Q1. CORRECT TEXT

There are two sites www.abc.com and www.example.com. Both sites are mappings to 192.100.0.X IP address where X is your Host address. Configure the Apache web server for these sites to make accessible on web.

Answer and Explanation:

1. vi /etc/httpd/conf/httpd.conf

NameVirtualHost 192.100.0.X

<VirtualHost www.abc.com>

ServerName www.abc.com

DocumentRoot /var/www/abc/

DirectoryIndex index.html

ServerAdmin webmaster@abc.com

ErrorLog logs/error_abc.logs

CustomLog logs/custom_abc.logs common

</VirtualHost>

<VirtualHost www.example.com>

ServerName www.example.com

DocumentRoot /var/www/example/

DirectoryIndex index.html

ServerAdmin webmaster@example.com

ErrorLog logs/error_example.logs

CustomLog logs/custom_example.logs common

</VirtualHost>

2. Create the directory and index page on specified path. (Index page can download from

ftp://server1.example.com at exam time)

Check the SELinux context of index page , should like this:

-rw-r--r-- root root system_u:object_r:httpd_sys_content_t /var/www/html/index.html

If SELinux Context is mismatched, use the restorecon -R /var command

3. service httpd start| restart

4. chkconfig httpd on

5. links http://www.abc.com

6. links http://www.example.com

For Name based Virtual Hosting, we should specified the IP address on which we are going to host the multiple sites using NameVirtualHost options.

* ServerName means you FQDN, already lookup on DNS

* DirectoryRoot path for web documents for this site.

* DirectoryIndex default page for websites.

Q2. CORRECT TEXT

Create the user named jackie, curtin, david

Answer and Explanation:

1. useradd jackie

2. useradd curtin

3. useradd david

useradd command is used to create the user. All user's information stores in /etc/passwd and user;s shadow password stores in /etc/shadow.

Q3. CORRECT TEXT

Using squid block Internet to 192.168.1.0/24 Network and allow to 192.168.0.0/24 Network.

Answer and Explanation:

1. vi /etc/squid/squid.conf

#detault:

http_port 8080

#Recommended minimum configuration:

# Near the src acl src section

acl allownet src 192.168.0.0/255.255.255.0

acl denynet src 192.168.1.0/255.255.255.0

#Default:

# http_access deny all

#Under Here

http_access allow allownet

http_access deny denynet

2. service squid start

3. chkconfig squid on

squid is a proxy caching server, using squid we can share the internet, block the internet, to certain network. First we should define the port for squid, the standard port for squid is 3128. We can run squid on different port by specifying http_port portnumber.

To block or allow the Internet access to hosts, we should create the acl (Access Control List). In this file we can specify only the IP address.

Example: acl aclname src IP/Netmask

After creating acl we can block or allow the internet to specified acl.

http_access allow | deny alcname

Q4. CORRECT TEXT

Create the user named jane and john.

Answer and Explanation:

1. useradd jane

2. useradd john

useradd command is used to create the user. All user's information stores in /etc/passwd and user;s shadow password stores in /etc/shadow.

Q5. CORRECT TEXT

Fill up the Form through http://server1.example.com/form.php

Answer and Explanation:

1. Open the Browser and type the above URL.

2. Fill the form as required all information.

Q6. CORRECT TEXT

All mails to my133t.org should get by marion user.

Answer and Explanation:

3. vi /etc/mail/virtusertable

@my133t.org marion

# service sendmail restart

/etc/mail/virtusertable file is used to send the mail coming for virtual user to real user. According to question, all mail to cracker.org should get by eric user so

@my133t.org eric : Which sends all mail of cracker.org to eric user.

Q7. CORRECT TEXT

Fill up the Form through http://server1.example.com/form.php

Answer and Explanation:

1. Open the Browser and type the above URL.

2. Fill the form as required all information.

Q8. CORRECT TEXT

The System you are using is for NFS (Network File Services). Some important data are shared from your system. Make automatically start the nfs and portmap services at boot time.

Answer and Explanation:

We can control the services for current session and for next boot time also. For current Session, we use service servicename start or restart or stop or status. For automatically on next reboot time:

1. chkconfig servicename on or off

eg: chkconfig nfs on

chkconfig portmap on

or

ntsysv

Select the nfs and portmap services.

2. Reboot the system and identify whether services are running or not.

Q9. CORRECT TEXT

Create the directory /archive and group owner should be the sysuser group.

Answer and Explanation:

1. chgrp sysuser /archive

2. Verify using ls -ld /archive command. You should get like

drwxr-x--- 2 root sysadmin 4096 Mar 16 17:59 /archive

chgrp command is used to change the group ownership of particular files or directory.

Another way you can use the chown command.

chown root:sysuser /archive

Q10. CORRECT TEXT

You have a domain in your LAN named example.com. Allow the FTP connection only from local domain.

Answer and Explanation:

1. vi /etc/hosts.deny

vsftpd:ALL EXCEPT .example.com

We can secure the services using tcp_wrappers. There are main two files, /etc/hosts.allow and /etc/hosts.deny.

There will be three stage access checking

-Is access explicitly permitted? Means permitted from /etc/hosts.allow?

- Otherwise, Is access explicitly denied? Means denied from /etc/hosts.deny?

- Otherwise, by default permit access if neither condition matched.

To deny the services we can configure /etc/hosts.deny file using ALL and EXCEPT operation.

Pattern of /etc/hosts.allow and /etc/hosts.deny file is:

Demon_list:client_list:options

In Client list can be either domain name or IP address.