Firewall, IDS, Cloud, Mail (uye chero chii chinobuda) mumba mako

Mhoro. Sezvo zvakajairika mumabhuku angu, nhasi ticha taura nezve maseva, network nezvimwe zvinhu.

linux server

Kutanga, ini ndoda kukuudza kuti ndafunga kugadzira kabhuku kadiki kekuti ungaisa sei sevha mumba mako, munzira yakagadzirirwa asi inoshanda kwazvo (Kwangu ini ndinoshandisa Pentium 4 ine 1GB ye RAM). Pane yedu server isu tichaisa nekugadzirisa mamwe mapurogiramu uye masevhisi ayo ini ndinofunga anogona kukubatsira iwe kudzidza, kudzidza uye pamwe unogona kuzvishandisa muhupenyu hwako hwezuva nezuva. Aya mapurogiramu / masevhisi ndeaya:

  • Firewall (Iptables): Tichashandisa zvishandiso zvedu segedhi kunetiweki yedu, uye tichagadzirisa mimwe mirau yemigwagwa.
  • IDs: Tichashandisa software inonzi SNORT kuti tione vapambi nevanogona kurwisa, zvese kune yedu network uye kuseva.
  • MAIL: Tichava neyedu mail server.
  • Gore: Tichashandisa zvakare chishandiso chinonzi OwnCloud kuve nemafaira edu uye zvinyorwa mukati megore (Server yedu).

Tiri munzira, isu tichadzidzawo mamwe matipi anotonhorera uye madhiri ayo chero munhu anogona kuaverenga anogona kushandisa Asi hei, ngatisvikei pazviri.

tsamba

Ini ndaida kutanga nebasa iri, nekuti kuti riiswe uye rishande nemazvo, tinofanirwa kutanga tagadzirisa izvo zvichatibatsira zvakanyanya. Kuisa ino sevha, ini ndaisa linux (Debian 8.5) pane muchina wekare. (Pentium 4 - 1GB RAM).

ONA: Izvo zvakakosha kuti uzive maitiro ekugadzirisa yako router uye gadzira DMZ kune iyo server's ip.

Sezvo munhu wese achiziva, mail server inoshandiswa kutumira uye kugamuchira maemail, asi kana tichida kuishandisa kuzviita nechero sevhisi (Gmail, Hotmail, Yahoo .. Etc). Tinoda yedu domaini, asi izvi zvakakosha mari, saka ndafunga kushandisa "No-IP" sevhisi, iyo inoita kuti tigadzire inomiririra iyo inonongedzera ku IP yedu, (Hazvina basa kana iri simba kana kumira) . Ini handidi kuenda mune zvakawanda ruzivo neizvi, asi iwe unofanirwa kungopinda mu: https://www.noip.com/ uye gadzira account. pavanopinda, panhare yako ichaonekwa chakadai.

paneip noip

Ivo vanofanirwa chete kupinda «Wedzera Hondo ». Ikoko ivo vanongofanira chete kusarudza zita remugadziri wavo (rinozoita sedomeini.) Zvino, kana yavo Ruzhinji IP iri ine simba, ivo vanofanirwa kumisikidza mutengi pane yavo server kuitira kuti iyi IP igadzirise otomatiki.

Kune izvi, hapana-ip ine bhuku rayo pachayo pane iyi link. http://www.noip.com/support/knowledgebase/installing-the-linux-dynamic-update-client/

Kana vaisa chirongwa uye vari kuchigadzira (gadzira uye gadzira). Chirongwa ichi chinokumbira yako yechokwadi dhata pa-ip-ip.com

noip1

NOTA: Mushure mekunge maisa ruzivo rweakaundi yako. Ichakubvunza mimwe mibvunzo, iwe unofanirwa kushandisa sarudzo dzesarudzo (ENTER).

Kana vaine izvi, maemail avo anozoshandisa @domain.no-ip.net (Semuyenzaniso).

Iye zvino kuisa iyo mail server. Tichazoshandisa chishandiso chine simba kwazvo chandinogara ndichifarira kushandisa mune idzi kesi patinoda kukurumidza uye kugona. Zita rayo ndiIredMail uye ipakeji (Chinyorwa) iyo inonyanya kuisa zvese zvese otomatiki uye inongokumbira iwe rumwe ruzivo kuti uzviite.

Kuti tiite izvi, isu tichaenda kune iro repamutemo peji uye kurodha pasi script.  http://www.iredmail.org/download.html

iredmail

Tinogona kushandisa wget kuraira kurodha pasi pasuru, uye mushure mekuisunungura iyo tinopinda dhairekitori iko iko.

Isu tinongomhanyisa script "IRedMail.sh"

ired1

Kutanga iwe unowana meseji yekutambira kwaunongofanira kudzvanya ENTER. Zvino mubvunzo wekutanga waunobvunza iwe ndipo paunoda kuti maemail ako achengetwe.

ired2

Nokusingaperi, ivo vanozochengetedza ku / var / vmail. unogona kuisiya ipapo kana kusarudza chero imwe nzvimbo kana rekodhi. Mune yangu chaiyo kesi, ini ndine imwe diski yakaiswa pa / data. uye ini ndichasiya maemail angu mu / data / vmail.

