Jump to content
sleed

Cum sa ai DNS SERVER PE IP DINAMIC!

Recommended Posts

Testat pe Debian / Ubuntu " Wheezy / 14

Inainte cititi putin despre BIND - Wikipedia, the free encyclopedia bind server

DNS SERVER/: Sistem de nume de domeniu - Wikipedia

// ESTE NEAPARAT SA AVETI PORT-UL 53 FORWARDAT PE ROUTER, DACA AVETI WIFI!

// DACA ESTE VREO PROBLEMA, DATI-MI UN P.M SA INCERC SA VA AJUT.

//Tutorial Made by sleed [Romanian Security Team]

1) Dam full update:

apt-get update && apt-get upgrade

2) Instalam bind server:

apt-get install bind9 bind9-doc

Facem directoare : binddir="/var/cache/bind"

etcdir="/etc/bind"

3) Modificam asa in named.conf.local :


//
// Do any local configuration here
//

// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
include "/etc/bind/ddns.key[sau nektsistem.sytes.net]";

zone "nektsistem.sytes.net" {
type master;
notify no;
file "/etc/bind/zones/nektsistem.sytes.net";
allow-update { key DDNS_UPDATE; };
};

zone "1.168.192.in-addr.arpa" {
type master;
notify no;
file "/etc/bind/zones/1.168.192.in-addr.arpa";
allow-update { key DDNS_UPDATE; };
};

Apo facem un fisier :

[I]ddns-confgen -r /dev/urandom -q -a hmac-md5 -k nektsistem.sytes.net -s nektsistem.sytes.net. | tee -a /etc/bind/neksistem.sytes.net.keys > /etc/bind/key.nektsistem.sytes.net[/I]

chown root:bind /etc/bind/nektsistem.sytes.net.keys ->Ca sa adaugam permisiile doar pentru grupul root si bind

Mai sus unde vedeti ddns key, la include include,adaugam"/etc/bind/nektsistem.sytes.net.keys";

La /etc/bind/zones sa avem : fisierul nektsistem.sytes.net !!!!

Eu il am configurat asa :

$TTL 86400

@ IN SOA ns1.nektsistem.sytes.net. admin.nektsistem.sytes.net. (
2008030501 ; serial number YYMMDDNN
10800 ; Refresh
3600 ; Retry
604800 ; Expire
38400 ; Min TTL
)

@ IN NS ns1.nektsistem.sytes.net.
@ IN MX 10 mail.nektsistem.sytes.net.#[Nu e cazu ca aia de la rds nu mi-au deblocat portu 25] [Multumesc RDS]

ns1 IN A 192.168.0.53
mail IN A 192.168.0.100

Pentru update facem in felu urmator :

cat <<EOF | nsupdate -k /etc/bind/key.nektsistem.sytes.net

server nektsistem.sytes.net

zone nektsistem.sytes.net.

update delete nektsistem.sytes.net.

update add nektsistem.sytes.net. 60 A 192.168.0.1

update add nektsistem.sytes.net. 60 TXT "Updated on $(date)"

send

EOF

Acum modificam DHCPD conf in /etc/dhcpd/dhcpd.conf

authoritative;
option domain-name "nektsistem.sytes.net";
option domain-name-servers ns1.nektsistem.sytes.net;

ddns-updates on;
ddns-update-style interim;
ignore client-updates;
update-static-leases on;

default-lease-time 700;
max-lease-time 700;
log-facility local7;


include "/etc/dhcp/ddns.key";

zone nektsistem.sytes.net. {
primary 127.0.0.1;
key DDNS_UPDATE;
}

zone 0.168.192.in-addr.arpa. {
primary 127.0.0.1;
key DDNS_UPDATE;
}


subnet 192.168.0.100 netmask 255.255.255.0 {
range 192.168.0.10 192.168.2.100;
option routers 192.168.0.1;
}

RESTART LA SERVERUL BIND9:

Service bind9 restart

sau

/etc/init.d/bind9 restart

// Acest tutorial a facut cu ajutorul NO-IP. Faceti cont acolo, apoi la host & redirect : http://www.noip.com/members/dns/

adaugati-va un host, eu am ales nektsistem.Apoi sa aveti no ip instalat pe server / statia de lucru!


