20160503 리눅스 네트워크
===========================================메모===========================================
DNS 레코드[편집]
TTL은 도메인 네임 시스템(DNS)에서도 사용된다. DNS에서 권한있는(authoritative) 네임서버는 특정 리소스 레코드의 TTL 값을 설정한다. 재귀적(recursive) 캐시 네임서버가 권한있는 네임서버에 질의를 보낼 때, 캐시 네임서버는 그 레코드를 TTL 값에 해당하는 시간동안 캐시에 저장해 둔다. 추후 스터브 리졸버(stub resolver)가 캐시 네임서버에 동일한 레코드에 대한 질의를 보냈을 때, 해당 레코드의 TTL 값이 아직 만료되지 않았다면 캐시 네임서버는 권한있는 네임서버에 질의를 보낼 필요 없이 캐시에 저장된 정보를 이용해 바로 응답을 하게 된다. 네임서버는 특정 도메인이 존재하지 않음을 나타내는 NXDOMAIN 응답에 대해서도 TTL 값을 가질 수 있다. 다만 이 경우에는 일반적으로 그 값이 최대 3시간 정도로 짧다.
TTL 값이 짧으면 상위의 권한있는 네임서버에 가해지는 부하가 커진다는 단점이 있지만, 반면에 메일 교환 레코드(mail exchange record)와 같이 주소 변경에 민감한 서비스에 적합하다는 장점을 가진다. 이 때문에 특정 서비스의 주소가 옮겨지는 경우, 이로 인한 혼란을 최소화하기 위해 DNS 관리자는 관련 레코드의 TTL 값을 낮춘다.
DNS에서 사용되는 TTL 값의 단위는 초이다. 과거에 주로 사용되었던 값은 86400초(24시간)인데, 이는 권한있는 네임서버가 DNS 레코드를 변경했을 때 전 세계에 흩어져 있는 DNS 서버들이 최대 24시간동안 업데이트되지 않은 옛 주소를 갖고 있을 수 있음을 의미한다.
오늘날의 새로운 DNS 방식은 재해 복구 시스템의 일부분으로서, 의도적으로 매우 낮게 설정된 TTL 값을 가질 수 있다. 예를 들어, TTL 값이 300초일 경우 해당 레코드는 5분 후에 만료되어 빠르게 갱신될 수 있으며, 이를 통해 관리자는 레코드를 제때에 수정하고 업데이트하는 것이 가능하다. TTL 값은 레코드 단위로 할당되며, 전 세계의 모든 표준 DNS 시스템은 특정 레코드의 TTL 값을 개별적으로 설정하는 것을 허용한다. 단, 이런 경우 다수의 DNS 네임서버들이 권한있는 네임서버로부터 받은 레코드에 관계 없이 각자 TTL을 설정할 경우, TTL이 만료된 이후에 그 하위 DNS 서버들이 새로운 레코드를 제대로 업데이트 받지 못할 가능성이 생긴다는 문제가 있다.
출처 https://ko.wikipedia.org/wiki/Time_to_live
버전정보 - 기능
릴리즈번호 - 패치
===========================================복습===========================================
===========================================강의===========================================
■ nslookup 명령어 사용하는 방식
- 대화형 모드(Interractive Mode) 형태로 실행
# nslookup
> ns1.linux2XX.example.com
> exit
- 비대화형 모드(Non-Interractive Mode) 형태로 실행
# nslookup ns1.linux2XX.example.com
■ RR(Record Type, Resource Record) 종류에 따른 등록 방법
------------------------------------------------------------------------------------
(ㄱ) NS Record Type (Name Server)
linux2XX.example.com. IN NS ns1.linux2XX.example.com.
ns1.linux2XX.example.com. IN A 172.16.9.2XX
(ㄴ) A Record Type (Address)
www.linux2XX.example.com. IN A 172.16.9.2XX
ftp.linux2XX.example.com. IN A 172.16.9.2XX
cafe.linux2XX.example.com. IN A 172.16.9.2XX
(ㄷ) MX Record Type (Mail Exchange)
linux2XX.example.com. IN MX 10 mail.linux2XX.example.com.
mail.linux2XX.example.com. IN A 172.16.9.2XX
linux2XX.example.com. IN MX 20 mail2.linux2XX.example.com.
mail2.linux2XX.example.com. IN A 172.16.9.241
(ㄹ) CNAME Record Type (Canonical Name)
www IN A 172.16.9.2XX
ftp IN A 172.16.9.2XX
or
www IN A 172.16.9.2XX
ftp IN CNAME www
(ㅁ) PTR Record Type (Pointer Address)
2XX IN PTR ns1.linux2XX.example.com.
2XX IN PTR www.linux2XX.example.com.
------------------------------------------------------------------------------------
네임서버, 메일서버 2줄 나머지는 1줄
(도메인 등록 방법)
(ㄱ) Forward Zone 파일에 등록 # vi /var/named/chroot/var/named/exampleXXX.zone (Domain -> IP)
-> 반드시 등록 해야 함. (www IN A 172.16.9.2XX)
(ㄴ) Reverse Zone 파일에 등록 # vi /var/named/chroot/var/named/exampleXXX.rev (IP -> Domain)
-> 반드시 등록할 필요 없음. (2XX IN PTR www)
[EX3] DNS 부하 분산 (DNS Load Balancing)
(L4 부하분산)
+------ Web1 ------+
| |
----- L4 ------+------ Web2 ------+------ NAS/NFS
| |
+------ Web3 ------+
(DNS 부하분산)
+------ Web1 ------+
| |
---- DNS ------+------ Web2 ------+------ NAS/NFS
| |
+------ Web3 ------+
L2(Layer 2 of OSI-7 Layer) Ethernet Switch
L3 Multiport Router 주기능이 라우팅. 라우터 대용으로 쓰인다
L4 Load Balanced QoS 설정도 가능
L7 Firewall, IPS/IDS, 스팸메일차단, 웹방화벽
[EX5] Master DNS Server / Slave DNS Server 구축
Master(원본) DNS Server / Slave(클론) DNS Server
----- Master DNS Server ----- ----- Slave DNS Server -----
(172.16.9.2XX) (172.16.9.1XX)
----------------------------- ----------------------------
(선수지식) /var/named/chroot/var/named/(example2XX.zone or example2XX.rev)
------------------------------------------------------------------------------
@ IN SOA ns1.linux2XX.example.com. root.linux2XX.example.com. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
------------------------------------------------------------------------------
S0A(Start Of Authority)
- [Domain] [TTL] IN SOA <DNS Server> <E-mail> (NNNN NNNN NNNN NNNN NNNN)
▪ 42 (Serial Number) (권장: 2010031100) Master <-> Slave
▪ 3H (Refresh Time) (권장: 12H, 1D) Master <-> Slave
▪ 15M (Retry Time) (권장: 15M ~ 1H) Master <-> Slave
▪ 1W (Expire Date) (권장: 1W) Master <-> Slave
▪ 1D (TTL, Time To Live) (권장: 1D) Server <-> Client
serial number 가 같으면 슬레이브는 마스터가 업데이트 안되었다고 생각
-> 업데이트가 되면 더 높은 숫자로 변경을 해줘야 슬레이브가 확인한다
refresh time 은 슬레이브가 존파일을 받고나서 다음 확인하는데 까지의 시간
retry time 은 fail이 발생했을때 다음 시도까지의 시간
expiry date 는 시리얼 번호가 계속 같은 경우에 최대 설정값 까지 유지하다가 삭제
-> 그 이후에는 다시 새로 받게 된다. 1주일이 적절.
-> 마스터가 죽었어 만약 1일이라면 슬레이브도 파일을 날리기 때문에 서비스할수 없음
-> 마스터가 죽어도 충분히 복원할 수 있는 시간을 1주일로 판단
TTL 은 캐싱타임. 설명 위에 메모카테고리
DNS 보안 및 참고
(1) DNS 서버 점검
회사에서 DNS 서버를 구축하고 DNS 서버가 정상적으로 세팅이 되었는지, 또는 보안적인 설정이 잘 되었는지 확인
하기 위해서는 "한국인터넷진흥원"에서 제공하고 있는 점검 서비스를 이용하면 된다.
DNS 보안 설정 점검 사이트
● http://krnic.or.kr/jsp/business/operate/dnsModify.jsp
DNS 최적화 설정 점검 사이트
● http://www.serverchk.com
● http://www.dnsstuff.com
● http://www.dnsreport.com
(한국인터넷진흥원 > DNS 점검 > http://krnic.or.kr/jsp/business/operate/dnsModify.jsp)
(2) DNS 보안
DNS 보안에 대한 몇가지 이슈
■ chroot 환경 설정
■ DNS 프로그램 업데이트/패치
■ allow-transfer, allow-query 사용
■ Master => Slave (allow-transfer, Zone 파일들이 전달될수 있는 영역 지정)
■ Server => Client(allow-query, Zone File에 대한 Query 영역 지정)
■ 최근 보안 버그 확인
■ 인증방식/데이터암호화
(4) DNS 참고 사이트
한국인터넷진흥원(Korea Internet & Security Agency)
- http://www.kisa.or.kr
DNS 설정 방법
- http://dns.kisa.or.kr/DN/dns/dnsSetting.jsp
DNS 관련 사이트
- http://dns.kisa.or.kr/DN/dns/site.jsp
DNSSEC 소개/개념
- http://dns.kisa.or.kr/DN/sec/notion.jsp
DNS Wiki 사이트
- http://ko.wikipedia.org/wiki/DNS
(5) 기타 DNS 참고 사이트
(참고) 사이트가 링크 되어 있습니다. 클릭하시면 됩니다.
