Egontara Belajar...

Membuat Proxy server Caching

04.48 | Label: LINUX

install ini dulu ...

Configure BGP routing di juniper

00.48 | Label: Juniper

Belajar cofigurasi Juniper

Set IP address di em0 di router A

[sourcecode language="css"]
set interface em0 unit 0 family inet address 10.10.10.1/24
[/sourcecode]

Set IP address di em0 di router B

[sourcecode language="css"]
set interface em0 unit 0 family inet address 10.10.10.2/24
[/sourcecode]
Membuat AS number di router A

[sourcecode language="css"]
set routing-options autonomous-system 100
[/sourcecode]

Membuat AS number di router B

[sourcecode language="css"]
set routing-options autonomous-system 200
[/sourcecode]

Set Protocol BGP di router A

[sourcecode language="css"]
set protocols bgp group to-routerB type external neighbor 10.10.10.2
set protocols bgp group to-routerB neighbor 10.10.10.2 local-as 100
set protocols bgp group to-routerB neighbor 10.10.10.2 local-address 10.10.10.1
set protocols bgp group to-routerB neighbor 10.10.10.2 peer-as 200
[/sourcecode]

Set Protocol BGP di router B

[sourcecode language="css"]
set protocols bgp group to-routerB type external neighbor 10.10.10.1
set protocols bgp group to-routerB neighbor 10.10.10.1 local-as 200
set protocols bgp group to-routerB neighbor 10.10.10.1 local-address 10.10.10.2
set protocols bgp group to-routerB neighbor 10.10.10.1 peer-as 100
[/sourcecode]

Set Protocol direct di router A(untuk membaca table route yang terhubung ke interface p2p)

[sourcecode language="css"]
set policy-options policy-statement to-routerB term 10 from protocol direct
set policy-options policy-statement to-routerB term 10 then accept
set policy-options policy-statement to-routerB term default then reject
[/sourcecode]

Untuk melempar Prefix di router A

[sourcecode language="css"]
set protocols bgp group to-routerB neighbor 10.10.10.2 export to-routerB

[/sourcecode]

Set Protocol direct di router B(untuk membaca table route yang terhubung ke interface p2p)

[sourcecode language="css"]
set policy-options policy-statement to-routerA term 10 from protocol direct
set policy-options policy-statement to-routerA term 10 then accept
set policy-options policy-statement to-routerA term default then reject
[/sourcecode]

Untuk melempar Prefix di router B

[sourcecode language="css"]
set protocols bgp group to-routerA neighbor 10.10.10.1 export to-routerA

[/sourcecode]

Set Protocol static ROuter A

[sourcecode language="css"]
set routing-options static route 1.1.1.0/24 next-hop 10.10.10.2

[/sourcecode]

Set Protocol static ROuter B

[sourcecode language="css"]
set routing-options static route 2.2.2.0/24 next-hop 10.10.10.1

[/sourcecode]

Untuk mengecek prefix yang kita terima dari router B

[sourcecode language="css"]
routerA# run sh route receive-protocol bgp 10.10.10.2

[/sourcecode]

Untuk mengecek prefix yang kita advertise ke lawan

[sourcecode language="css"]
routerA# run sh route advertising-protocol bgp 10.10.10.2

[/sourcecode]

========================================================

Perintah perintah di juniper

aktifkan telnetset system service telnet

memberi userset system login user evon authen plain-text-password
set system login user evon class super-user

memberi agar tampilan GUI di browser
set system service web-management http interface em3.0

cara hapus user
delete system login user evon

membuat password root
set system root-authen plain-text-password

shutdown juniper
run request system power-off terus yes

Read User's Comments(0)

Membuat Cacti Server Monitoring traffic

21.20 | Label: LINUX

apt-get install apache2
apt-get install mysql-server
apt-get install snmpd
apt-get install php5
apt-get install phpmyadmin
apt-get install rrdtool
apt-get install cacti

poingting folder apache dan rubah documentrootnya
/usr/share/cacti/site

Read User's Comments(0)