Mubvunzo unotevera ndewokuti iwe unoda here kushandisa Apache kana Nginx sewebhu dura.

ired3

Wese munhu haabvumirani nderipi basa riri nani, asi kwandiri ini ndinoshandisa Apache.

Ipapo inozobvunza kuti ndeipi dura re database raunoda kushandisa.

ired4

Kuti zvive nyore, sezvo isu tisingazoshandise LDAP kana chero chinhu chakadai, isu tinoshandisa Mysql kunyangwe ini dzimwe nguva ndichishandisa MariaDB.

Mubvunzo unotevera ndewekuti nderipi domain rauri kuzoshandisa, ipapo uchafanirwa kuisa imwechete iyo yawakaita nguva yadarika mu no-ip.

ired5

Mushure meizvi, inokuudza kuti ichagadzira yakasarudzika manejimendi account inonzi postmaster@domain.no-ip.net uye anokumbira iwe password yaunoda kuisa.

ired7

Ipapo, inokubvunza iwe maturusi aunoda kuisa (uye inokupa tsananguro yeumwe neumwe).

ired8

Unogona kusarudza dziya dzaunoda kana kuisiya sezvazviri. Uye zvinofanotaura iwe kuti usimbise iyo data iwe uchangopinda uye ndizvozvo. Iyo yekumisikidza ichatanga. Tinofanira kungomirira kwechinguva.

NOTA: Zvinogoneka kuti panguva yekumisikidza inokumbira iwe ruzivo senge password yaunoda kumisikidza kuMysql (Kana iwe usina kuisirwa).

Paanenge apedza anokupa zvimwe zvinongedzo. uye ini ndinokurudzira iwe kutangazve sevha. uye kutarisa kuti zvese zvinoshanda, unofanira kupinda https: // IP. iyi IP inofanirwa kuve iyo LAN IP ye server yako, unogona kuitarisa uchishandisa ifconfig. 

ired9

Ipapo Roundcube inofanira kubuda, inova yedu Webmail. Uye kuyedza iwe unogona kushandisa iyo Postmaster account (iyo yavakagadzira kare). uye tsamba yako inofanira kubuda.

ired10

ZVINOKOSHA ZVINOKOSHA: Panguva iyi, sezvo yaive kekutanga kuiyedza ndiri kumba, ndakave nedambudziko rinotevera: Zvinoitika kuti nekuda kwemitemo yekuchengetedza, vanopa sevhisi seGmail uye Outlook vanovhara maemail anobva kunzvimbo dzine simba dzeIP. uye kunyangwe yako ip isingambochinji, zvinogona kunge zvakavharwa nekuti ichiri kunzi ip yekugara Iwe ungangodaro unofanirwa kutarisa neIPP yako kana uchikwanisa kuwana bhizinesi static IP. 

CHERECHEDZO CHINOKOSHA 2: Izvo zvakare zvinogona kunge ISP yako isingakubvumidze kushandisa chiteshi 25, sezvo iri chiteshi chinoshandiswa nevamwe vanopa kukutumira maemail, unofanirwa kubata ISP yako.

Zvino, kudzora yako mail server (gadzira maakaunzi ... nezvimwewo) Unofanira kupinda https://IP/iredadmin. Pinda nezita rako rekushandisa postmaster@domain.no-ip.net.

ired11

Iyo pani yakanyatso nzwisisika, inoshandiswa kuwedzera nekugadzirisa maakaunzi emaimeri, uye zvakare madunhu nyowani.

Panguva ino iwe unofanirwa kunge utove neanoshanda mail server. Mune inotevera posvo isu tinotanga kugadzira yedu Firewall uye kugadzirisa yedu network.

Unyengeri: Mune dhairekitori yatakatora pasi script, pane faira inonzi iRedMail.tips kwaunowana ruzivo rwakawanda, senge mafaira ekumisikidza uye data rekumisikidza.

Mufaro.!


Izvo zviri muchinyorwa zvinoomerera pamisimboti yedu ye tsika dzekunyora. Kuti utaure chikanganiso tinya pano.

Makomendi gumi, siya zvako

Siya yako yekutaura

Your kero e havazobvumirwi ichibudiswa.

*

*

  1. Inotarisira iyo data: Miguel Ángel Gatón
  2. Chinangwa cheiyo data: Kudzora SPAM, manejimendi manejimendi.
  3. Legitimation: Kubvuma kwako
  4. Kutaurirana kwedata
  5. Dhata yekuchengetedza: Dhatabhesi inobatwa neOccentus Networks (EU)
  6. Kodzero: Panguva ipi neipi iwe unogona kudzora, kupora uye kudzima ruzivo rwako

  1.   Leonardo akadaro

    Kugona chose!!!!! Ndiri kumirira iyo OwnCloud imwe iyo yandave ndichida kuvaka pane yangu Raspberry Pi kwechinguva uye ini handigone kuzviita nematidziro andakawana pawebhu.

  2.   sebastianbianchini akadaro

    Muy bueno!
    Congratulations