DNS SW 정보 사이트
- ISC(Internet Systems Consortium) BIND DNS
- DNS Software Lists
BIND DNS 관련 자료
- BIND DNS 관련 총괄 참고 자료
DNS FAQs & References
- Ask Mr. DNS
- DNS Resources Directory
- DNSSEC - Securing the Domain Name System
한글도메인 - 한국인터넷진흥원(KISA) 도메인
DNS 운영기술 연구기관
- ISC OARC
- US센디에고 대학의 CAIDA
DNS 표준화 - IETF
- IETF Working Group : DNSEXT (DNS extensions)
- IETF Working Group : DNSOP (Domain Name Operation)
관련기관
- 한국인터넷진흥원(KISA)
SANS, DNS 보안 이슈 관련 화이트 페이퍼 - SANS InfoSec Reading Room - DNS Issues
2005년 DNS 캐시 포이즈닝 사례 SANS, “March 2005 DNS Poisoning Summary”
Windows Server에서의 DNS 캐시 오염(cache pollution) 방지기능 활성화 설정 방법
Microsoft, “How to prevent DNS cache pollution”
RSA 서명 위조 취약점 (2006년 9월)
- “RSA Signature Forgery (CVE-2006-4339)”, OpenSSL Security Advisory (2006-09-05)
dnssec-keygen 사용, 키 생성 시 “-e” 옵션 지정하여 ‘large exponent’ 사용 권고
2006년 발생 Reflector Attack의 분석 보고 자료
- VeriSign, “Anatomy of Recent DNS Reflector Attacks from the Victim and Reflector Point of View”
Reflector Attack에 의한 악용을 방지하기 위한 리커시브 네임서버 설정
- IETF Draft, “Preventing Use of Recursive Nameservers in Reflector Attacks”
ISC BIND 버전별 주요 취약점 정보
- BIND Vulnerabilities
(정리) DNS 서버
■ /etc/hosts 파일을 사용하는 경우
■ DNS 서버 구축
- Caching Only DNS Server 구축
- linux2XX.example.com DNS Server 구축
■ DNS 서버에 도메인 등록
■ DNS 웹 부하 분산 구축
■ DNS 서버에의 도메인 위임 설정
■ Master/Slave DNS Server 구축
■ Master/Slave DNS Server 환경에서 Zone Data 업데이트 실습
■ rndc CMD 실습
■ DNS 보안
1. HTTP(Hypertext Transfer Protocol) 개요
■ HTTP (Hypertext Transfer Protocol) ; 하이퍼텍스트 전송 규약
-> http://www.daum.net:80 (port 80)
■ HTTPS (Secure Hypertext Transfer Protocol)
-> https://www.daum.net:443 (port 443)
2. 웹 서버(Web Server) 개요
(1) 웹서버(Web Server)란?
웹 브라우저를 이용하여 World Wide Web을 사용하는 클라이언트에게 미리 저장된 하이퍼 텍스트를 제공하는 서버를 지칭한다.
(웹브라우저) <--------------> (웹서버)
Internet explore Apache(httpd)
Firefox IIS
Mozilla TmaxSoft WebtoB
Crome
WebtoB : *.html, *.cgi, *.jpg 등을 처리한다(정적페이지)
Zeus : *.jsp, *.asp 등을 처리한다(동적페이지)
a.html -> WebtoB -> *.html
b.jsp -> WebtoB -> Zeus -> *.jsp
[참고] WAS(Web Application Server, 일반적으로는 미들웨어)
- (무료) Tomcat
- (유료) BEA Weblogic(-> Oracle), IBM Webspere, TmaxSoft Zeus(관공서)
3. 간단한 웹서버(Apache Web Server) 구성
l 아피치(Apache) 공식 홈페이지 : http://www.apache.org
l 1995년까지 대부분의 많이 사용하는 웹서는 NCSA httpd 1.3 프로그램을 사용했다.
l NCSA httpd 프로그램에서 아파치(A PAtCHy sErver) 웹서버가 나왔다.
l 현재는 일반적인 웹서버로 광범위하게 사용중이다.(전 세계의 웹서버의 60% 이상)
===========================================실습===========================================
매우중요 외워둘것
패키지 : bind-chroot,bind-utils,bind,bind-libs + caching-nameserver
--------------------------------------------
=========== DNS Server ===========
named(53)
/var/named/chroot/etc/named.caching-nameserver.conf
/var/named/chroot/etc/named.rfc1912.zones
DB : /var/named/chroot/var/named
==================================
- Forward Zone File(D==>IP)
- Reverse Zone File(IP==>D)
- localhost Zone File(Caching)
- hint File(named.ca)
--------------------------------------------
어제 하던것에 이어서...
[root@linux220 ~]# pgrep -lf named
3987 /usr/sbin/named -u named -c /etc/named.caching-nameserver.conf -t /var/named/chroot
[root@linux220 ~]# netstat -an | grep :53
tcp 0 0 192.168.10.220:53 0.0.0.0:* LISTEN
tcp 0 0 172.16.6.220:53 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN
udp 0 0 192.168.10.220:53 0.0.0.0:*
udp 0 0 172.16.6.220:53 0.0.0.0:*
udp 0 0 127.0.0.1:53 0.0.0.0:*
udp 0 0 0.0.0.0:5353 0.0.0.0:*
udp 0 0 :::5353 :::*
[root@linux220 ~]# cat /etc/resolv.conf
search linux220.example.com
nameserver 172.16.6.220
[root@linux220 ~]# nslookup ns1.linux220.example.com
Server: 172.16.6.220
Address: 172.16.6.220#53
Name: ns1.linux220.example.com
Address: 172.16.6.220
[root@linux220 ~]# nslookup
> ns1.linux220.example.com
Server: 172.16.6.220
Address: 172.16.6.220#53
Name: ns1.linux220.example.com
Address: 172.16.6.220
> exit
[root@linux220 ~]# nslookup ns1.linux220.example.com
Server: 172.16.6.220
Address: 172.16.6.220#53
Name: ns1.linux220.example.com
Address: 172.16.6.220
[root@linux220 ~]# nslookup 172.16.6.220
Server: 172.16.6.220
Address: 172.16.6.220#53
220.6.16.172.in-addr.arpa name = ns1.linux220.example.com.
[root@linux220 ~]#
[root@linux220 ~]# chkconfig --list | grep named
named 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[root@linux220 ~]# chkconfig named on
[root@linux220 ~]# cd /var/named/chroot/var/named
[root@linux220 /var/named/chroot/var/named]# ls
data example220.zone localhost.zone named.ca named.ip6.local named.zero
example220.rev localdomain.zone named.broadcast named.ca.old named.local slaves
[root@linux220 /var/named/chroot/var/named]# vi example220.zone
[root@linux220 /var/named/chroot/var/named]# cat example220.zone
$TTL 4
@ IN SOA ns1.linux220.example.com. root.linux220.example.com. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
linux220.example.com. IN NS ns1.linux220.example.com.
ns1.linux220.example.com. IN A 172.16.6.220
;; (1) WEB Server
www IN A 172.16.6.220
;; (2) FTP Server
ftp IN A 172.16.6.220
;; (3) MAIL Server
linux220.example.com. IN MX 10 mail.linux220.example.com.
mail IN A 172.16.6.220
;; (4) etc
cafe IN A 172.16.6.220
[root@linux220 /var/named/chroot/var/named]# service named restart
Stopping named: . [ OK ]
Starting named: [ OK ]
[root@linux220 /var/named/chroot/var/named]# cat /etc/resolv.conf
search linux220.example.com
nameserver 172.16.6.220
[root@linux220 /var/named/chroot/var/named]# nslookup www
Server: 172.16.6.220
Address: 172.16.6.220#53
Name: www.linux220.example.com
Address: 172.16.6.220
[root@linux220 /var/named/chroot/var/named]# nslookup cafe
Server: 172.16.6.220
Address: 172.16.6.220#53
Name: cafe.linux220.example.com
Address: 172.16.6.220
[root@linux220 /var/named/chroot/var/named]# nslookup ftp
Server: 172.16.6.220
Address: 172.16.6.220#53
Name: ftp.linux220.example.com
Address: 172.16.6.220
[root@linux220 /var/named/chroot/var/named]# nslookup mail
Server: 172.16.6.220
Address: 172.16.6.220#53
Name: mail.linux220.example.com
Address: 172.16.6.220
[root@linux220 /var/named/chroot/var/named]# cd /etc/httpd/conf
[root@linux220 /etc/httpd/conf]# ls
httpd.conf magic
[root@linux220 /etc/httpd/conf]# ls /var/www/html
packages
[root@linux220 /etc/httpd/conf]# cp /etc/passwd /var/www/html/index.html
[root@linux220 /etc/httpd/conf]# ls /var/www/html
index.html packages
[root@linux220 /etc/httpd/conf]# service httpd restart
Stopping httpd: [FAILED]
Starting httpd: [ OK ]
[root@linux220 /etc/httpd/conf]# pgrep -lf httpd
5206 /usr/sbin/httpd
5208 /usr/sbin/httpd
5209 /usr/sbin/httpd
5210 /usr/sbin/httpd
5211 /usr/sbin/httpd
5212 /usr/sbin/httpd
5213 /usr/sbin/httpd
5214 /usr/sbin/httpd
5215 /usr/sbin/httpd
[root@linux220 /etc/httpd/conf]# firefox http://www.linux220.example.com &
[1] 5219
[root@linux220 /etc/httpd/conf]#
(Gecko:5219): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
(Gecko:5219): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
console.error:
[CustomizableUI]
Custom widget with id loop-button does not return a valid node
console.error:
[CustomizableUI]
Custom widget with id loop-button does not return a valid node
[root@linux220 /etc/httpd/conf]# cd /var/www/html
[root@linux220 /var/www/html]# ls
index.html packages
[root@linux220 /var/www/html]# vi index.html
[root@linux220 /var/www/html]# cat index.html
<HTML>
<BODY>
<CENTER><H1>linux220</H1></CENTER>
</BODY>
</HTML>
[root@linux220 /var/www/html]# firefox http://www.linux220.example.com &
[2] 5302
[root@linux220 /var/www/html]#
그림1
그림2
[root@linux220 /var/www/html]# cd /var/named/chroot/var/named/
You have new mail in /var/spool/mail/root
[root@linux220 /var/named/chroot/var/named]# ls
data example220.zone localhost.zone named.ca named.ip6.local named.zero
example220.rev localdomain.zone named.broadcast named.ca.old named.local slaves
[root@linux220 /var/named/chroot/var/named]# vi example220.zone
[root@linux220 /var/named/chroot/var/named]# cat example220.zone
$TTL 4
@ IN SOA ns1.linux220.example.com. root.linux220.example.com. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
linux220.example.com. IN NS ns1.linux220.example.com.
