LOMBA KETERAMPILAN SISWA

Similar documents
LOMBA KETERAMPILAN SISWA

Island A Test project Linux Environments

LOMBA KETRAMPILAN SISWA SEKOLAH MENENGAH KEJURUAN TINGKAT PROVINSI BALI. Kelompok Teknologi Informasi. Standar WSC LEMBAR SOAL. Nama Peserta :...

World Skills Competition. Trade 39: IT PC and Network Support. Day 2 Competition

Linux Administration

Deploying Cisco UCS Central

UNIVERSITY OF MUMBAI OCTOBER 2014 LINUX ADMINISTRATION

Day 1 IT Network Systems Administration Trade 39 WSC 2011 London

Link Gateway Initial Configuration Manual

Installing and Configuring VMware Identity Manager Connector (Windows) OCT 2018 VMware Identity Manager VMware Identity Manager 3.

3. In the upper left hand corner, click the Barracuda logo ( ) then click Settings 4. Select the check box for SPoE as default.

Deploying VMware Identity Manager in the DMZ. JULY 2018 VMware Identity Manager 3.2

VMware Identity Manager Connector Installation and Configuration (Legacy Mode)

Table of Contents 1 V3 & V4 Appliance Quick Start V4 Appliance Reference...3

Deploying VMware Identity Manager in the DMZ. SEPT 2018 VMware Identity Manager 3.3

1 Login AppServ Hosting Control System

RedHat Certified Engineer

Endian Proxy / Firewall

User Manual. SSV Remote Access Gateway. Web ConfigTool

Fireware-Essentials. Number: Fireware Essentials Passing Score: 800 Time Limit: 120 min File Version: 7.

WA2592 Applied Data Science and Big Data Analytics. Classroom Setup Guide. Web Age Solutions Inc. Copyright Web Age Solutions Inc.

VII. Corente Services SSL Client

System Setup. Accessing the Administration Interface CHAPTER

HySecure Quick Start Guide. HySecure 5.0

6.1. Getting Started Guide

How to Configure Mobile VPN for Forcepoint NGFW TECHNICAL DOCUMENT

Application Layer: OSI and TCP/IP Models

Comodo Dome Data Protection Software Version 3.8

Chapter 2: System and Network Architecture. Chapter 4: Configuration of the Server and Client Machines. Chapter 5: Starting a Functional Test

Grandstream Networks, Inc. Captive Portal Authentication via RADIUS

Installing Cisco APIC-EM on a Virtual Machine

Load Balancing Censornet USS Gateway. Deployment Guide v Copyright Loadbalancer.org

WorldSkills Competition to 22 July 2003 in St. Gallen, Switzerland. Day 3. IT PC and Network Support. To be filled out by the candidate

ISO Installation Guide. Version 1.2 December 2015

SOA Software API Gateway Appliance 6.3 Administration Guide

akkadian Global Directory 3.0 System Administration Guide

User s Manual CONTENT. Nano NAS Server for USB storages. 1. Product Information Product Specifications System requirements..

Configure the Cisco DNA Center Appliance

OpenVPN ANTELOPE USER GROUP 2017, VIENNA. Stefan Radman May 30, 2017

VMware Identity Manager Cloud Deployment. Modified on 01 OCT 2017 VMware Identity Manager

VMware Identity Manager Cloud Deployment. DEC 2017 VMware AirWatch 9.2 VMware Identity Manager

Horizon DaaS Platform 6.1 Service Provider Installation - vcloud

Grandstream Networks, Inc. GWN7000 Command Line Guide

Configuring User VPN For Azure

The Balabit s Privileged Session Management 5 F5 Azure Reference Guide

CHAPTER 7 ADVANCED ADMINISTRATION PC

File services. Domains, DNS DHCP. Server Scripts. Intranet and Extranets. Web services. HNC COMPUTING - Network Concepts

ElasterStack 3.2 User Administration Guide - Advanced Zone

Viola M2M Gateway Enterprise Edition

Step-by-Step Configuration

Network Controller 3500 Quick Start Guide

User Inputs for Installation

JAMF Software Server Installation and Configuration Guide for Linux. Version 9.31

