![]()
Root로 로그인 커넥트 클릭 Apt install smbclient cur, lynx dnsutils ldap-utils ftp lftp wget ssh nfs-common rsync, telnet traceroute tcptraceroute Y로 한다 설치중 Apt intall vim net-tools dnsutils ssh telnet open-vm-tools 엔터 후 설치…. Vim /etc/vim/vimrc 요렇게 수정 ^^; Vim/etc/apt/sources.list 7 8번 주석 처리 Vim/etc/ssh/sshd-config Tap 이용 ^^
![]()
파일 new virtual machine 클릭 Next 자신이 설치할 os와 버전 선택 후 next name은 자율적으로 next 멀티 싱글 과제지대로 하던지 없으면 원하는대로 한다 커스텀 하드웨어 클릭 Usb 사운드카드 프린터 네트워크 어댑터 를 remove 그다음 Finish 를 눌러준다 END
![]()
file #apt install bind9 –y (dns 설치) Vim /etc/bind/named.conf.options 옵션파일을 수정해준다. Vim /etc/bind/named.conf.default-zones Wq 저장 Cd /etc/bind cp db.127 skill39.zone cp db.127 skill39.zone.ext cp db.127 1.rev cp db.127 2.rev Wq 저장 Cd /etc/bind cp db.127 skill39.zone cp db.127 skill39.zone.ext cp db.127 1.rev cp db.127 2.rev Vi skill39.zone.ext Vi 1.rev Vi 2.rev #systemctl restart bind9 Vi /etc/reso..
![]()
private ※ 배포 자료인 skill39-backup.sql을 /root 아래에 옮겨놓고 진행 #mysql –u root –p
![]()
fw(skill39.net) #iptables -t nat -A PREROUTING -s 10.8.0.0/24 -d 10.10.10.1 -p tcp --dport 443 -j DNAT --to 200.220.55.2 #iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -d 200.220.55.2 -p tcp --dport 443 -j SNAT --to 200.220.55.1 #dpkg-reconfigure iptables-persistent #cd /etc/openvpn/ #openssl req -new -out vpn.req -newkey rsa:2048 -keyout vpn.key -nodes ※ CN = 200.220.55.1 #openssl ca -in vpn.re..
![]()
fw(skill39.net) #openssl req -new -out mail1.req -newkey rsa:2048 -keyout mail1.key –nodes ※ CN = mail.skill39.net #openssl ca -in mail1.req -out mail1.crt #openssl req -new -out mail2.req -newkey rsa:2048 -keyout mail2.key –nodes ※ CN = mail.worldskills.org #openssl ca -in mail2.req -out mail2.crt private #cd /etc/ssl #scp 192.168.2.1:/etc/ssl/mail1.* ./ #scp 192.168.2.1:/etc/ssl/CA/cacert.pem ..
![]()
public #apt install proftpd fail2ban -y #cd /etc/ssl/ #scp 200.220.55.1:/etc/ssl/ftp.* ./ #chmod 777 -R /var/www/ #vi /etc/proftpd/proftpd.conf #vi /etc/proftpd/proftpd.conf #cd /etc/proftpd/ #touch ftpd.passwd #touch ftpd.group #chown proftpd:nogroup ftpd.* #chmod 400 ftpd.* #ftpasswd -file /etc/proftpd/ftpd.passwd -uid 33 -gid 33 -name webmaster -shell /bin/false -home /home/webmaster -passwd ..
![]()
fw(skill39.net) #openssl req -new -out www.req -newkey rsa:2048 -keyout www.key -nodes ※ CN = www.worldskills.org #openssl req -new -out public.req -newkey rsa:2048 -keyout public.key -nodes ※ CN = public.worldskills.org #openssl ca -in www.req -out www.crt #openssl ca -in public.req -out public.crt fw(worldskills.org) #apt install nginx -y #cd /etc/ssl #scp 200.220.55.1:/etc/ssl/*.crt ./ #scp 2..
![]()
private #apt install apache2 -y #vi /etc/apache2/sites-enabled/000-default.conf #a2enmod authnz_ldap #a2ensite 000-default.conf #systemctl restart apache2 public #apt install apache2 -y #cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/www.conf #cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/public.conf #vi /etc/apache2/sites-available/..
![]()
fw(skill39.net) #vi /etc/ssl/openssl.cnf #vi /usr/lib/ssl/misc/CA.pl #/usr/lib/ssl/misc/CA.pl -newca ※ CN=WSC2021-CA #cp /etc/ssl/CA/cacert.pem /usr/local/share/ca-certificates/ca.crt #update-ca-certificates ALL #scp 200.220.55.1:/usr/local/share/ca-certificates/ca.crt /usr/local/share/ca-certificates/ #update-ca-certificates