ns1.linux220.example.com. IN A 172.16.6.220
;; (1) WEB Server
www IN A 172.16.6.220
;; (2) FTP Server
ftp IN A 172.16.6.220
;; (3) MAIL Server
linux220.example.com. IN MX 10 mail.linux220.example.com.
mail IN A 172.16.6.220
;; (4) etc
cafe IN A 172.16.6.220
server1 IN A 172.16.6.252
[root@linux220 /var/named/chroot/var/named]# service named restart
Stopping named: . [ OK ]
Starting named: [ OK ]
[root@linux220 /var/named/chroot/var/named]# firefox server1 &
[1] 14015
[root@linux220 /var/named/chroot/var/named]#
(Gecko:14015): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
(Gecko:14015): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
console.error:
[CustomizableUI]
Custom widget with id loop-button does not return a valid node
console.error:
[CustomizableUI]
Custom widget with id loop-button does not return a valid node
[1]+ Done firefox server1
[root@linux220 /var/named/chroot/var/named]#
그림3
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Users\soldeskN>cd
C:\Users\soldeskN
C:\Users\soldeskN>cd
C:\Users\soldeskN
C:\Users\soldeskN>cd /
C:\>nslookup www.daum.net
서버: kns.kornet.net
Address: 168.126.63.1
권한 없는 응답:
이름: www.g.daum.net
Addresses: 180.70.134.9
180.70.134.19
Aliases: www.daum.net
C:\>nslookup www.daum.net
서버: kns.kornet.net
Address: 168.126.63.1
권한 없는 응답:
이름: www.g.daum.net
Addresses: 114.108.157.116
114.108.157.117
Aliases: www.daum.net
C:\>nslookup www.daum.net
서버: kns.kornet.net
Address: 168.126.63.1
권한 없는 응답:
이름: www.g.daum.net
Addresses: 114.108.157.117
114.108.157.116
Aliases: www.daum.net
C:\>nslookup www.daum.net
서버: kns.kornet.net
Address: 168.126.63.1
권한 없는 응답:
이름: www.g.daum.net
Addresses: 180.70.134.9
180.70.134.19
Aliases: www.daum.net
C:\>
[root@linux220 /var/named/chroot/var/named]# ls
data example220.zone localhost.zone named.ca named.ip6.local named.zero
example220.rev localdomain.zone named.broadcast named.ca.old named.local slaves
[root@linux220 /var/named/chroot/var/named]# vi example220.zone
[root@linux220 /var/named/chroot/var/named]# cat example220.zone
$TTL 4
@ IN SOA ns1.linux220.example.com. root.linux220.example.com. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
linux220.example.com. IN NS ns1.linux220.example.com.
ns1.linux220.example.com. IN A 172.16.6.220
;; (1) WEB Server
;www IN A 172.16.6.220
www IN A 172.16.6.2
www IN A 172.16.6.3
www IN A 172.16.6.4
;; (2) FTP Server
ftp IN A 172.16.6.220
;; (3) MAIL Server
linux220.example.com. IN MX 10 mail.linux220.example.com.
mail IN A 172.16.6.220
;; (4) etc
cafe IN A 172.16.6.220
server1 IN A 172.16.6.252
[root@linux220 /var/named/chroot/var/named]# service named restart
Stopping named: . [ OK ]
Starting named: [ OK ]
[root@linux220 /var/named/chroot/var/named]# nslookup www.linux220.example.com
Server: 172.16.6.220
Address: 172.16.6.220#53
Name: www.linux220.example.com
Address: 172.16.6.3
Name: www.linux220.example.com
Address: 172.16.6.4
Name: www.linux220.example.com
Address: 172.16.6.2
[root@linux220 /var/named/chroot/var/named]# nslookup www
Server: 172.16.6.220
Address: 172.16.6.220#53
Name: www.linux220.example.com
Address: 172.16.6.2
Name: www.linux220.example.com
Address: 172.16.6.3
Name: www.linux220.example.com
Address: 172.16.6.4
[root@linux220 /var/named/chroot/var/named]# nslookup www
Server: 172.16.6.220
Address: 172.16.6.220#53
Name: www.linux220.example.com
Address: 172.16.6.4
Name: www.linux220.example.com
Address: 172.16.6.2
Name: www.linux220.example.com
Address: 172.16.6.3
[root@linux220 /var/named/chroot/var/named]# nslookup www
Server: 172.16.6.220
Address: 172.16.6.220#53
Name: www.linux220.example.com
Address: 172.16.6.3
Name: www.linux220.example.com
Address: 172.16.6.4
Name: www.linux220.example.com
Address: 172.16.6.2
[root@linux220 /var/named/chroot/var/named]#
[root@linux220 /var/named/chroot/var/named]# cd
[root@linux220 ~]# hostname
linux220.example.com
[root@linux220 ~]# nslookup www.linux203.example.com
Server: 172.16.6.220
Address: 172.16.6.220#53
Non-authoritative answer:
Name: www.linux203.example.com
Address: 172.16.6.3
Name: www.linux203.example.com
Address: 172.16.6.4
Name: www.linux203.example.com
Address: 172.16.6.2
[root@linux220 ~]# cat /etc/resolv.conf
search linux220.example.com
nameserver 172.16.6.220
[root@linux220 ~]# cat /var/named/named.ca
. 86400 IN NS ns1.example.com.
ns1.example.com. 86400 IN A 172.16.9.252
[root@linux220 ~]# cat /var/named/chroot/var/named/named.ca
. 86400 IN NS ns1.example.com.
ns1.example.com. 86400 IN A 172.16.9.252
[root@linux220 ~]# nslookup www.linux203.example.com
Server: 172.16.6.220
Address: 172.16.6.220#53
Non-authoritative answer:
Name: www.linux203.example.com
Address: 172.16.6.100
[root@linux220 ~]#
[root@linux220 ~]# cd /etc/sysconfig/network-scripts/
[root@linux220 /etc/sysconfig/network-scripts]# ls
ifcfg-eth0 ifdown-eth ifdown-post ifdown-tunnel ifup-ippp ifup-plip ifup-sit net.hotplug
ifcfg-eth1 ifdown-ippp ifdown-ppp ifup ifup-ipsec ifup-plusb ifup-sl network-functions
ifcfg-lo ifdown-ipsec ifdown-routes ifup-aliases ifup-ipv6 ifup-post ifup-tunnel network-functions-ipv6
ifdown ifdown-ipv6 ifdown-sit ifup-bnep ifup-ipx ifup-ppp ifup-wireless
ifdown-bnep ifdown-isdn ifdown-sl ifup-eth ifup-isdn ifup-routes init.ipv6-global
[root@linux220 /etc/sysconfig/network-scripts]# cat ifcfg-eth0
# Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]
DEVICE=eth0
BOOTPROTO=none
ONBOOT=yes
USERCTL=no
NETMASK=255.255.0.0
IPADDR=172.16.6.220
GATEWAY=172.16.0.1
TYPE=Ethernet
[root@linux220 /etc/sysconfig/network-scripts]# cat ifcfg-eth1
# Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]
DEVICE=eth1
BOOTPROTO=none
ONBOOT=yes
USERCTL=no
NETMASK=255.255.255.0
IPADDR=192.168.10.220
TYPE=Ethernet
[root@linux220 /etc/sysconfig/network-scripts]#
DNS2 에서 setup -> 설정 변경
[root@linux120 ~]# vi /etc/hosts
[root@linux120 ~]# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost linux120
::1 localhost.localdomain localhost6 localhost linux120
172.16.6.120 linux120.example.com linux120
#
# DNS Test
#
#202.179.177.22 dodogau.js.yun
[root@linux120 ~]# service network restart
Shutting down interface eth0: [ OK ]
Shutting down interface eth1: [ OK ]
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0: [ OK ]
Bringing up interface eth1: [ OK ]
[root@linux120 ~]# service sendmail restart
Shutting down sm-client: [ OK ]
Shutting down sendmail: [ OK ]
Starting sendmail: [ OK ]
Starting sm-client: [ OK ]
[root@linux120 ~]# hostname
linux120.example.com
[root@linux120 ~]# ifconfig | grep inet
inet addr:172.16.6.120 Bcast:172.16.255.255 Mask:255.255.0.0
inet6 addr: fec0:1234::20c:29ff:feb3:e873/64 Scope:Site
inet6 addr: fe80::20c:29ff:feb3:e873/64 Scope:Link
inet addr:192.168.10.120 Bcast:192.168.10.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:feb3:e87d/64 Scope:Link
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
[root@linux120 ~]#
로그아웃 -> 로그인
DNS1 파워온
[root@linux220 ~]# cat /etc/named.caching-nameserver.conf
//
// named.caching-nameserver.conf
//
// Provided by Red Hat caching-nameserver package to configure the
// ISC BIND named(8) DNS server as a caching only nameserver
// (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// DO NOT EDIT THIS FILE - use system-config-bind or an editor
// to create named.conf - edits to this file will be lost on
// caching-nameserver package upgrade.