Mail Server With ISPConfig 3

01.50 | Label: LINUX

mengganti nama hostname

[sourcecode language="css"]
echo mail.evon.net.id > /etc/hostname
/etc/init.d/hostname restart
[/sourcecode]

nano /etc/apt/sources.list

[sourcecode language="css"]

deb http://kambing.ui.ac.id/ubuntu/ precise-proposed main restricted universe multiverse
deb http://kambing.ui.ac.id/ubuntu/ precise-security main restricted universe multiverse
deb http://kambing.ui.ac.id/ubuntu/ precise-updates main restricted universe multiverse
deb http://kambing.ui.ac.id/ubuntu/ precise main restricted universe multiverse
[/sourcecode]

apt-get update
apt-get upgrade
dpkg-reconfigure dash
pilih No
/etc/init.d/apparmor stop
update-rc.d -f apparmor remove
apt-get remove apparmor apparmor-utils

INSTALL POSTFIX NYA

[sourcecode language="css"]

apt-get install postfix postfix-mysql postfix-doc mysql-client mysql-server openssl getmail4 rkhunter binutils dovecot-imapd dovecot-pop3d dovecot-mysql dovecot-sieve sudo

[/sourcecode]

New password for the MySQL "root" user: <-- passwordmysql
Repeat password for the MySQL "root" user: <-- passwordmysql
General type of mail configuration: <-- pilih Internet Site
System mail name: <-- masukkan sesuai dengan nama server, pada materi ini menggunakan nama mail.evon.net.id

INSTALL AMAVIS DAN SPAMSASSIN

[sourcecode language="css"]

apt-get install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl

[/sourcecode]

INSTALL APACHE DAN MYSQL

[sourcecode language="css"]

apt-get install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-curl php5-mcrypt mcrypt php5-imagick imagemagick libapache2-mod-suphp libruby libapache2-mod-ruby libapache2-mod-python libapache2-mod-perl2

[/sourcecode]

pilih apache2
pilih No

nano /etc/postfix/master.cf

[sourcecode language="css"]

submission inet n - - - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
smtps inet n - - - - smtpd
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING

[/sourcecode]

/etc/init.d/postfix restart

nano /etc/mysql/my.cnf
#bind-address = 127.0.0.1

/etc/init.d/mysql restart

kita hapus modul SpamAssassin untuk memperingan kinerja server.
/etc/init.d/spamassassin stop
update-rc.d -f spamassassin remove

[sourcecode language="css"]

a2enmod suexec rewrite ssl actions include
a2enmod dav_fs dav auth_digest

[/sourcecode]
[sourcecode language="css"]

/etc/init.d/apache2 restart

[/sourcecode]

[sourcecode language="css"]

apt-get install mailman
newlist mailman
[/sourcecode]

nano /etc/aliases

copy ini

[sourcecode language="css"]

mailman: "|/var/lib/mailman/mail/mailman post mailman"
mailman-admin: "|/var/lib/mailman/mail/mailman admin mailman"
mailman-bounces: "|/var/lib/mailman/mail/mailman bounces mailman"
mailman-confirm: "|/var/lib/mailman/mail/mailman confirm mailman"
mailman-join: "|/var/lib/mailman/mail/mailman join mailman"
mailman-leave: "|/var/lib/mailman/mail/mailman leave mailman"
mailman-owner: "|/var/lib/mailman/mail/mailman owner mailman"
mailman-request: "|/var/lib/mailman/mail/mailman request mailman"
mailman-subscribe: "|/var/lib/mailman/mail/mailman subscribe mailman"
mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"

[/sourcecode]

Lanjutkan dengan perintah newaliases
/etc/init.d/postfix restart

[sourcecode language="css"]

ln -s /etc/mailman/apache.conf /etc/apache2/conf.d/mailman.conf

[/sourcecode]

http://<vhost>/cgi-bin/mailman/admin/<listname> untuk administrator dan alamat

/etc/init.d/apache2 restart
/etc/init.d/mailman start

Install PureFTPd dan Quota Aplikasi ini digunakan untuk upload data via FTP dan membatasi kapasitas storage untuk user.

[sourcecode language="css"]

apt-get install pure-ftpd-common pure-ftpd-mysql quota quotatool
[/sourcecode]
[sourcecode language="css"]

nano /etc/default/pure-ftpd-common

[/sourcecode]

rubah menjadi seperti ini

[sourcecode language="css"]

STANDALONE_OR_INETD=standalone
VIRTUALCHROOT=true

[/sourcecode]
[sourcecode language="css"]

echo 1 > /etc/pure-ftpd/conf/TLS
[/sourcecode]
[sourcecode language="css"]

mkdir -p /etc/ssl/private/

[/sourcecode]
[sourcecode language="css"]

openssl req -x509 -nodes -days 7300 -newkey rsa:2048 -keyout
/etc/ssl/private/pure-ftpd.pem -out /etc/ssl/private/pure-ftpd.pem

[/sourcecode]

akan muncul perintah enter enter aja kecuali yang ini
the Fully Qualified Domain Name of the system (e.g. "mail.evon.net.id").

[sourcecode language="css"]

chmod 600 /etc/ssl/private/pure-ftpd.pem

[/sourcecode]

/etc/init.d/pure-ftpd-mysql restart

nano /etc/fstab

[sourcecode language="css"]
# <file system> <mount point> <type> <options> <dump> <pass>
proc /proc proc nodev,noexec,nosuid 0 0 /dev/mapper/server1-root / ext4 errors=remountro,usrjquota=quota.user,grpjquota=quota.group,jqfmt=vfsv0 0

[/sourcecode]

mount -o remount /
quotacheck -avugm
quotaon -avug

[sourcecode language="css"]

apt-get install vlogger webalizer awstats geoip-database libclass-dbi-mysql-perl

[/sourcecode]

nano /etc/cron.d/awstats

[sourcecode language="css"]

#MAILTO=root
#*/10 * * * * www-data [ -x /usr/share/awstats/tools/update.sh ] && /usr/share/awstats/tools/update.sh
# Generate static reports:
#10 03 * * * www-data [ -x /usr/share/awstats/tools/buildstatic.sh ] && /usr/share/awstats/tools/buildstatic.sh

[/sourcecode]
[sourcecode language="css"]

apt-get install build-essential autoconf automake1.9 libtool flex bison debhelper binutils-gold

[/sourcecode]
[sourcecode language="css"]

cd /tmp
wget http://olivier.sessink.nl/jailkit/jailkit-2.14.tar.gz
tar xvfz jailkit-2.14.tar.gz
cd jailkit-2.14
./debian/rules binary

[/sourcecode]
[sourcecode language="css"]

cd ..
dpkg -i jailkit_2.14-1_*.deb
rm -rf jailkit-2.14*

[/sourcecode]

apt-get install fail2ban

nano /etc/fail2ban/jail.local

[sourcecode language="css"]

[pureftpd]
enabled = true
port = ftp
filter = pureftpd
logpath = /var/log/syslog
maxretry = 3

[dovecot-pop3imap]
enabled = true
filter = dovecot-pop3imap
action = iptables-multiport[name=dovecot-pop3imap,
port="pop3,pop3s,imap,imaps", protocol=tcp]
logpath = /var/log/mail.log
maxretry = 5

[/sourcecode]

nano /etc/fail2ban/filter.d/pureftpd.conf

[sourcecode language="css"]

[Definition]
failregex = .*pure-ftpd: \(.*@<HOST>\) \[WARNING\] Authentication failed for user.*
ignoreregex =

[/sourcecode]

nano /etc/fail2ban/filter.d/dovecot-pop3imap.conf

[sourcecode language="css"]

