Jumat, 05 Maret 2010

Konfigurasi Servis

1. Cek keberadaan services yang berjalan :
[root@ns ~]#chkconfig --list | less
2.
3.Jenis-jenis service
ConsoleKit It records users' actions on the system in log files.
NetworkManager The NetworkManager daemon attempts to keep an active network connection available at all times.
NetworkManagerDispatcher The NetworkManagerDispatcher daemon runs commands in the /etc/NetworkManager/dispatcher.d directory in response to interfaces coming up and down.
anacron Anacron can be used to execute commands periodically, with a frequency specified in days.
atd atd runs jobs queued by at.
autofs autofs controls the operation of the automount(8) daemons running on the Linux system.
bluetooth It provids wireless connections among computers.
cpuspeed This program monitors the system�fs idle percentage and reduces or raises the CPUs�f clock speeds and voltages accordingly to minimize power consumption when idle and maximize perfor-mance when needed.
crond The daemon to execute scheduled commands. *
cups It's the print system.
dund It's BlueZ Bluetooth dial-up networking daemon.
firstboot It's a tool that we can configure basic settings ofthe system by it.
gpm It's a cut and paste utility and mouse server for virtual consoles.
haldaemon It searches infomations for hardwares.
ip6tables It's IPv6 packet filter administration.
iptables It's administration tool for IPv4 packet filtering and NAT.
irda IrDA is a complete implementation of the various IrDA protocols and IrDA drivers for Linux.
irqbalance It distributes hardware interrupts across processors on a multiprocessor system. *
kudzu It detects and configures new and/or changed hardware on a system.
mdmonitor It watches software-based RAID.
messagebus It sends messages between apprications. *
microcode_ctl It's microcode utility for Intel IA32 processors.
multipathd The multipathd daemon is in charge of checking for failed paths. When this happens, it will reconfigure the multipath map the path belongs to, so that this map regains its maximum per-formance and redundancy.
netconsole It sends printk message from kernel on UDP.
netfs It's NFS client.
netplugd It's the daemon for network cable hotplug management.
network It's the daemon for network system. *
nfs It's NFS server.
nfslock It provids file lock function for NFS server.
nscd Nscd is a daemon that provides a cache for the most common name service requests.
pand The pand PAN daemon allows your computer to connect to ethernet networks using Bluetooth.
pcscd It's PC/SC Smart Card Daemon.
psacct Belum tahu nih

rdisc Belum tahu nih

readahead_early It reads files in page cache early. *
readahead_later It reads files in page cache early when system is running in GUI mode.
restorecond It's the daemon that watches for file creation and then sets the default SELinux file context.
rpcbind It's universal addresses to RPC program number mapper.
rpcgssd It's the daemon which is used for network filesystem like NIS or NFS.
rpcidmapd It's the daemon which is used for network filesystem like NIS or NFS.
rpcsvcgssd It's the daemon which is used for network filesystem like NIS or NFS.
rsyslog It reads and/or clears kernel message ring buffer; set console_loglevel. *
saslauthd saslauthd is a daemon process that handles plaintext authentication requests on behalf of the SASL library.
sendmail It's SMTP server.
smartd It's SMART Disk Monitoring Daemon.
sshd It's OpenSSH SSH daemon. *
udev-post Belum tahu juga

wpa_supplicant It's Wi-Fi Protected Access client and IEEE 802.1X supplicant.
ypbind ypbind finds the server for NIS domains and maintains the NIS binding information.
yum-updatesd yum-updatesd provides notification of updates which are available to be applied to your system.

Konfigurasi Firewall dan SE linux

Konfigurasi Firewall dan SE(Security-Enhanced Linux). : firewall dibutuhkan kalau kita saat mengaktifkan router, untuk latihan ini kita disable dulu.
[root@my ~]#/etc/rc.d/init.d/iptables stop
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: filter [ OK ]
Unloading iptables modules: [ OK ]
[root@my ~]#chkconfig iptables off
[root@my~]#chkconfig ip6tables off
[root@my~]#vi /etc/sysconfig/selinux
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#
enforcing - SELinux security policy is enforced.

#
permissive - SELinux prints warnings instead of enforcing.

#
disabled - SELinux is fully disabled.

SELINUX=disabled // rubah ini
# SELINUXTYPE= type of policy in use. Possible values are:
#
targeted - Only targeted network daemons are protected.

#
strict - Full SELinux protection.

SELINUXTYPE=targeted

Senin, 01 Maret 2010

Konfigurasi awal : Menambahkan User pada LFD

1. Membuat user contoh;periyadi ...
[root@my ~]#useradd periyadi
[root@my ~]#passwd periyadi
Changing password for user fedora.
New UNIX password: // masukan passwordnya
Retype new UNIX password: // ulangi sekali lagi passwordnya
passwd: all authentication tokens updated successfully.
[root@my ~]#exit # logout

2. Berpindah login dari user ke root

my login: periyadi // masukan username yang sudah dibuat sebelumnya
password: // masukan password
[periyadi@my ~]$ su - // pindah ke root
Password: // masukan password root
[root@my ~]#

3. Menjadi user periyadi yang mengendalikan sistem root, user lain tidak

[root@my ~]#vi /etc/group
// di line 11: tambahkan user tadi,modus edit tekan tombol insert
wheel:x:10:root,periyadi
#save file gunakan perintah/ketikan :wq!
[root@my~]#vi /etc/pam.d/su
#%PAM-1.0
auth sufficient pam_rootok.so
# Hapus '#' pada line berikut

auth required pam_wheel.so use_uid
auth include system-auth
account sufficient pam_succeed_if.so uid = 0 use_uid quiet
account include system-auth
password include system-auth
session include system-auth
session optional pam_xauth.so

4.seting forward mail yang ke root dialihkan ke user periyadi
[root@my ~]#vi /etc/aliases

# Person who should get root's mail
# dibawah, hapus '#' dan tambahkan user periyadi

root:periyadi
[root@my ~]#newaliases // set aliases baru
/etc/aliases: 77 aliases, longest 10 bytes, 776 bytes total

Minggu, 28 Februari 2010