//
options {
listen-on port 53 { any; };
// listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
// Those options should be used carefully because they disable port
// randomization
// query-source port 53;
// query-source-v6 port 53;
allow-query { any; };
// allow-query-cache { localhost; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients { any; };
match-destinations { any; };
recursion yes;
include "/etc/named.rfc1912.zones";
};
[root@linux220 ~]# vi /etc/named.rfc1912.zones
[root@linux220 ~]# cat /etc/named.rfc1912.zones
// named.rfc1912.zones:
//
// Provided by Red Hat caching-nameserver package
//
// ISC BIND named zone configuration for zones recommended by
// RFC 1912 section 4.1 : localhost TLDs and address zones
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};
zone "linux220.example.com" IN { /* Forward Zone */
type master;
file "example220.zone"; /* Forward Zone File : /var/named/exampleXXX.zone */
also-notify { 172.16.6.120; 172.16.6.220; }; /* new line */
};
zone "6.16.172.in-addr.arpa" IN { /* Reverse Zone */
type master;
file "example220.rev"; /* Reverse Zone File : /var/named/exampleXXX.rev */
also-notify { 172.16.6.120; 127.16.6.220; }; /* new line */
};
[root@linux220 ~]# cd /var/named/chroot/var/named
[root@linux220 /var/named/chroot/var/named]# ls
data localdomain.zone named.ca named.local
example220.rev localhost.zone named.ca.old named.zero
example220.zone named.broadcast named.ip6.local slaves
[root@linux220 /var/named/chroot/var/named]# vi example220.zone
[root@linux220 /var/named/chroot/var/named]# cat example220.zone
$TTL 4
@ IN SOA ns1.linux220.example.com. root.linux220.example.com. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
linux220.example.com. IN NS ns1.linux220.example.com.
linux220.example.com. IN NS ns2.linux220.example.com.
ns1.linux220.example.com. IN A 172.16.6.220
ns2.linux220.example.com. IN A 172.16.6.120
;; (1) WEB Server
;www IN A 172.16.6.220
www IN A 172.16.6.2
www IN A 172.16.6.3
www IN A 172.16.6.4
;; (2) FTP Server
ftp IN A 172.16.6.220
;; (3) MAIL Server
linux220.example.com. IN MX 10 mail.linux220.example.com.
mail IN A 172.16.6.220
;; (4) etc
cafe IN A 172.16.6.220
server1 IN A 172.16.6.252
[root@linux220 /var/named/chroot/var/named]# vi example220.rev
[root@linux220 /var/named/chroot/var/named]# cat example220.rev
$TTL 4
@ IN SOA ns1.linux220.example.com. root.linux220.example.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS ns1.linux220.example.con.
IN NS ns2.linux220.example.con.
220 IN PTR ns1.linux220.example.com.
120 IN PTR ns2.linux220.example.com.
[root@linux220 /var/named/chroot/var/named]# service named restart
Stopping named: . [ OK ]
Starting named: [ OK ]
[root@linux220 /var/named/chroot/var/named]# cd
[root@linux220 ~]# nslookup -q=NS linux220.example.com
Server: 172.16.6.220
Address: 172.16.6.220#53
linux220.example.com nameserver = ns1.linux220.example.com.
linux220.example.com nameserver = ns2.linux220.example.com.
[root@linux220 ~]#
DNS2
slaves 밑에 파일이 생성이 안되어서 확인을 해보니 방화벽 설정때문에 안된거였음
방화벽 내리고 다시 해서 교재내용으로 대체
# vi /etc/named.rfc1912.zones
-----------------------------------------------------
..... (중략) .....
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};
zone "linux2XX.example.com" IN {
type slave;
masters { 172.16.9.2XX; };
file "slaves/example2XX.zone";
};
zone "9.16.172.in-addr.arpa" IN {
type slave;
masters { 172.16.9.2XX; };
file "slaves/example2XX.rev";
};
-----------------------------------------------------
# service named restart
-> 변경 내용 적용
③ 존 파일 확인
# cd /var/named/chroot/var/named/slaves
# ls -l
-----------------------------------------------------
-rw-r--r-- 1 named named 419 Aug 8 11:23 exampleXXX.rev
-rw-r--r-- 1 named named 567 Aug 8 11:23 exampleXXX.zone
-----------------------------------------------------
# cat exampleXXX.zone
# cat exampleXXX.rev
DNS1
[root@linux220 ~]# DNS
[root@linux220 /var/named/chroot/var/named]# ls
data localdomain.zone named.ca named.local
example220.rev localhost.zone named.ca.old named.zero
example220.zone named.broadcast named.ip6.local slaves
[root@linux220 /var/named/chroot/var/named]# vi example220.zone
[root@linux220 /var/named/chroot/var/named]# cat example220.zone
$TTL 4
@ IN SOA ns1.linux220.example.com. root.linux220.example.com. (
44 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
linux220.example.com. IN NS ns1.linux220.example.com.
linux220.example.com. IN NS ns2.linux220.example.com.
ns1.linux220.example.com. IN A 172.16.6.220
ns2.linux220.example.com. IN A 172.16.6.120
;; (1) WEB Server
;www IN A 172.16.6.220
www IN A 172.16.6.2
www IN A 172.16.6.3
www IN A 172.16.6.4
;; (2) FTP Server
ftp IN A 172.16.6.220
;; (3) MAIL Server
linux220.example.com. IN MX 10 mail.linux220.example.com.
mail IN A 172.16.6.220
;; (4) etc
cafe IN A 172.16.6.220
server1 IN A 172.16.6.252
test IN A 172.16.6.220
[root@linux220 /var/named/chroot/var/named]# service name restart
name: unrecognized service
[root@linux220 /var/named/chroot/var/named]# service named restart
Stopping named: . [ OK ]
Starting named: [ OK ]
[root@linux220 /var/named/chroot/var/named]# nslookup test.linux220.example.com
Server: 172.16.6.220
Address: 172.16.6.220#53
Name: test.linux220.example.com
Address: 172.16.6.220
[root@linux220 /var/named/chroot/var/named]#
DNS2
[TERM1]
[root@linux120 ~]# DNS
[root@linux120 /var/named/chroot/var/named]# cd slaves/
[root@linux120 /var/named/chroot/var/named/slaves]# ls
example220.rev example220.zone
[root@linux120 /var/named/chroot/var/named/slaves]# grep test example220.zone
[root@linux120 /var/named/chroot/var/named/slaves]# service named restart
Stopping named: . [ OK ]
Starting named: [ OK ]
[root@linux120 /var/named/chroot/var/named/slaves]# grep test example220.zone
[root@linux120 /var/named/chroot/var/named/slaves]# wathch grep test example220.zone
bash: wathch: command not found
[root@linux120 /var/named/chroot/var/named/slaves]# watch grep test example220.zone
[root@linux120 /var/named/chroot/var/named/slaves]#
Every 2.0s: grep test example220.zone Tue May 3 20:23:09 2016
test A 172.16.6.220
test1 A 172.16.6.220
[TERM2]
[root@linux120 /var/named/chroot/var/named/slaves]# tail -0f /var/log/messages
May 3 20:17:50 linux220 avahi-daemon[4549]: Invalid query packet.
May 3 20:19:59 linux220 avahi-daemon[4549]: Invalid legacy unicast query packet.
May 3 20:19:59 linux220 last message repeated 2 times
May 3 20:20:00 linux220 avahi-daemon[4549]: Received response from host 172.16.6.13 with invalid source port 65240 on interface 'eth0.0'
May 3 20:20:00 linux220 avahi-daemon[4549]: Received response from host 172.16.6.13 with invalid source port 65240 on interface 'eth0.0'
May 3 20:20:00 linux220 avahi-daemon[4549]: Invalid legacy unicast query packet.
