Cisco Network / Linux / 모의 해킹 / 정보 보안 :: Linux III - 03. main 서버 클론 및 IP 주소 & Telnet 설정

서버/Linux III 2016. 3. 10. 14:38

Linux III - 03. main 서버 클론 및 IP 주소 & Telnet 설정

VMware를 이용하여 main 서버를 클론하도록 하며, 클론된 서버는 메모리를 512M, CPU 1개로 조정하도록 한다.

VM -> Manage -> Clone 클릭

'다음(N)' 클릭

'The current state in the virtual machine' 선택 -> '다음(N)' 클릭

'Create a full clone' 선택 -> '다음(N)' 클릭

머신 이름 입력 -> 설치할 폴더 지정

클론 진행중

클론 완료

메모리 512M & CPU 1개 조정

Clone1를 생성했다면, 같은 방법으로 Clone2를 생성하도록 한다.

Clone1를 먼저 실행하도록 한다.

1. Xwindow을 이용한 clone1 환경 설정

1) clone1 eth 장치 이름 변경

- main 서버 VMware 등록 정보의 이더넷 장치랑 충돌되기 때문에 인터페이스 이름을 eth2, eth3으로 사용하게 된다.

[root@main /root/바탕화면]# ifconfig
lo        Link encap:Local Loopback
          inet addr:127.0.0.1 Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING MTU:65536 Metric:1
          RX packets:16 errors:0 dropped:0 overruns:0 frame:0
          TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:960 (960.0 b) TX bytes:960 (960.0 b)

[root@main /root/바탕화면]# cat /etc/udev/rules.d/70-persistent-net.rules

[root@main /root/바탕화면]# rm /etc/udev/rules.d/70-persistent-net.rules
rm: remove 일반 파일 `/etc/udev/rules.d/70-persistent-net.rules'? y

[root@main /root/바탕화면]# reboot

- Vmware clone1 우클릭 -> