DNS (Domain Name Services)



Basic UNIX Service Configuration

Files: /etc/services

/etc/protocols

/etc/networks

INETD

Files: INETD.CONF, TCPD Wrappers

Hosts.allow, hosts.deny

XINETD

Files: See XINETD.CONF, /etc/xinetd.d

Hosts.allow, hosts.deny in /etc

( DHCP, BOOTP

Files: /etc/dhcpd.conf

( DNS (Domain Name Services)

CLIENT (e.g. “resolver”)

Files:

Hostname: unqualified or FQDN (

/etc/hosts: IP address, names, aliases of all local interfaces and loopback (minimum)

/etc/resolv.conf: main directives: DOMAIN- of this host

SEARCH – subdomain order for unqualified names

NAMESERVER – IP address of external DNS server

/etc/host.conf: order of internal, external DNS lookup

/etc/nsswitch.conf: order of lookup for any name service

Commands: NSLOOKUP, DIG -DNS Internet Groper

SERVER

AKA – Berkley Internet Naming Daemon (BIND), NAMED. TCP (server) /UDP (Client) port #53

Types: “caching only” (no zone files), primary (R/W zone files), secondary (R/O zone files)

Files: /etc/named.conf

Main directives: Directory - where zone files are stored

Forwarders - IP address of Internet DNS server

Allow transfer - IP address of secondary DNS server

NAMED.CA “root hints”, IP address of “root” Internet DNS servers

Localhost. 0.0..127.in-addr.arpa – local forward/reverse lookup zones.

ZONE Files: “Forward: - record types A, MX, NS etc

“Reverse” – record type PTR, NS

Also SOA, TTL, parameters etc. (See examples)

( Web Services

CLIENT – “Browser” – IE, Netscape, Mozilla, LYNX, Firefox

Server – IIS, Apache, other. TCP port: 80 (default)

Files (Apache): /etc/httpd/conf/httpd.conf. srm.conf and access.conf are obsolete.

Directives: ServerType – virtial/standalone

StartServers - # HTTP processes

Listen – IP address:port #

Port – 80

User/Group: “chroot” permissions ID

ServerName – FQDN/localhost

DocumentRoot – Directory(ies) structure where web pages are stored

ServerRoot – Directory structure where server config files stored

DirectoryIndex – lidst of “start” documents

Virtual Server – other web server names

( SENDMAIL (also SMAIL, QMAIL etc) WWW.

Client (MUA or Message User Agent) – mail, elm, pine

Browser – Outlook, Netscape Messenger, Eudora

Files: $HOME/mailbox, $HOME/mbox, /var/spool/mail/userid

Client (Browser based or other like Eudora) – POP or IMAP

Server (MTA or Message Transfer Agent), TCP port: 25

Files: /etc/sendmail.cf - basic configuration file

/etc/aliases – local system accounts mapped to other accounts

/etc/mail/access – who can “relay” using this server

/etc/mail/local-host-names - who this server receives mail for

/etc/mail/relay-domains – who this server sends mail for

/etc/mail/virtusertable – specific user ID’s for inbound E-Mail delivery

/etc/mail/sendmail.mc – M4 macro parameter file generating sendmail.cf

Directives: Fw – domain aliases

Dj – local domain (non-FQDN hostname)

DS – “Smart” relay host

DM – “masquerading domain

O – privacyoptions

Other info: See DNS MX Record Setup

( TELNET

See XINETD, hosts.allow, hosts.deny, /etc/securetty.

( FTP

WUFTP standard on some systems.

See FTPUSERS, FTPACCESS files in /etc for these systems.

VSFTPD standard on LINUX as of 2.4 (Release 9).

Files: VSFTPD.CONF- basic configuration

user_list, ftpusers in /etc/vsftpd

Directives: anonymous_enable=YES

local_enable=YES

write_enable=YES

local_umask=022

connect_from_port_20=YES

ascii_upload_enable=YES

ascii_download_enable=YES

chroot_list_file=/etc/vsftpd.chroot_list

Other info: See DNS MX Record Setup

NFS

portmap: The primary daemon upon which all the others rely, portmap manages connections for applications that use the RPC specification. By default, portmap listens to TCP port 111 on which an initial connection is made. This is then used to negotiate a range of TCP ports, usually above port 1024, to be used for subsequent data transfers. You need to run portmap on both the NFS server and client.

nfs: Starts the RPC processes needed to serve shared NFS file systems. The nfs daemon needs to be run on the NFS server only.

nfslock: Used to allow NFS clients to lock files on the server via RPC processes. The nfslock daemon needs to be run on both the NFS server and client.

netfs: Allows RPC processes run on NFS clients to mount NFS filesystems on the server. The nfslock daemon needs to be run on the NFS client only.

Commands

Server

rpcinfo

exportfs -

Client

rpcinfo

mount -t nfs 192.168.1.100:/data/files /mnt/nfs

auto.master

Files

/etc/exports

................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download