May 3 20:20:01 linux220 last message repeated 2 times
May 3 20:20:01 linux220 avahi-daemon[4549]: Received response from host 172.16.6.13 with invalid source port 65240 on interface 'eth0.0'
May 3 20:20:04 linux220 last message repeated 7 times
May 3 20:20:48 linux220 named[6715]: client 172.16.6.220#26818: view localhost_resolver: received notify for zone '6.16.172.in-addr.arpa'
May 3 20:20:48 linux220 named[6715]: zone 6.16.172.in-addr.arpa/IN/localhost_resolver: notify from 172.16.6.220#26818: zone is up to date
May 3 20:20:48 linux220 named[6715]: client 172.16.6.220#1668: view localhost_resolver: received notify for zone 'linux220.example.com'
May 3 20:20:48 linux220 named[6715]: zone linux220.example.com/IN/localhost_resolver: Transfer started.
May 3 20:20:48 linux220 named[6715]: transfer of 'linux220.example.com/IN' from 172.16.6.220#53: connected using 172.16.6.120#35010
May 3 20:20:48 linux220 named[6715]: zone linux220.example.com/IN/localhost_resolver: transferred serial 45
May 3 20:20:48 linux220 named[6715]: transfer of 'linux220.example.com/IN' from 172.16.6.220#53: end of transfer
May 3 20:20:48 linux220 named[6715]: zone linux220.example.com/IN/localhost_resolver: sending notifies (serial 45)
May 3 20:20:49 linux220 named[6715]: client 172.16.6.120#26570: view localhost_resolver: received notify for zone 'linux220.example.com'
May 3 20:20:49 linux220 named[6715]: zone linux220.example.com/IN/localhost_resolver: refused notify from non-master: 172.16.6.120#26570
May 3 20:23:37 linux220 scim-bridge: An IOException at scim_bridge_messenger_receive_message (): Connection reset by peer
May 3 20:23:37 linux220 scim-bridge: Panel client has not yet been prepared
DNS1
[root@linux220 ~]# DNS
[root@linux220 /var/named/chroot/var/named]# ls
data localdomain.zone named.ca named.local
example220.rev localhost.zone named.ca.old named.zero
example220.zone named.broadcast named.ip6.local slaves
[root@linux220 /var/named/chroot/var/named]# vi example220.zone
[root@linux220 /var/named/chroot/var/named]# cat example220.zone
$TTL 4
@ IN SOA ns1.linux220.example.com. root.linux220.example.com. (
44 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
linux220.example.com. IN NS ns1.linux220.example.com.
linux220.example.com. IN NS ns2.linux220.example.com.
ns1.linux220.example.com. IN A 172.16.6.220
ns2.linux220.example.com. IN A 172.16.6.120
;; (1) WEB Server
;www IN A 172.16.6.220
www IN A 172.16.6.2
www IN A 172.16.6.3
www IN A 172.16.6.4
;; (2) FTP Server
ftp IN A 172.16.6.220
;; (3) MAIL Server
linux220.example.com. IN MX 10 mail.linux220.example.com.
mail IN A 172.16.6.220
;; (4) etc
cafe IN A 172.16.6.220
server1 IN A 172.16.6.252
test IN A 172.16.6.220
[root@linux220 /var/named/chroot/var/named]# service name restart
name: unrecognized service
[root@linux220 /var/named/chroot/var/named]# service named restart
Stopping named: . [ OK ]
Starting named: [ OK ]
[root@linux220 /var/named/chroot/var/named]# nslookup test.linux220.example.com
Server: 172.16.6.220
Address: 172.16.6.220#53
Name: test.linux220.example.com
Address: 172.16.6.220
[root@linux220 /var/named/chroot/var/named]# vi example220.zone
[root@linux220 /var/named/chroot/var/named]# cat example220.zone
$TTL 4
@ IN SOA ns1.linux220.example.com. root.linux220.example.com. (
45 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
linux220.example.com. IN NS ns1.linux220.example.com.
linux220.example.com. IN NS ns2.linux220.example.com.
ns1.linux220.example.com. IN A 172.16.6.220
ns2.linux220.example.com. IN A 172.16.6.120
;; (1) WEB Server
;www IN A 172.16.6.220
www IN A 172.16.6.2
www IN A 172.16.6.3
www IN A 172.16.6.4
;; (2) FTP Server
ftp IN A 172.16.6.220
;; (3) MAIL Server
linux220.example.com. IN MX 10 mail.linux220.example.com.
mail IN A 172.16.6.220
;; (4) etc
cafe IN A 172.16.6.220
server1 IN A 172.16.6.252
test IN A 172.16.6.220
test1 IN A 172.16.6.220
[root@linux220 /var/named/chroot/var/named]# service named restart
Stopping named: . [ OK ]
Starting named: [ OK ]
[root@linux220 /var/named/chroot/var/named]# nslookup test1
Server: 172.16.6.220
Address: 172.16.6.220#53
Name: test1.linux220.example.com
Address: 172.16.6.220
[root@linux220 /var/named/chroot/var/named]#
[EX7] rndc 실습
DNS1
[root@linux220 ~]# rndc-confgen
# Start of rndc.conf
key "rndckey" {
algorithm hmac-md5;
secret "EvYDz7ZQOINNWNzhxIFeQA==";
};
options {
default-key "rndckey";
default-server 127.0.0.1;
default-port 953;
};
# End of rndc.conf
# Use with the following in named.conf, adjusting the allow list as needed:
# key "rndckey" {
# algorithm hmac-md5;
# secret "EvYDz7ZQOINNWNzhxIFeQA==";
# };
#
# controls {
# inet 127.0.0.1 port 953
# allow { 127.0.0.1; } keys { "rndckey"; };
# };
# End of named.conf
[root@linux220 ~]#
[root@linux220 ~]# vi /var/named/chroot/etc/rndc.conf
[root@linux220 ~]# cat /var/named/chroot/etc/rndc.conf
key "rndckey" {
algorithm hmac-md5;
secret "EvYDz7ZQOINNWNzhxIFeQA==";
};
options {
default-key "rndckey";
default-server 127.0.0.1;
default-port 953;
};
[root@linux220 ~]# ln -s /var/named/chroot/etc/rndc.conf /etc/rndc.conf
[root@linux220 ~]# chown root:named /var/named/chroot/etc/rndc.conf
[root@linux220 ~]# vi /var/named/chroot/etc/named.caching-nameserver.conf
[root@linux220 ~]# cat /var/named/chroot/etc/named.caching-nameserver.conf
//
// named.caching-nameserver.conf
//
// Provided by Red Hat caching-nameserver package to configure the
// ISC BIND named(8) DNS server as a caching only nameserver
// (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// DO NOT EDIT THIS FILE - use system-config-bind or an editor
// to create named.conf - edits to this file will be lost on
// caching-nameserver package upgrade.
//
options {
listen-on port 53 { any; };
// listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
// Those options should be used carefully because they disable port
// randomization
// query-source port 53;
// query-source-v6 port 53;
allow-query { any; };
// allow-query-cache { localhost; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients { any; };
match-destinations { any; };
recursion yes;
include "/etc/named.rfc1912.zones";
};
key "rndckey" {
algorithm hmac-md5;
secret "EvYDz7ZQOINNWNzhxIFeQA==";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndckey"; };
};
[root@linux220 ~]# service named restart
Stopping named: . [ OK ]
Starting named: [ OK ]
[root@linux220 ~]# rndc
Usage: rndc [-c config] [-s server] [-p port]
[-k key-file ] [-y key] [-V] command
command is one of the following:
reload Reload configuration file and zones.
reload zone [class [view]]
Reload a single zone.
refresh zone [class [view]]
Schedule immediate maintenance for a zone.
retransfer zone [class [view]]
Retransfer a single zone without checking serial number.
freeze zone [class [view]]
Suspend updates to a dynamic zone.
thaw zone [class [view]]
Enable updates to a frozen dynamic zone and reload it.
reconfig Reload configuration file and new zones only.
stats Write server statistics to the statistics file.
querylog Toggle query logging.
dumpdb [-all|-cache|-zones] [view ...]
Dump cache(s) to the dump file (named_dump.db).
stop Save pending updates to master files and stop the server.
stop -p Save pending updates to master files and stop the server
reporting process id.
halt Stop the server without saving pending updates.
halt -p Stop the server without saving pending updates reporting
process id.
trace Increment debugging level by one.
trace level Change the debugging level.
notrace Set debugging level to 0.
flush Flushes all of the server's caches.
flush [view] Flushes the server's cache for a view.
flushname name [view]
Flush the given name from the server's cache(s)
status Display status of the server.
recursing Dump the queries that are currently recursing (named.recursing)
*restart Restart the server.
* == not yet implemented
Version: 9.3.6-P1-RedHat-9.3.6-25.P1.el5_11.8
[root@linux220 ~]# rndc status
number of zones: 8
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/1000
tcp clients: 0/100
server is up and running
[root@linux220 ~]# rndc stats
[root@linux220 ~]# DNS
[root@linux220 /var/named/chroot/var/named]# cd data
[root@linux220 /var/named/chroot/var/named/data]# ls
named_mem_stats.txt named.run named_stats.txt
[root@linux220 /var/named/chroot/var/named/data]# cat named_stats.txt
+++ Statistics Dump +++ (1462275356)
success 0
referral 0
nxrrset 0
nxdomain 0
recursion 0
failure 0
--- Statistics Dump --- (1462275356)
[root@linux220 /var/named/chroot/var/named/data]# rndc reload
server reload successful
[root@linux220 /var/named/chroot/var/named/data]# cd ..