cd /usr/local/src
wget http://www.no-ip.com/client/linux/noip-duc-linux.tar.gz
tar xzf noip-duc-linux.tar.gz
cd no-ip-2.1.9-1
make
make install

Si sa faceti update :

Aveti aici un config :

#######################################################
#! /bin/sh
case "$1" in
start)
echo "Serviciu NOIP2-PORNIT."
/usr/local/bin/noip2
;;
stop)
echo -n "Serviciu NOIP2-Oprit."
killall -q -TERM /usr/local/bin/noip2
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
exit 0
#######################################################

Pentru a putea face update-urile zilnice :)

Cam atat a fost, acest l-am facut eu de la 0 si m-am chinuit putin sa fiu mai catolic ca si Papa! [ sleed from RST ]

Daca copiati acest tutorial nu uitati sa puneti LInk-ul

Si sa facem test!

host nektsistem.sytes.net
nektsistem.sytes.net has address 188.26.170.208

 dig nektsistem.sytes.net

; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> nektsistem.sytes.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63698
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 5

;; QUESTION SECTION:
;nektsistem.sytes.net. IN A

;; ANSWER SECTION:
nektsistem.sytes.net. 41 IN A 188.26.170.208

;; AUTHORITY SECTION:
sytes.net. 10149 IN NS nf3.no-ip.com.
sytes.net. 10149 IN NS nf2.no-ip.com.
sytes.net. 10149 IN NS nf1.no-ip.com.
sytes.net. 10149 IN NS nf4.no-ip.com.

;; ADDITIONAL SECTION:
nf1.no-ip.com. 33761 IN A 50.31.129.129
nf1.no-ip.com. 10271 IN AAAA 2001:1838:f002::129
nf2.no-ip.com. 24260 IN A 69.72.255.8
nf3.no-ip.com. 33761 IN A 69.65.40.108
nf4.no-ip.com. 873 IN A 69.65.5.122

;; Query time: 4 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Sat Apr 19 19:32:29 2014
;; MSG SIZE rcvd: 227

ig +qr nektsistem.sytes.net -x 127.0.0.1 nektsistem.sytes.net ns +noqr

; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> +qr nektsistem.sytes.net -x 127.0.0.1 nektsistem.sytes.net ns +noqr
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41956
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 5

;; QUESTION SECTION:
;nektsistem.sytes.net. IN A

;; ANSWER SECTION:
nektsistem.sytes.net. 60 IN A 188.26.170.208

;; AUTHORITY SECTION:
sytes.net. 10091 IN NS nf4.no-ip.com.
sytes.net. 10091 IN NS nf1.no-ip.com.
sytes.net. 10091 IN NS nf3.no-ip.com.
sytes.net. 10091 IN NS nf2.no-ip.com.

;; ADDITIONAL SECTION:
nf1.no-ip.com. 33703 IN A 50.31.129.129
nf1.no-ip.com. 10213 IN AAAA 2001:1838:f002::129
nf2.no-ip.com. 24202 IN A 69.72.255.8
nf3.no-ip.com. 33703 IN A 69.65.40.108
nf4.no-ip.com. 815 IN A 69.65.5.122

;; Query time: 41 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Sat Apr 19 19:33:26 2014
;; MSG SIZE rcvd: 227

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41425
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;1.0.0.127.in-addr.arpa. IN PTR

;; ANSWER SECTION:
1.0.0.127.in-addr.arpa. 3600 IN PTR localhost.

;; AUTHORITY SECTION:
0.0.127.in-addr.arpa. 3600 IN NS localhost.

;; Query time: 1 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Sat Apr 19 19:33:26 2014
;; MSG SIZE rcvd: 106

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49872
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;nektsistem.sytes.net. IN NS

;; AUTHORITY SECTION:
sytes.net. 60 IN SOA nf1.no-ip.com. hostmaster.no-ip.com. 2046448184 600 300 604800 600

;; Query time: 66 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Sat Apr 19 19:33:26 2014
;; MSG SIZE rcvd: 98

//Edit-> Am sa revin si cu slave, partea a II + Securizare cand am sa am timp!

Edited by sleed
etc..
  • Downvote 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...