titurials

titurials

0 Comment


Redhat Enterprise Linux 6 Security Guide Free Download

Because of the increased reliance on powerful, networked computers to help run businesses and
keep track of our personal information, entire industries have been formed around the practice of
network and computer security. Enterprises have solicited the knowledge and skills of security experts
to properly audit systems and tailor solutions to fit the operating requirements of their organization.
Because most organizations are increasingly dynamic in nature, their workers are accessing critical
company IT resources locally and remotely, hence the need for secure computing environments has
become more pronounced.
Unfortunately, many organizations (as well as individual users) regard security as more of an
afterthought, a process that is overlooked in favor of increased power, productivity, convenience, ease
of use, and budgetary concerns. Proper security implementation is often enacted postmortem — after
an unauthorized intrusion has already occurred. Taking the correct measures prior to connecting a
site to an untrusted network, such as the Internet, is an effective means of thwarting many attempts at
intrusion.
Note
This document makes several references to files in the /lib directory. When using 64-bit


PXE Server in RHEL 6 ?

How to configure PXE Server in RHEL 6 ?

Server IP settings.

IP 192.168.0.70
SUBNET 255.255.255.0
nmcontrolled no
onboot yes
DNS1=192.168.0.1

undefined
 
Yum install system-config-kickstart
# Install the kickstart package.

system-config-kickstart
# run the kickstart utility.
In the second last option you can remove text mode installation option and opt For a graphical one. 

undefined
Select the http installation method 
Use the defaults. 
In the disk label option choose the first option (Initialize the disk label).
The partitions that I have created are like this.

Mount Point            type         size
/boot         ext4         500
 swap         swap         2048
  /                     ext4         18000
 
Make sure that SELinux option is disabled and Security level is set to Disable firewall.
Save the ks.cfg file to the filesystem.
Yum install –y syslinux xinetd tftp-server dhcp httpd
# Install all the required packages through yum

mkdir /var/lib/tftpboot/pxelinux.cfg
cp  /usr/share/syslinux/pxelinux.0  /var/lib/tftpboot/

vi /etc/xinetd.d/tftp
# Open the xinetd settings to enable tftp server.
# at line 14 set the parameter to no from yes.
Disable=no 
service xinetd restart
# Restart the service to apply the settings made.

chkconfig xinetd on
# set the service to start with each subsequent system reboots.


vi /etc/dhcp/dhcpd.conf
# Open the file and configure the DHCP Server.


# Global Options
Allow booting;
Allow bootp;
authoritative;

# Subnet definition
subnet 192.168.0.0 netmask 255.255.255.0 {
# Parameters for the local subnet
option routers               192.168.0.1;
option subnet-mask           255.255.255.0;
option domain-name           “example.com”;
option domain-name-servers   192.168.0.1;
default-lease-time           21600;
max-lease-time               43200;
# Client IP range
range dynamic-bootp 192.168.0.100 192.168.0.200;
filename  “pxelinux.0”;
next-server  192.168.0.70;
}

# Here the next–sever parameter is the address of the kickstart server.

service dhcpd restart
Chkconfig dhcpd on

# restart the service and make it permanent.

mkdir –p /var/pxe/rhel6
mkdir /var/lib/tftpboot/rhel6
# make some required directories.

Insert your RHEL 6 dvd

mount  /dev/cdrom   /mnt
# Mount it to /mnt

ls –l /mnt
# Check the contents to see if it is properly mounted.

cp –ivr /mnt/*  /var/pxe/rhel6
# copy all the contents to the /var/pxe/rhel6 directory.

umount /mnt
eject
# after the file copy operation unmount and eject the dvd.

cp  /var/pxe/rhel6/images/pxeboot/vmlinuz   /var/lib/tftpboot/rhel6
cp  /var/pxe/rhel6/images/pxeboot/initrd.img   /var/lib/tftpboot/rhel6
# copy the vmlinuz and initrd.img files to the tftpboot directory.

cp /usr/share/syslinux/menu.c32  /var/lib/tftpboot/
# copy the menu file.

vi /var/lib/tftpboot/pxelinux.cfg/default

timeout 100
default menu.c32

menu title $$$$$$Boot Menu$$$$$$
label 1
  menu label ^ 1) RHEL6
  kernel rhel6/vmlinuz
  append initrd=rhel6/initrd.img  ks=http://192.168.0.70/ks/ks.cfg  ksdevice=eth0

# Prepare the boot menu. 
 
 
 
 
chkconfig httpd on

vi  /etc/httpd/conf.d/pxeboot.conf

# create new entry

Alias /rhel6 /var/pxe/rhel6

   Options Indexes FollowSymLinks
   Order Deny,Allow
   Deny from all
   Allow from 127.0.0.1  192.168.0.0/24
# Ip address you allow



service httpd restart
(ignore the domain name error if it occurs.)

# Prepare the httpd server


mkdir /var/www/html/ks

cp /ks.cfg   /var/www/html/ks/ks.cfg
chmod 644 /var/www/html/ks/ks.cfg

# make the directory and copy the kickstart file to it.
# and make the kickstart file globally read only.


The pxe server is ready.

Plug a computer into the network and boot it through LAN using pxe.

The client pc should  have a display as below.
Subscribe to: Comments (Atom)