[root@linux220 /var/named/chroot/var/named]# vi example220.zone
[root@linux220 /var/named/chroot/var/named]# cat example220.zone
$TTL 4
@ IN SOA ns1.linux220.example.com. root.linux220.example.com. (
45 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
linux220.example.com. IN NS ns1.linux220.example.com.
linux220.example.com. IN NS ns2.linux220.example.com.
ns1.linux220.example.com. IN A 172.16.6.220
ns2.linux220.example.com. IN A 172.16.6.120
;; (1) WEB Server
;www IN A 172.16.6.220
www IN A 172.16.6.2
www IN A 172.16.6.3
www IN A 172.16.6.4
;; (2) FTP Server
ftp IN A 172.16.6.220
;; (3) MAIL Server
linux220.example.com. IN MX 10 mail.linux220.example.com.
mail IN A 172.16.6.220
;; (4) etc
cafe IN A 172.16.6.220
server1 IN A 172.16.6.252
test IN A 172.16.6.220
test1 IN A 172.16.6.220
test2 IN A 172.16.6.220
[root@linux220 /var/named/chroot/var/named]# rndc reload
server reload successful
[root@linux220 /var/named/chroot/var/named]# nslookup test2
Server: 172.16.6.220
Address: 172.16.6.220#53
Name: test2.linux220.example.com
Address: 172.16.6.220
[root@linux220 /var/named/chroot/var/named]#
Apache Web Server
DNS1 -> DNS
DNS2 -> WEB
DNS
[root@linux220 ~]# vi /etc/resolv.conf
[root@linux220 ~]# cat /etc/resolv.conf
search linux220.example.com
nameserver 172.16.6.220
nameserver 168.126.63.1
[root@linux220 ~]# vi /etc/named.rfc1912.zones
[root@linux220 ~]# cat /etc/named.rfc1912.zones | tail
zone "linux220.example.com" IN {
type master;
file "example220.zone";
};
zone "6.16.172.in-addr.arpa" IN {
type master;
file "example220.rev";
};
[root@linux220 ~]# DNS
[root@linux220 /var/named/chroot/var/named]# vi example220.zone
[root@linux220 /var/named/chroot/var/named]# cat example220.zone
$TTL 4
@ IN SOA ns1.linux220.example.com. root.linux220.example.com. (
45 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
linux220.example.com. IN NS ns1.linux220.example.com.
ns1.linux220.example.com. IN A 172.16.6.220
;; (1) WEB Server
;www IN A 172.16.6.220
www IN A 172.16.6.2
www IN A 172.16.6.3
www IN A 172.16.6.4
;; (2) FTP Server
ftp IN A 172.16.6.220
;; (3) MAIL Server
linux220.example.com. IN MX 10 mail.linux220.example.com.
mail IN A 172.16.6.220
;; (4) etc
cafe IN A 172.16.6.220
server1 IN A 172.16.6.252
test IN A 172.16.6.220
test1 IN A 172.16.6.220
test2 IN A 172.16.6.220
[root@linux220 /var/named/chroot/var/named]# vi example220.rev
[root@linux220 /var/named/chroot/var/named]# cat example220.rev
$TTL 4
@ IN SOA ns1.linux220.example.com. root.linux220.example.com. (
1997022702 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS ns1.linux220.example.com.
220 IN PTR ns1.linux220.example.com.
[root@linux220 /var/named/chroot/var/named]# vi example220.zone
[root@linux220 /var/named/chroot/var/named]# cat example220.zone
$TTL 4
@ IN SOA ns1.linux220.example.com. root.linux220.example.com. (
45 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
linux220.example.com. IN NS ns1.linux220.example.com.
ns1.linux220.example.com. IN A 172.16.6.220
;; (1) WEB Server
www IN A 172.16.6.120
;www IN A 172.16.6.2
;www IN A 172.16.6.3
;www IN A 172.16.6.4
;; (2) FTP Server
ftp IN A 172.16.6.220
;; (3) MAIL Server
linux220.example.com. IN MX 10 mail.linux220.example.com.
mail IN A 172.16.6.220
;; (4) etc
cafe IN A 172.16.6.220
server1 IN A 172.16.6.252
test IN A 172.16.6.220
test1 IN A 172.16.6.220
test2 IN A 172.16.6.220
[root@linux220 /var/named/chroot/var/named]# service named restart
Stopping named: . [ OK ]
Starting named: [ OK ]
[root@linux220 /var/named/chroot/var/named]# nslookup www.linux220.example.com
Server: 172.16.6.220
Address: 172.16.6.220#53
Name: www.linux220.example.com
Address: 172.16.6.120
[root@linux220 /var/named/chroot/var/named]#
WEB
[root@linux120 ~]# vi /etc/resolv.conf
[root@linux120 ~]# cat /etc/resolv.conf
search linux220.example.com
nameserver 172.16.6.220
nameserver 168.126.63.1
[root@linux120 ~]# chkconfig named off
[root@linux120 ~]# service named stop
Stopping named: . [ OK ]
[root@linux120 ~]# rpm -qa | grep httpd
httpd-manual-2.2.3-91.el5.centos
system-config-httpd-1.3.3.3-1.el5
httpd-2.2.3-91.el5.centos
[root@linux120 ~]# rpm -ql httpd
/etc/httpd
/etc/httpd/conf
/etc/httpd/conf.d
/etc/httpd/conf.d/README
/etc/httpd/conf.d/proxy_ajp.conf
/etc/httpd/conf.d/welcome.conf
/etc/httpd/conf/httpd.conf
/etc/httpd/conf/magic
/etc/httpd/logs
/etc/httpd/modules
/etc/httpd/run
/etc/logrotate.d/httpd
/etc/rc.d/init.d/httpd
/etc/sysconfig/httpd
/usr/bin/ab
/usr/bin/htdbm
/usr/bin/htdigest
/usr/bin/htpasswd
/usr/bin/logresolve
/usr/lib/httpd
/usr/lib/httpd/modules
/usr/lib/httpd/modules/mod_actions.so
/usr/lib/httpd/modules/mod_alias.so
/usr/lib/httpd/modules/mod_asis.so
/usr/lib/httpd/modules/mod_auth_basic.so
/usr/lib/httpd/modules/mod_auth_digest.so
/usr/lib/httpd/modules/mod_authn_alias.so
/usr/lib/httpd/modules/mod_authn_anon.so
/usr/lib/httpd/modules/mod_authn_dbd.so
/usr/lib/httpd/modules/mod_authn_dbm.so
/usr/lib/httpd/modules/mod_authn_default.so
/usr/lib/httpd/modules/mod_authn_file.so
/usr/lib/httpd/modules/mod_authnz_ldap.so
/usr/lib/httpd/modules/mod_authz_dbm.so
/usr/lib/httpd/modules/mod_authz_default.so
/usr/lib/httpd/modules/mod_authz_groupfile.so
/usr/lib/httpd/modules/mod_authz_host.so
/usr/lib/httpd/modules/mod_authz_owner.so
/usr/lib/httpd/modules/mod_authz_user.so
/usr/lib/httpd/modules/mod_autoindex.so
/usr/lib/httpd/modules/mod_cache.so
/usr/lib/httpd/modules/mod_cern_meta.so
/usr/lib/httpd/modules/mod_cgi.so
/usr/lib/httpd/modules/mod_cgid.so
/usr/lib/httpd/modules/mod_dav.so
/usr/lib/httpd/modules/mod_dav_fs.so
/usr/lib/httpd/modules/mod_dbd.so
/usr/lib/httpd/modules/mod_deflate.so
/usr/lib/httpd/modules/mod_dir.so
/usr/lib/httpd/modules/mod_disk_cache.so
/usr/lib/httpd/modules/mod_dumpio.so
/usr/lib/httpd/modules/mod_env.so
/usr/lib/httpd/modules/mod_expires.so
/usr/lib/httpd/modules/mod_ext_filter.so
/usr/lib/httpd/modules/mod_file_cache.so
/usr/lib/httpd/modules/mod_filter.so
/usr/lib/httpd/modules/mod_headers.so
/usr/lib/httpd/modules/mod_ident.so
/usr/lib/httpd/modules/mod_imagemap.so
/usr/lib/httpd/modules/mod_include.so
/usr/lib/httpd/modules/mod_info.so
/usr/lib/httpd/modules/mod_ldap.so
/usr/lib/httpd/modules/mod_log_config.so
/usr/lib/httpd/modules/mod_log_forensic.so
/usr/lib/httpd/modules/mod_logio.so
/usr/lib/httpd/modules/mod_mem_cache.so
/usr/lib/httpd/modules/mod_mime.so
/usr/lib/httpd/modules/mod_mime_magic.so
/usr/lib/httpd/modules/mod_negotiation.so
/usr/lib/httpd/modules/mod_proxy.so
/usr/lib/httpd/modules/mod_proxy_ajp.so
/usr/lib/httpd/modules/mod_proxy_balancer.so
/usr/lib/httpd/modules/mod_proxy_connect.so
/usr/lib/httpd/modules/mod_proxy_ftp.so
/usr/lib/httpd/modules/mod_proxy_http.so
/usr/lib/httpd/modules/mod_reqtimeout.so
/usr/lib/httpd/modules/mod_rewrite.so
/usr/lib/httpd/modules/mod_setenvif.so
/usr/lib/httpd/modules/mod_speling.so
/usr/lib/httpd/modules/mod_status.so
/usr/lib/httpd/modules/mod_substitute.so
/usr/lib/httpd/modules/mod_suexec.so
/usr/lib/httpd/modules/mod_unique_id.so
/usr/lib/httpd/modules/mod_userdir.so
/usr/lib/httpd/modules/mod_usertrack.so
/usr/lib/httpd/modules/mod_version.so
/usr/lib/httpd/modules/mod_vhost_alias.so
/usr/sbin/apachectl
/usr/sbin/htcacheclean
/usr/sbin/httpd
/usr/sbin/httpd.event
/usr/sbin/httpd.worker
/usr/sbin/httxt2dbm
/usr/sbin/rotatelogs
/usr/sbin/suexec