Appliance Installation Guide

Create a pfsense router for your private lab network template

Configuring OpenVPN on pfsense

SUN SOLARIS. Course Catalog

Competitor fills in. Expert fills in. Time: 5:00h 39 - IT Network Systems Administration Chief-Experts: Danny Meier, Florian Meier, Tobias Meier

Symantec NetBackup Appliances Hands-On Lab

Pexip Infinity and Google Cloud Platform Deployment Guide

User Guide TL-R470T+/TL-R480T REV9.0.2

RAP Installation README

Part 1 : Getting Familiar with Linux. Hours. Part II : Administering Red Hat Enterprise Linux

MAC OS X 10 6 SERVER REPAIR MANUAL

Sophos Migration Assistant. migration guide

Connecting CoovaAP 1.x with RADIUSdesk - Basic

Plexxi Control Installation, Upgrade and Administration Guide Releases 2.3.x, 2.4.x, 3.0.x, 3.1.0

IPMI Configuration Guide

RealPresence Access Director System Administrator s Guide

REMOTE ACCESS IPSEC. Course /14/2014 Global Technology Associates, Inc.

G806+H3C WSR realize VPN networking

Step-by-Step Configuration


HP Load Balancing Module

Yealink Device Management Platform Quick Start Guide. Applies to version or later

JAMF Software Server Installation and Configuration Guide for Linux. Version 9.72

Relay Proxy User Guide

Getting Started Guide. Installation and Setup Instructions. For version Copyright 2009 Code 42 Software, Inc. All rights reserved

CUSTOMER CONTROL PANEL... 2 DASHBOARD... 3 HOSTING &

S/MIME LDAP address book Secure address book virtual appliance admin setup manual

Cisco Prime Collaboration Deployment

CCNA Discovery Server Live CD v2.0

The SSL device also supports the 64-bit Internet Explorer with new ActiveX loaders for Assessment, Abolishment, and the Access Client.

WA2342 NoSQL Systems Comparison. Lab Server VM Setup Guide. Web Age Solutions Inc. Copyright Web Age Solutions Inc. 1

ABOUT ZEPCAM SOFTWARE INSTALLATION MANAGEMENT AND BACKUPS. Description What is it Installation requirement Server requirement

Nessus Scan Report. Hosts Summary (Executive) Hosts Summary (Executive) Mon, 15 May :27:44 EDT

IP806GA/GB Wireless ADSL Router

LevelOne FBR User s Manual. 1W, 4L 10/100 Mbps ADSL Router. Ver

Microsoft Microsoft TS: MS Internet Security & Acceleration Server 2006, Configuring. Practice Test. Version:

Contents. Deployment: Automated Installation of Cygwin

RHEL 5 Essentials. Red Hat Enterprise Linux 5 Essentials

Neopost Security Datasheet DS-40i/64i/75i/85i/90i/95i Your security, our commitment!

1 Installing OPI is Easy

Ftp Command Line Manual Windows Username Password Linux

1 Installing KEEP is Easy

WLM1200-RMTS User s Guide

Integrating Ubuntu based workstations in IPBrick s domain

EFOLDER SHADOWPROTECT CONTINUITY CLOUD GUIDE

Information for Domain Admin & Web Admin. Version v 2.0

Step-by-Step Configuration

Transcription:

LOMBA KETERAMPILAN SISWA SEKOLAH MENENGAH KEJURUAN TINGKAT NASIONAL XXV 2017 MODUL A LINUX ISLAND IT NETWORK SYSTEMS ADMINISTRATION LKS2017_ITNSA_MODUL_A

2 ISLAND A LINUX ISLAND CONTENTS This Test Project proposal consists of the following document/file: _MODULA.pdf INTRODUCTION The competition has a fixed start and finish time. You must decide how to best divide your time. Please carefully read the following instructions! When the competition time ends, please leave your station in a running state. PHYSICAL MACHINE (HOST) FOLDER PATHS Virtual Machines: C:\LKS\Virtual Machine ISO Images: C:\LKS\ISO Password for OS Pre-Install : Skills39

