Siyaqhubeka nothotho lwamanqaku ethu kwaye kule siyakujongana nale miba ilandelayo:
- Ukufakwa
- Izalathiso kunye neefayile eziphambili
Ngaphambi kokuqhubeka, sicebisa ukuba ungayeki ukufunda:
Ukufakwa
KwiConsole nanjengomsebenzisi Ingcambu sifaka ifayile bopha9:
ukufaneleka ukufaka i-bind9
Kuya kufuneka sifake kwakhona iphakheji dnsutil enezixhobo eziyimfuneko zokwenza imibuzo ye-DNS kunye nokuchonga ukusebenza:
ukufaneleka ukufaka i-dnsutils
Ukuba ufuna ukudibana noxwebhu oluza kwindawo yokugcina izinto:
ukufaneleka ukufaka i-bind9-doc
Amaxwebhu aya kugcinwa kulawulo / usr / share / doc / bind9-doc / ingalo kunye nefayile yesalathiso okanye isiQulatho seZiqulatho yi bv9ARM.html. Ukuyivula isebenza:
firefox / usr / share / doc / bind9-doc / ingalo / Bv9ARM.html
Xa sifaka ifayile bopha9 Kwi-Debian, kunjalo ke iphakheji ubopha9utils Esibonelela ngezixhobo eziluncedo kakhulu ukugcina ufakelo olusebenzayo LOKUBOPHA. Phakathi kwazo siza kufumana i-rndc, ebizwa ngokuba yi-checkconf kunye negama-lokujonga indawo. Ukongeza, iphakheji dnsutil inegalelo kuthotho lweenkqubo zabathengi BAMANYA phakathi kwazo iya kuba ukumba kunye nsokuokup. Siza kuzisebenzisa zonke ezi zixhobo okanye imiyalelo kumanqaku alandelayo.
Ukwazi zonke iinkqubo zephakeji nganye kufuneka sizenze njengomsebenzisi Ingcambu:
dpkg -L bind9utils dpkg -L dnsutils
Okanye uye ku Synaptic, jonga iphakheji, kwaye ubone ukuba zeziphi iifayile ezifakiweyo. Ngokukodwa ezo zifakwe kwiifolda / usr / bin o / usr / sbin.
Ukuba sifuna ukwazi ngakumbi ngendlela yokusebenzisa isixhobo ngasinye okanye inkqubo efakiweyo, kufuneka siphumeze:
umntu
Izalathiso kunye neefayile eziphambili
Xa sifaka i-Debian ifayile iyenziwe /etc/resolv.conf. Le fayile okanye "Resolver inkonzo yoqwalaselo lwefayile", Iqulethe iindlela ezininzi ezingagqibekanga zegama lesizinda kunye nedilesi ye-IP yeseva ye-DNS eyazisiweyo ngexesha lofakelo. Njengomxholo woncedo lwefayile ubhalwe ngeSpanish kwaye icacile, sicebisa ukuba siyifunde usebenzisa lo myalelo Isisombululo somntu.
Emva kokufaka i bopha9 Ukucudisa, ubuncinci kule mikhombandlela ilandelayo yenziwe:
/ njl / bopha / var / cache / bind / var / lib / bind
Kwincwadi yeedilesi / njl / bopha Sifumana, phakathi kwabanye, ezi fayile zoqwalaselo zilandelayo:
igama.conf eligama.conf.options ogama.conf.default-zones named.conf.local rndc.key
Kwincwadi yeedilesi / var / cache / ukubopha Siza kwenza iifayile ze IiNgingqi esiza kujongana nayo kamva. Ngaphandle kokufuna ukwazi, sebenzisa le miyalelo ilandelayo kwiConsole njengomsebenzisi Ingcambu:
ls -l / njl / ukubopha ls -l / var / cache / bind
Ewe, isikhombisi sokugqibela asizukuqulatha nantoni na, njengoko singekenzi Indawo yeNgingqi.
Ukwahlulahlula useto lwe-BIND kwiifayile ezininzi kwenziwa ngokulula kunye nokucaca. Ifayile nganye inomsebenzi othile njengoko siza kubona ngezantsi:
igama.conf: Ifayile yoqwalaselo ephambili. Ibandakanya iifayileukhetho.conf, igama.conf.local y igama.conf.default-zones.
ukhetho.confIinketho zeenkonzo zeDNS ngokubanzi. Umyalelo: ulawulo "/ var / cache / bind" Izakuxelela bind9 apho ujonge khona iifayile zeMimandla yeNgingqi eyenziweyo. Sikwazisa apha iiseva “Abaphambili"Okanye kuguqulelo olucingelwayo" Inkqubela phambili "ukuya kwelona nani liphezulu le-3, ezingezizo ngaphandle kweeseva zangaphandle ze-DNS esinokubonisana nazo kwinethiwekhi yethu (ngeFirewall kunjalo) eya kuthi iphendule kwimibuzo okanye kwizicelo ze-DNS yethu. Indawo ayinakho ukuphendula.
Umzekelo, ukuba siqwalasela i-DNS ye-LAN192.168.10.0/24, Kwaye sifuna ukuba omnye wabathumeli bethu abe yi-UCI Name Server, kufuneka sibhengeze abaphambili phambili {200.55.140.178; }; Idilesi ye-IP ehambelana neseva ns1.uci.cu.