/usr/share/doc/httpd-2.2.3
/usr/share/doc/httpd-2.2.3/ABOUT_APACHE
/usr/share/doc/httpd-2.2.3/CHANGES
/usr/share/doc/httpd-2.2.3/LICENSE
/usr/share/doc/httpd-2.2.3/NOTICE
/usr/share/doc/httpd-2.2.3/README
/usr/share/doc/httpd-2.2.3/VERSIONING
/usr/share/doc/httpd-2.2.3/migration.css
/usr/share/doc/httpd-2.2.3/migration.html
/usr/share/man/man1/ab.1.gz
/usr/share/man/man1/htdbm.1.gz
/usr/share/man/man1/htdigest.1.gz
/usr/share/man/man1/htpasswd.1.gz
/usr/share/man/man1/logresolve.1.gz
/usr/share/man/man8/apachectl.8.gz
/usr/share/man/man8/htcacheclean.8.gz
/usr/share/man/man8/httpd.8.gz
/usr/share/man/man8/rotatelogs.8.gz
/usr/share/man/man8/suexec.8.gz
/var/cache/mod_proxy
/var/lib/dav
/var/log/httpd
/var/www
/var/www/cgi-bin
/var/www/error
/var/www/error/HTTP_BAD_GATEWAY.html.var
/var/www/error/HTTP_BAD_REQUEST.html.var
/var/www/error/HTTP_FORBIDDEN.html.var
/var/www/error/HTTP_GONE.html.var
/var/www/error/HTTP_INTERNAL_SERVER_ERROR.html.var
/var/www/error/HTTP_LENGTH_REQUIRED.html.var
/var/www/error/HTTP_METHOD_NOT_ALLOWED.html.var
/var/www/error/HTTP_NOT_FOUND.html.var
/var/www/error/HTTP_NOT_IMPLEMENTED.html.var
/var/www/error/HTTP_PRECONDITION_FAILED.html.var
/var/www/error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
/var/www/error/HTTP_REQUEST_TIME_OUT.html.var
/var/www/error/HTTP_REQUEST_URI_TOO_LARGE.html.var
/var/www/error/HTTP_SERVICE_UNAVAILABLE.html.var
/var/www/error/HTTP_UNAUTHORIZED.html.var
/var/www/error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
/var/www/error/HTTP_VARIANT_ALSO_VARIES.html.var
/var/www/error/README
/var/www/error/contact.html.var
/var/www/error/include
/var/www/error/include/bottom.html
/var/www/error/include/spacer.html
/var/www/error/include/top.html
/var/www/error/noindex.html
/var/www/html
/var/www/icons
/var/www/icons/README
/var/www/icons/a.gif
/var/www/icons/a.png
/var/www/icons/alert.black.gif
/var/www/icons/alert.black.png
/var/www/icons/alert.red.gif
/var/www/icons/alert.red.png
/var/www/icons/apache_pb.gif
/var/www/icons/apache_pb.png
/var/www/icons/apache_pb2.gif
/var/www/icons/apache_pb2.png
/var/www/icons/apache_pb2_ani.gif
/var/www/icons/back.gif
/var/www/icons/back.png
/var/www/icons/ball.gray.gif
/var/www/icons/ball.gray.png
/var/www/icons/ball.red.gif
/var/www/icons/ball.red.png
/var/www/icons/binary.gif
/var/www/icons/binary.png
/var/www/icons/binhex.gif
/var/www/icons/binhex.png
/var/www/icons/blank.gif
/var/www/icons/blank.png
/var/www/icons/bomb.gif
/var/www/icons/bomb.png
/var/www/icons/box1.gif
/var/www/icons/box1.png
/var/www/icons/box2.gif
/var/www/icons/box2.png
/var/www/icons/broken.gif
/var/www/icons/broken.png
/var/www/icons/burst.gif
/var/www/icons/burst.png
/var/www/icons/c.gif
/var/www/icons/c.png
/var/www/icons/comp.blue.gif
/var/www/icons/comp.blue.png
/var/www/icons/comp.gray.gif
/var/www/icons/comp.gray.png
/var/www/icons/compressed.gif
/var/www/icons/compressed.png
/var/www/icons/continued.gif
/var/www/icons/continued.png
/var/www/icons/dir.gif
/var/www/icons/dir.png
/var/www/icons/diskimg.gif
/var/www/icons/diskimg.png
/var/www/icons/down.gif
/var/www/icons/down.png
/var/www/icons/dvi.gif
/var/www/icons/dvi.png
/var/www/icons/f.gif
/var/www/icons/f.png
/var/www/icons/folder.gif
/var/www/icons/folder.open.gif
/var/www/icons/folder.open.png
/var/www/icons/folder.png
/var/www/icons/folder.sec.gif
/var/www/icons/folder.sec.png
/var/www/icons/forward.gif
/var/www/icons/forward.png
/var/www/icons/generic.gif
/var/www/icons/generic.png
/var/www/icons/generic.red.gif
/var/www/icons/generic.red.png
/var/www/icons/generic.sec.gif
/var/www/icons/generic.sec.png
/var/www/icons/hand.right.gif
/var/www/icons/hand.right.png
/var/www/icons/hand.up.gif
/var/www/icons/hand.up.png
/var/www/icons/icon.sheet.gif
/var/www/icons/icon.sheet.png
/var/www/icons/image1.gif
/var/www/icons/image1.png
/var/www/icons/image2.gif
/var/www/icons/image2.png
/var/www/icons/image3.gif
/var/www/icons/image3.png
/var/www/icons/index.gif
/var/www/icons/index.png
/var/www/icons/layout.gif
/var/www/icons/layout.png
/var/www/icons/left.gif
/var/www/icons/left.png
/var/www/icons/link.gif
/var/www/icons/link.png
/var/www/icons/movie.gif
/var/www/icons/movie.png
/var/www/icons/p.gif
/var/www/icons/p.png
/var/www/icons/patch.gif
/var/www/icons/patch.png
/var/www/icons/pdf.gif
/var/www/icons/pdf.png
/var/www/icons/pie0.gif
/var/www/icons/pie0.png
/var/www/icons/pie1.gif
/var/www/icons/pie1.png
/var/www/icons/pie2.gif
/var/www/icons/pie2.png
/var/www/icons/pie3.gif
/var/www/icons/pie3.png
/var/www/icons/pie4.gif
/var/www/icons/pie4.png
/var/www/icons/pie5.gif
/var/www/icons/pie5.png
/var/www/icons/pie6.gif
/var/www/icons/pie6.png
/var/www/icons/pie7.gif
/var/www/icons/pie7.png
/var/www/icons/pie8.gif
/var/www/icons/pie8.png
/var/www/icons/portal.gif
/var/www/icons/portal.png
/var/www/icons/ps.gif
/var/www/icons/ps.png
/var/www/icons/quill.gif
/var/www/icons/quill.png
/var/www/icons/right.gif
/var/www/icons/right.png
/var/www/icons/screw1.gif
/var/www/icons/screw1.png
/var/www/icons/screw2.gif
/var/www/icons/screw2.png
/var/www/icons/script.gif
/var/www/icons/script.png
/var/www/icons/small
/var/www/icons/small/README.txt
/var/www/icons/small/back.gif
/var/www/icons/small/back.png
/var/www/icons/small/binary.gif
/var/www/icons/small/binary.png
/var/www/icons/small/binhex.gif
/var/www/icons/small/binhex.png
/var/www/icons/small/blank.gif
/var/www/icons/small/blank.png
/var/www/icons/small/broken.gif
/var/www/icons/small/broken.png
/var/www/icons/small/burst.gif
/var/www/icons/small/burst.png
/var/www/icons/small/comp1.gif
/var/www/icons/small/comp1.png
/var/www/icons/small/comp2.gif
/var/www/icons/small/comp2.png
/var/www/icons/small/compressed.gif
/var/www/icons/small/compressed.png
/var/www/icons/small/continued.gif
/var/www/icons/small/continued.png
/var/www/icons/small/dir.gif
/var/www/icons/small/dir.png
/var/www/icons/small/dir2.gif
/var/www/icons/small/dir2.png
/var/www/icons/small/doc.gif
/var/www/icons/small/doc.png
/var/www/icons/small/forward.gif
/var/www/icons/small/forward.png
/var/www/icons/small/generic.gif
/var/www/icons/small/generic.png
/var/www/icons/small/generic2.gif
/var/www/icons/small/generic2.png
/var/www/icons/small/generic3.gif
/var/www/icons/small/generic3.png
/var/www/icons/small/image.gif
/var/www/icons/small/image.png
/var/www/icons/small/image2.gif
/var/www/icons/small/image2.png
/var/www/icons/small/index.gif
/var/www/icons/small/index.png
/var/www/icons/small/key.gif
/var/www/icons/small/key.png
/var/www/icons/small/movie.gif
/var/www/icons/small/movie.png
/var/www/icons/small/patch.gif
/var/www/icons/small/patch.png
/var/www/icons/small/ps.gif
/var/www/icons/small/ps.png
/var/www/icons/small/rainbow.gif
/var/www/icons/small/rainbow.png
/var/www/icons/small/sound.gif
/var/www/icons/small/sound.png
/var/www/icons/small/sound2.gif
/var/www/icons/small/sound2.png
/var/www/icons/small/tar.gif
/var/www/icons/small/tar.png
/var/www/icons/small/text.gif
/var/www/icons/small/text.png
/var/www/icons/small/transfer.gif
/var/www/icons/small/transfer.png
/var/www/icons/small/unknown.gif
/var/www/icons/small/unknown.png
/var/www/icons/small/uu.gif
/var/www/icons/small/uu.png
/var/www/icons/sound1.gif
/var/www/icons/sound1.png
/var/www/icons/sound2.gif
/var/www/icons/sound2.png
/var/www/icons/sphere1.gif
