Jump to content
sleed

Cum sa ai DNS SERVER PE IP DINAMIC!

Recommended Posts

Posted (edited)

Testat pe Debian / Ubuntu " Wheezy / 14

Inainte cititi putin despre BIND - Wikipedia, the free encyclopedia bind server

DNS SERVER/: Sistem de nume de domeniu - Wikipedia

// ESTE NEAPARAT SA AVETI PORT-UL 53 FORWARDAT PE ROUTER, DACA AVETI WIFI!

// DACA ESTE VREO PROBLEMA, DATI-MI UN P.M SA INCERC SA VA AJUT.

//Tutorial Made by sleed [Romanian Security Team]

1) Dam full update:

apt-get update && apt-get upgrade

2) Instalam bind server:

apt-get install bind9 bind9-doc

Facem directoare : binddir="/var/cache/bind"

etcdir="/etc/bind"

3) Modificam asa in named.conf.local :


//
// Do any local configuration here
//

// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
include "/etc/bind/ddns.key[sau nektsistem.sytes.net]";

zone "nektsistem.sytes.net" {
type master;
notify no;
file "/etc/bind/zones/nektsistem.sytes.net";
allow-update { key DDNS_UPDATE; };
};

zone "1.168.192.in-addr.arpa" {
type master;
notify no;
file "/etc/bind/zones/1.168.192.in-addr.arpa";
allow-update { key DDNS_UPDATE; };
};

Apo facem un fisier :

[I]ddns-confgen -r /dev/urandom -q -a hmac-md5 -k nektsistem.sytes.net -s nektsistem.sytes.net. | tee -a /etc/bind/neksistem.sytes.net.keys > /etc/bind/key.nektsistem.sytes.net[/I]

chown root:bind /etc/bind/nektsistem.sytes.net.keys ->Ca sa adaugam permisiile doar pentru grupul root si bind

Mai sus unde vedeti ddns key, la include include,adaugam"/etc/bind/nektsistem.sytes.net.keys";

La /etc/bind/zones sa avem : fisierul nektsistem.sytes.net !!!!

Eu il am configurat asa :

$TTL 86400

@ IN SOA ns1.nektsistem.sytes.net. admin.nektsistem.sytes.net. (
2008030501 ; serial number YYMMDDNN
10800 ; Refresh
3600 ; Retry
604800 ; Expire
38400 ; Min TTL
)

@ IN NS ns1.nektsistem.sytes.net.
@ IN MX 10 mail.nektsistem.sytes.net.#[Nu e cazu ca aia de la rds nu mi-au deblocat portu 25] [Multumesc RDS]

ns1 IN A 192.168.0.53
mail IN A 192.168.0.100

Pentru update facem in felu urmator :

cat <<EOF | nsupdate -k /etc/bind/key.nektsistem.sytes.net

server nektsistem.sytes.net

zone nektsistem.sytes.net.

update delete nektsistem.sytes.net.

update add nektsistem.sytes.net. 60 A 192.168.0.1

update add nektsistem.sytes.net. 60 TXT "Updated on $(date)"

send

EOF

Acum modificam DHCPD conf in /etc/dhcpd/dhcpd.conf

authoritative;
option domain-name "nektsistem.sytes.net";
option domain-name-servers ns1.nektsistem.sytes.net;

ddns-updates on;
ddns-update-style interim;
ignore client-updates;
update-static-leases on;

default-lease-time 700;
max-lease-time 700;
log-facility local7;


include "/etc/dhcp/ddns.key";

zone nektsistem.sytes.net. {
primary 127.0.0.1;
key DDNS_UPDATE;
}

zone 0.168.192.in-addr.arpa. {
primary 127.0.0.1;
key DDNS_UPDATE;
}


subnet 192.168.0.100 netmask 255.255.255.0 {
range 192.168.0.10 192.168.2.100;
option routers 192.168.0.1;
}

RESTART LA SERVERUL BIND9:

Service bind9 restart

sau

/etc/init.d/bind9 restart

// Acest tutorial a facut cu ajutorul NO-IP. Faceti cont acolo, apoi la host & redirect : http://www.noip.com/members/dns/

adaugati-va un host, eu am ales nektsistem.Apoi sa aveti no ip instalat pe server / statia de lucru!