Ngale ndlela siya kuba nakho ukubonisana neseva ye-DNS yengingqi eyidilesi ye-IP yomamkeli we-yahoo.es (ngokucacileyo engekho kwi-LAN yethu), kuba i-DNS yethu iya kubuza i-UCI ukuba iyayazi ukuba yeyiphi idilesi ye-IP yahoo.es, kwaye ke iya kusinika iziphumo ezonelisayo okanye cha. Kananjalo nakwifayile uqobo ukhetho.conf Siza kubhengeza eminye imiba ebalulekileyo yoqwalaselo njengoko siza kubona kamva.
igama.conf.default-zonesNjengoko igama lisitsho, ziMimandla emiselweyo. Apha uqwalasela UKUBOPHA igama lefayile equlathe ulwazi lweeServer zeengcambu okanye iiseva zeengcambu eziyimfuneko ukuqala i-DNS cache, ngakumbi ifayileIngcambu. I-BIND iyalelwe ukuba ube neGunya elipheleleyo (lokuba ligunya) ekusombululeni amagama egama localhost, zombini kwimibuzo ethe ngqo nangokubuyela umva, ngokufanayo kwiindawo "zosasazo".
igama.conf.local: Ifayile apho sibhengeza khona ubumbeko lweseva ye-DNS ngegama lendawo nganye IiNgingqi, kwaye iya kuba ziiFayile zeRekhodi zeDNS eziza kwenza imephu yamagama eekhompyuter aqhagamshelwe kwi-LAN yethu nedilesi ye-IP kwaye ngokufanayo.
rndc.keyIfayile evelisiweyo enesitshixo sokulawula ISIBOPHO. Sebenzisa i-BIND iseva yolawulo yenkonzo rndc, siya kuba nakho ukuphinda silayishe ubumbeko lwe-DNS ngaphandle kokuyiqala kwakhona ngomyalelo rndc kwakhona. Iluncedo kakhulu xa sisenza utshintsho kwiifayile zeMimandla yeNgingqi.
Kwiifayile zeMimandla yaseDebian inokufumaneka kwi / var / lib / ukubopha; Ngelixa kolunye usasazo olufana neRed Hat kunye neCentOS zihlala zibekwe ngaphakathi / var / lib / igama okanye eminye imikhombandlela kuxhomekeke kwinqanaba lokhuseleko olwenziweyo.
Sikhetha isikhombisi / var / cache / ukubopha Yeyona icetyiswayo ngokungagqibekanga Debian kwifayile ukhetho.conf. Sinokusebenzisa nasiphi na isikhombisi ukuba nje sixelela bopha9 ujonge phi iifayile zemimandla, okanye sikunika eyona ndlela ifanelekileyo yazo nganye kwifayile igama.conf.local. Kusempilweni kakhulu ukusebenzisa imikhombandlela ecetyiswe kukusasazwa esisebenzisayo.
Ingaphaya kwenqaku eli nqaku ukuxoxa ngokhuseleko olongezelelekileyo olubandakanyekayo ekudaleni i-Cage okanye i-Chroot ye-BIND. Unjalo ke nomcimbi wokhuseleko ngokusebenzisa imeko ye-SELinux. Abo bafuna ukwenza ezi zinto kufuneka bajike kwiincwadana okanye uncwadi olukhethekileyo. Khumbula ukuba iphakheji yamaxwebhu bind9-uxwebhu ifakiwe kulawulo / usr / share / doc / bind9-doc.
Kulungile Madoda, ukuza kuthi ga ngoku Icandelo lesi-2. Asifuni ukwandisa inqaku elinye ngenxa yezindululo ezilungileyo zeNkosi yethu. Ekugqibeleni! Siza kungena kwi-nitty-gritty ye-BIND Setup and Testing… kwisahluko esilandelayo.
ndiyavuyisana nenqaku elihle kakhulu!
Ndiyabonga kakhulu ..
Oku kubaluleke kangako ngenxa yezizathu zokhuseleko: Sukushiya i-dns ivulekile (isisombululo esivulekileyo)
Izalathiso:
1) http://www.google.com/search?hl=en&q=spamhaus+ataque
2) http://www.hackplayers.com/2013/03/el-ataque-ddos-spamhaus-y-la-amenaza-de-dns-abiertos.html
Ndicaphula:
«… Umzekelo, i-Open DNS Resolver Project (openresolverproject.org), iinzame zeqela leengcali zokhuselo ukulungisa oku, ziqikelela ukuba ngoku kukho izigidi ezingama-27" ezivulekileyo zokuVuselela iZisombululo ", kwaye ezizigidi ezingama-25 zazo zisisisongelo esibalulekileyo ., efihliweyo, elinde ukukhupha ubushushu kwakhona ngokuchasene nethagethi entsha .. »
Phendula nge quote
Kulunge kakhulu ukufumana abantu kwinkonzo ebalulekileyo namhlanje njenge-DNS.
Into endiyenzayo, ukuba ndingakhomba into ibenye, yinguqulelo yakho elusizi ye "forwarders", ejongeka ngathi itsaliwe kuGoogle translate. Uguqulelo oluchanekileyo ngu "Ukudlulisa iiseva" okanye "ukuDlulisa phambili."
Yonke enye into, intle.
Phendula nge quote
Ingxaki yesemantics. Ukuba uthumela isicelo komnye ukufumana impendulo, awuqhubeli phambili isicelo kwelinye inqanaba. Ndikholelwe ukuba olona nyango lululo kwiCuba yaseSpain yayinguAdelantadores kuba bendithetha ngePasi okanye Phambi kombuzo endingenakuphendula wona (i-DNS yendawo. Elula. Ngekulula kum ukubhala eli nqaku ngesiNgesi. Nangona kunjalo, ndihlala ndicacisa malunga neenguqulelo zam. Enkosi ngengcaciso yakho esexesheni.
Luxury;)!
Nibuliso!
Kwaye i-OpenSUSE?
I-CREO isebenza kuyo nayiphi na i-distro. Indawo yeefayile iyahluka, ndiyacinga. hayi?
Enkosi ngokunika izimvo .. kwaye ndiyazamkela ngovuyo iingcebiso zakho .. 😉