/var/www/icons/sphere1.png
/var/www/icons/sphere2.gif
/var/www/icons/sphere2.png
/var/www/icons/tar.gif
/var/www/icons/tar.png
/var/www/icons/tex.gif
/var/www/icons/tex.png
/var/www/icons/text.gif
/var/www/icons/text.png
/var/www/icons/transfer.gif
/var/www/icons/transfer.png
/var/www/icons/unknown.gif
/var/www/icons/unknown.png
/var/www/icons/up.gif
/var/www/icons/up.png
/var/www/icons/uu.gif
/var/www/icons/uu.png
/var/www/icons/uuencoded.gif
/var/www/icons/uuencoded.png
/var/www/icons/world1.gif
/var/www/icons/world1.png
/var/www/icons/world2.gif
/var/www/icons/world2.png
[root@linux120 ~]# httpd -v
Server version: Apache/2.2.3
Server built: Sep 16 2014 11:29:05
[root@linux120 ~]# grep http /etc/services | more
# http://www.iana.org/assignments/port-numbers
http 80/tcp www www-http # WorldWideWeb HTTP
http 80/udp www www-http # HyperText Transfer Protocol
https 443/tcp # MCom
https 443/udp # MCom
gss-http 488/tcp
gss-http 488/udp
http-alt 8008/tcp
http-alt 8008/udp
http-mgmt 280/tcp # http-mgmt
http-mgmt 280/udp # http-mgmt
http-rpc-epmap 593/tcp # HTTP RPC Ep Map
http-rpc-epmap 593/udp # HTTP RPC Ep Map
multiling-http 777/tcp # Multiling HTTP
multiling-http 777/udp # Multiling HTTP
llsurfup-http 1183/tcp # LL Surfup HTTP
llsurfup-http 1183/udp # LL Surfup HTTP
llsurfup-https 1184/tcp # LL Surfup HTTPS
llsurfup-https 1184/udp # LL Surfup HTTPS
event-port 2069/tcp # HTTP Event Port
event-port 2069/udp # HTTP Event Port
cpq-wbem 2301/tcp # Compaq HTTP
cpq-wbem 2301/udp # Compaq HTTP
compaq-https 2381/tcp # Compaq HTTPS
compaq-https 2381/udp # Compaq HTTPS
md-cg-http 2688/tcp # md-cf-http
md-cg-http 2688/udp # md-cf-http
webemshttp 2851/tcp # webemshttp
webemshttp 2851/udp # webemshttp
cardbox-http 3106/tcp # Cardbox HTTP
cardbox-http 3106/udp # Cardbox HTTP
dwnmshttp 3227/tcp # DiamondWave NMS Server
dwnmshttp 3227/udp # DiamondWave NMS Server
sunlps-http 3816/tcp # Sun Local Patch Server
sunlps-http 3816/udp # Sun Local Patch Server
wap-push-http 4035/tcp # WAP Push OTA-HTTP port
wap-push-http 4035/udp # WAP Push OTA-HTTP port
wap-push-https 4036/tcp # WAP Push OTA-HTTP secure
wap-push-https 4036/udp # WAP Push OTA-HTTP secure
appserv-http 4848/tcp # App Server - Admin HTTP
[root@linux120 ~]# cd /etc/httpd/conf
[root@linux120 /etc/httpd/conf]# ls
httpd.conf magic
[root@linux120 /etc/httpd/conf]# cd /var/www/html/
[root@linux120 /var/www/html]# ls
index.html packages
[root@linux120 /var/www/html]# service httpd restart
Stopping httpd: [FAILED]
Starting httpd: [ OK ]
[root@linux120 /var/www/html]#
[root@linux120 /var/www/html]# firefox http://www.linux220.example.com &
[1] 7223
[root@linux120 /var/www/html]#
(Gecko:7223): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
(Gecko:7223): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
console.error:
[CustomizableUI]
Custom widget with id loop-button does not return a valid node
console.error:
[CustomizableUI]
Custom widget with id loop-button does not return a valid node
(Gecko:7223): GLib-GObject-WARNING **: IA__g_object_notify: object class `MozContainer' has no property named `window'
[1]+ Done firefox http://www.linux220.example.com
[root@linux120 /var/www/html]# pic 04
[root@linux120 /var/www/html]# yum list | grep lynx
lynx.i386 2.8.5-28.1.el5_2.1 base
[root@linux120 /var/www/html]# yum -y install lynx
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: ftp.daumkakao.com
* extras: ftp.daumkakao.com
* updates: ftp.daumkakao.com
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package lynx.i386 0:2.8.5-28.1.el5_2.1 set to be updated
--> Finished Dependency Resolution
Dependencies Resolved
=============================================================================================================================
Package Arch Version Repository Size
=============================================================================================================================
Installing:
lynx i386 2.8.5-28.1.el5_2.1 base 1.7 M
Transaction Summary
=============================================================================================================================
Install 1 Package(s)
Upgrade 0 Package(s)
Total download size: 1.7 M
Downloading Packages:
http://ftp.daumkakao.com/centos/5.11/os/i386/CentOS/lynx-2.8.5-28.1.el5_2.1.i386.rpm: [Errno 4] IOError: <urlopen error (-2, 'Name or service not known')>
Trying other mirror.
lynx-2.8.5-28.1.el5_2.1.i386.rpm | 1.7 MB 00:21
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : lynx 1/1
Installed:
lynx.i386 0:2.8.5-28.1.el5_2.1
Complete!
[root@linux120 /var/www/html]#
[root@linux120 /var/www/html]# lynx http://www.linux220.example.com/
그림5
[root@linux120 /var/www/html]# lynx -head http://www.linux220.example.com
그림6
[root@linux120 /var/www/html]# telnet localhost 80
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
GET
<HTML>
<BODY>
<CENTER><H1>linux220</H1></CENTER>
</BODY>
</HTML>
Connection closed by foreign host.
[root@linux120 /var/www/html]# netstat -antp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:2208 0.0.0.0:* LISTEN 4309/./hpiod
tcp 0 0 0.0.0.0:836 0.0.0.0:* LISTEN 4046/rpc.statd
tcp 0 0 0.0.0.0:873 0.0.0.0:* LISTEN 4352/xinetd
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 4001/portmap
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 4330/sshd
tcp 0 0 0.0.0.0:23 0.0.0.0:* LISTEN 4352/xinetd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 4339/cupsd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 5460/sendmail
tcp 0 0 127.0.0.1:2207 0.0.0.0:* LISTEN 4314/python
tcp 0 0 :::80 :::* LISTEN 7198/httpd
tcp 0 0 :::22 :::* LISTEN 4330/sshd
tcp 0 0 :::443 :::* LISTEN 7198/httpd
tcp 0 0 ::ffff:127.0.0.1:80 ::ffff:127.0.0.1:45860 TIME_WAIT -
[root@linux120 /var/www/html]# all numeric tcp udp program
[root@linux120 /var/www/html]# -a -n -t -u -p
[root@linux120 /var/www/html]#
[root@linux120 /var/www/html]# yum -y install nmap
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: ftp.daumkakao.com
* extras: ftp.daumkakao.com
* updates: ftp.daumkakao.com
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package nmap.i386 2:4.11-2 set to be updated
--> Finished Dependency Resolution
Dependencies Resolved
=============================================================================================================================
Package Arch Version Repository Size
=============================================================================================================================
Installing:
nmap i386 2:4.11-2 base 660 k
Transaction Summary
=============================================================================================================================
Install 1 Package(s)
Upgrade 0 Package(s)
Total download size: 660 k
Downloading Packages:
http://ftp.daumkakao.com/centos/5.11/os/i386/CentOS/nmap-4.11-2.i386.rpm: [Errno 4] IOError: <urlopen error (-2, 'Name or service not known')>
Trying other mirror.
nmap-4.11-2.i386.rpm | 660 kB 00:05
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : nmap 1/1
Installed:
nmap.i386 2:4.11-2
Complete!
[root@linux120 /var/www/html]#
'모의해킹 침해대응 전문가 과정' 카테고리의 다른 글
| 20160509 리눅스 네트워크 (0) | 2016.05.10 |
|---|---|
| 20160504 리눅스 네트워크 (0) | 2016.05.05 |
| 20160502 리눅스 네트워크 (0) | 2016.05.03 |
| 20160429 리눅스 네트워크 (0) | 2016.05.01 |
| 20160429 리눅스 관리자 (0) | 2016.05.01 |