[Definition]
failregex = (?: pop3-login|imap-login): .*(?:Authentication failure|Aborted login \(auth failed|Aborted login \(tried to use disabled|Disconnected \(auth failed|Aborted login \(\d+ authentication attempts).*rip=(?P<host>\S*),.*
ignoreregex =

[/sourcecode]

/etc/init.d/fail2ban restart

Install Squirrelmail

apt-get install squirrelmail
squirrelmail-configure
pilih D
pilih dovecot
pilih S
pilih Q

kita dapat akses mail.evon.net.id/squirrelmail

[sourcecode language="css"]

cd /etc/apache2/conf.d/
ln -s ../../squirrelmail/apache.conf squirrelmail.conf
/etc/init.d/apache2 reload

[/sourcecode]

nano /etc/apache2/conf.d/squirrelmail.conf

[sourcecode language="css"]

<Directory /usr/share/squirrelmail>
Options FollowSymLinks
<IfModule mod_php5.c>
AddType application/x-httpd-php .php
php_flag magic_quotes_gpc Off
php_flag track_vars On
php_admin_flag allow_url_fopen Off
php_value include_path .
php_admin_value upload_tmp_dir /var/lib/squirrelmail/tmp
php_admin_value open_basedir /usr/share/squirrelmail:/etc/squirrelmail:/var/lib/squirrelmail:/etc/hostname:/etc/mailname:/var/spool/squirrelmail
php_flag register_globals off
</IfModule>
<IfModule mod_dir.c>
DirectoryIndex index.php
</IfModule>
# access to configtest is limited by default to prevent information leak
<Files configtest.php>
order deny,allow
deny from all
allow from 127.0.0.1
</Files>
</Directory>

[/sourcecode]

Mkdir /var/lib/squirrelmail/tmp
chown www-data /var/lib/squirrelmail/tmp
/etc/init.d/apache2 reload

nano /etc/apache2/conf.d/squirrelmail.conf

[sourcecode language="css"]

# alias /squirrelmail /usr/share/squirrelmail
alias /webmail /usr/share/squirrelmail

[/sourcecode]

/etc/init.d/apache2 reload

hasilnya cara melihat http://mail.evon.net.id/webmail

Kalau mau di rubah menjadi http://webmail.evon.net.id

nano /etc/apache2/conf.d/squirrelmail.conf

[sourcecode language="css"]

<VirtualHost *:80>
DocumentRoot /usr/share/squirrelmail
ServerName webmail.evon.net.id
</VirtualHost>

[/sourcecode]

/etc/init.d/apache2 reload

Sekarang Install ISPconfig 3 nya

[sourcecode language="css"]

cd /tmp
wget http://www.ispconfig.org/downloads/ISPConfig-3-stable.tar.gz
tar xfz ISPConfig-3-stable.tar.gz
cd ispconfig3_install/install/
[/sourcecode]

php -q install.php

enter enter terus

MySQL root password []: <-- yourrootsqlpassword

enter enter lagi sampe selesai

cara bukannya https://mail.evon.net.id:8080

Read User's Comments(0)

Backup database di phpmyadmin

02.39 | Label: LINUX

Ini adalah cara membackup database kita yang kita import di phpmyadmin

COntoh gw punya database namanya databasegw udah saya upload di phpmyadmin

username: root                # #ini username mysql
password: 123456                   ##password mysql gw
hostname: localhost
databasename: databasegw               # #ini nama database gw
path where you would like to save the backup: /home/backup  ##ini media penyimpnan databasenya
name of the backup SQL file: databasegw.sql

Read User's Comments(0)

Baca selengkapnya »

Egontara Belajar...

Mengenai Saya

Blogger templates

Blogger news

Blogroll

Categories

Archives

Membuat Proxy server Caching

Configure BGP routing di juniper

Membuat Cacti Server Monitoring traffic

Mail Server With ISPConfig 3

Backup database di phpmyadmin