3 PART I WORK TASK INSTALLATION (SOLOSRV, SEMARANGSRV) Note Please use the default configuration if you are not given details. WORK TASK SERVER SOLOSRV Configure the server with the hostname, domain and IP specified in the appendix. o Configure the disk and partitions Add 3 disk with 7 GB of each disk. Use the three virtual disks to create a software RAID 5. Mount it as /files o o Create 30 local UNIX users with password InaSkills2017 Username: user[1-30]. ex: user1, user2,, user30 Install the services: 1. DNS (bind9) Configure and install DNS Server with two domain - skills4future.net to SOLOSRV - skills39.edu.id to SEMARANGSRV Create subdomain files.skills4future.net and internal.skills4future.net Create subdomain monitor.skills39.edu.id and vpn.skills39.edu.id Create a host www.skills4future.net for IP Public JATENGRO 2. Web Server (apache2 including php5) Create website http://internal.skills4future.net and http://www.skills4future.net - Use the following code for index.html in the http://internal.skills4future.net <html> <h1>welcome in the INTERNAL skills4future.net</h1> </html> - Use the following code for index.html in the http://www.skills4future.net <html> <h1>welcome in the skills4future.net</h1> </html> Make sure http://internal.skills4future.net is protected by authentication - Allow users from user11 to user20 Enable HTTPs for both sites - Use a certificate signed by CA Service in SEMARANGSRV - Make sure no certificate warning is shown. 3. FTP (proftpd) Enable FTPS - Use a certificate signed by SEMARANGSRV Each user (user21 to user30) will have a home directory.

4 Make sure the user is jailed in their respective website document root directories. Make sure file transfer to the server is possible. 4. Mail Make sure user11 to user20 have access via POP3, IMAP and SMTP Before you finish your project make sure you send an email message from user14 to user19 and another message from user19 to user14. Do not delete these email messages. 5. File Server (Samba) Share MANAGER o Path is /files/manager o Give access only to users user1 to user10 o Make sure the share is not shown in the network browser of the clients Share GUEST o Path is /files/guest o Enable read-only access to everyone 6. SSH Server Install SSH Server Use RADIUS SEMARANGSRV to authentication users. Change SSH port default to 1945 WORK TASK SERVER SEMARANGSRV Configure the server with the hostname, domain and IP specified in the appendix. o Install the services: 1. CA (openssl) Configure as CA CA attributes should be set as follows - Country code is set to ID - Organization is set to LKSN2017 Create a root CA certificate Store the certificate in directory /cert 2. Monitoring Server (Cacti) Configure Cacti with url http://monitor.skills39.edu.id Create an admin-user master with password InaSkills2017 Create a graph showing the statistics of the CPU, Memory and interfaces traffic of JATENGRO 3. RADIUS (FreeRadius) Create 5 users with password InaSkills2017 for SSH login SOLOSRV o Username: user[31-35]. ex: user31, user32,, user35 Use InaSkills2017 as share key

5 4. DHCP o Create DHCP Pool INTERNAL: Range: 192.168.150.51 192.168.150.100 Netmask: /25 Gateway: 192.168.150.1 DNS: 172.23.199.3 o DNS-Suffix: skills4future.net o SOLOCLT should always receive the following IP: 192.168.150.88 o The clients should automatically register their name with the DNS server after they have been assigned with an IP address by the DHCP server.

6 PART II WORK TASK NETWORK CONFIGURATION (JATENGRO) Note Please use the default configuration if you are not given details. WORK TASK ROUTER JATENGRO Configure the server with the hostname, domain and IP specified in the appendix. o Install the services: 1. Routing Enable routing to router forward IPv4 Packet 2. DHCP Relay Configure DHCP Relay to SEMARANGSRV for internal client 3. Reverse Proxy (nginx) Configure a reverse proxy for http://www.skills4future.net (https://www.skills4future.net), which is hosted by SOLOSRV 4. VPN Server Configure VPN for access to SOLOSRV and SEMARANGSRV. External clients should connect to 212.99.45.65 Use address range 10.20.0.1 to 10.20.0.10 and DNS SOLOSRV for VPN clients For login create a user remote with password InaSkills2017 5. Firewall External network allows the ICMP packet to interface external JATENGRO External network can access to http://www.skills4future.net External network can t access to SOLOSRV and SEMARANGSRV before the vpn established. Ensure the vpn client can t access to internal client (SOLOCLT) when the vpn established. (Can only access to SOLOSRV and SEMARANGSRV) Deny all other traffic from external to all internal network.

