-utils bind-libs bind-chroot caching-nameserver copy /etc/named.conf to /var/named/chroot/etc/edit /var/named/chroot/etc/named.conf Change listen-on port from 127.0.0.1; […]

certification

NFS — Provide network shares suitable for group collaboration

Posted on

Restricting access to NFS shares can be done by restricting firewall access (iptables), or by configuring the /etc/exports file. The /etc/exports file can restrict access to a single machine, a wildcard, or an IP network.It all starts with installing and starting NFS yum install nfs-utils rpcbind service nfs start service rpcbind start Restricting to a […]

certification

SMB — Provide network shares to specific clients

Posted on

Setting up samba is always fun. Laden with landmines between the Windows and Linux world, everytime you think you have a working solution, it flakes out on you. Here are the steps needed to add an SMB share to specific clients. Install samba  yum install samba-client samba-common samba Configure the /etc/samba/samba.conf file Find the line […]

certification

NFS — Provide network shares to specific clients

Posted on

Restricting access to NFS shares can be done by restricting firewall access (iptables), or by configuring the /etc/exports file. The /etc/exports file can restrict access to a single machine, a wildcard, or an IP network.It all starts with installing and starting NFS yum install nfs-utils rpcbind service nfs start service rpcbind start Restricting to a […]

certification

FTP — Configure anonymous-only download

Posted on

Enabling anonymous-only download appears to be enabled by default, so I am not sure why this is an objective. Below are the steps needed in case it isnt in the future. Install packages – yum install vsftpd ftp Edit /etc/vsftpd/vsftpd.conf Find the line anonymous_enabled and set it to YES Ensure anon_upload_enabled is set to NO […]

certification

DNS — Configure a caching-only name server

Posted on

There is a good walkthrough of setting up a chaching nameserver at http://www.redhat.com/magazine/025nov06/features/dns/ Install the needed components yum install bind bind-utils bind-libs bind-chroot caching-nameserver copy /etc/named.conf to /var/named/chroot/etc/edit /var/named/chroot/etc/named.conf Change listen-on port from 127.0.0.1; to any; Change allow-query from localhost; to any; Add forwarders { 1.2.3.4; 5.6.7.8; }; and forward only; to the options section […]

certification

HTTP/HTTPS — Deploy a basic CGI application

Posted on

The default apache configuration allows execution of CGI scripts in the /var/www/cgi-bin/ directory. This is controlled by the ExecCGI option for a specified directory. A good reference for this is at http://www.brennan.id.au/13-Apache_Web_Server.html#cgi An example of this is below     Options ExecCGI    SetHandler cgi-script Once a script is included in the target directory, it will begin […]

certification

HTTP/HTTPS — Configure private directories

Posted on

At first glance, this objective can mean 2 things: allowing users to setup public_html directories, or securing directories with configuration files or .htaccess. A great page detailing the setup of HTTP can be found at http://www.brennan.id.au/13-Apache_Web_Server.html public_htmledit the /etc/httpd/conf/httpd.conf and find the line UserDir disabled. Comment out this line, and uncomment the line UserDir public_html.Restart […]

certification

HTTP/HTTPS — Configure a virtual host

Posted on

HTTP virtual hosts allow a single web server to act like multiple web servers, either by publishing to multiple IPs and ports, or by publishing multiple sites and identifying them by name. This feature allows you to publish http://foo.example.com and http://bar.example.com from the same host with a single address, and the server returns the appropriate […]