cd /usr/local/src
wget http://www.no-ip.com/client/linux/noip-duc-linux.tar.gz
tar xzf noip-duc-linux.tar.gz
cd no-ip-2.1.9-1
make
make install

Si sa faceti update :

Aveti aici un config :

#######################################################
#! /bin/sh
case "$1" in
start)
echo "Serviciu NOIP2-PORNIT."
/usr/local/bin/noip2
;;
stop)
echo -n "Serviciu NOIP2-Oprit."
killall -q -TERM /usr/local/bin/noip2
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
exit 0
#######################################################

Pentru a putea face update-urile zilnice :)

Cam atat a fost, acest l-am facut eu de la 0 si m-am chinuit putin sa fiu mai catolic ca si Papa! [ sleed from RST ]

Daca copiati acest tutorial nu uitati sa puneti LInk-ul

Si sa facem test!

host nektsistem.sytes.net
nektsistem.sytes.net has address 188.26.170.208

 dig nektsistem.sytes.net

; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> nektsistem.sytes.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63698
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 5

;; QUESTION SECTION:
;nektsistem.sytes.net. IN A

;; ANSWER SECTION:
nektsistem.sytes.net. 41 IN A 188.26.170.208

;; AUTHORITY SECTION:
sytes.net. 10149 IN NS nf3.no-ip.com.
sytes.net. 10149 IN NS nf2.no-ip.com.
sytes.net. 10149 IN NS nf1.no-ip.com.
sytes.net. 10149 IN NS nf4.no-ip.com.

;; ADDITIONAL SECTION:
nf1.no-ip.com. 33761 IN A 50.31.129.129
nf1.no-ip.com. 10271 IN AAAA 2001:1838:f002::129
nf2.no-ip.com. 24260 IN A 69.72.255.8
nf3.no-ip.com. 33761 IN A 69.65.40.108
nf4.no-ip.com. 873 IN A 69.65.5.122

;; Query time: 4 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Sat Apr 19 19:32:29 2014
;; MSG SIZE rcvd: 227

ig +qr nektsistem.sytes.net -x 127.0.0.1 nektsistem.sytes.net ns +noqr

; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> +qr nektsistem.sytes.net -x 127.0.0.1 nektsistem.sytes.net ns +noqr
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41956
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 5

;; QUESTION SECTION:
;nektsistem.sytes.net. IN A

;; ANSWER SECTION:
nektsistem.sytes.net. 60 IN A 188.26.170.208

;; AUTHORITY SECTION:
sytes.net. 10091 IN NS nf4.no-ip.com.
sytes.net. 10091 IN NS nf1.no-ip.com.
sytes.net. 10091 IN NS nf3.no-ip.com.
sytes.net. 10091 IN NS nf2.no-ip.com.

;; ADDITIONAL SECTION:
nf1.no-ip.com. 33703 IN A 50.31.129.129
nf1.no-ip.com. 10213 IN AAAA 2001:1838:f002::129
nf2.no-ip.com. 24202 IN A 69.72.255.8
nf3.no-ip.com. 33703 IN A 69.65.40.108
nf4.no-ip.com. 815 IN A 69.65.5.122

;; Query time: 41 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Sat Apr 19 19:33:26 2014
;; MSG SIZE rcvd: 227

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41425
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;1.0.0.127.in-addr.arpa. IN PTR

;; ANSWER SECTION:
1.0.0.127.in-addr.arpa. 3600 IN PTR localhost.

;; AUTHORITY SECTION:
0.0.127.in-addr.arpa. 3600 IN NS localhost.

;; Query time: 1 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Sat Apr 19 19:33:26 2014
;; MSG SIZE rcvd: 106

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49872
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;nektsistem.sytes.net. IN NS

;; AUTHORITY SECTION:
sytes.net. 60 IN SOA nf1.no-ip.com. hostmaster.no-ip.com. 2046448184 600 300 604800 600

;; Query time: 66 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Sat Apr 19 19:33:26 2014
;; MSG SIZE rcvd: 98

//Edit-> Am sa revin si cu slave, partea a II + Securizare cand am sa am timp!

Edited by sleed
etc..
  • Downvote 1

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...