7 PART III WORK TASK LINUX CLIENT (JEPARACLT, SOLOCLT) Note Please use the default configuration if you are not given details. WORK TASK LINUX EXTERNAL (JEPARACLT) Note Please use the default configuration if you are not given details. o Install the base OS and use Gnome for the GUI o Configure the client with the hostname, domain and IP specified in the appendix. o Make sure the JEPARACLT can access to http://www.skills4future.net o Make sure the JEPARACLT can access to SEMARANGSRV and SOLOSRV (via JATENGRO) through VPN o Make sure the root CA certificate of SEMARANGSRV is trusted o Make sure the client certificate is installed o Install FileZilla FTP client o Install Icedove mail client Configure mailbox of user14 Make sure user14 can send mails to user19 o Make sure the client can access samba shares. WORK TASK LINUX INTERNAL (SOLOCLT) Note Please use the default configuration if you are not given details. o Install the base OS and use Gnome for the GUI o Configure the client with the hostname, domain and IP specified in the appendix. o Make sure the root CA certificate of SEMARANGSRV is trusted o Make sure the client certificate is installed o Install FileZilla FTP client o Install Icedove mail client Configure mailbox of user19 Make sure user19 can send mails to user14 o Make sure the client can access samba shares. Mount the MANAGER SMB share to /mnt/manager on boot using fstab

8 APPENDIX SPECIFICATIONS SOLOSRV Operating System Linux Debian 7.8 Computer name: SOLOSRV Root password Nasional2017 User Name: batik User Password: Semarang2017 eth0: 172.23.199.3/29 SEMARANGSRV Operating System Linux Debian 7.8 Computer name: SEMARANGSRV Root password Nasional2017 User Name: batik User Password: Semarang2017 IP address: 172.23.199.4/29 JATENGRO Operating System Linux Debian 7.8 Computer name: JATENGRO Root password Nasional2017 User Name: batik User Password: Semarang2017 eth0: 212.99.45.65/28 eth1: 172.23.199.1/29 eth2: 192.168.150.1/25 JEPARACLT Operating System Computer name: Root password User Name: User Password: Linux Debian 7.8 (GUI) JEPARACLT Nasional2017 Batik Semarang2017 IP address: 212.99.45.70/28

9 SOLOCLT Operating System Computer name: Root password User Name: User Password: IP address: Linux Debian 7.8 (GUI) SOLOCLT Nasional2017 batik Semarang2017 DHCP

NETWORK SPESIFICATION Name : SOLOSRV OS : Debian 7.8 Windows 8.1 Hostmachine (PC1) Windows 8.1 Hostmachine (PC2) IP-Address : 172.23.199.3/29 Service: - RAID - DNS - Web - FTP - Email - Samba - SSH SOLOSRV Host Only JATENGRO VMNet1 VMnet1 JEPARACLT Pre-Install Name : JEPARACLT (External) OS : Debian 7.8 (GUI) IP-Address : 212.99.45.70/28 Service: - OpenVPN Client - IceDove - Filezilla VMNet2 Name : SEMARANGSRV OS : Debian 7.8 IP-Address : 172.23.199.4/29 Service: - Cacti - FreeRadius - CA - DHCP Server SEMARANGSRV Host Only Name : lnxrtr1 OS : Debian 7.8 IP-Address : External : 212.99.45.65/28 Server : 172.23.199.1/29 Internal : 192.168.150.1/25 Service: - Routing - DHCP Relay - Reverse Proxy (nginx) - Firewall - OpenVPN Server VMnet2 SOLOCLT Pre-Install Name : SOLOCLT (Internal) OS : Debian 7.8 (GUI) IP-Address : DHCP From SEMARANGSRV Service: - IceDove - Filezilla - DDNS

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback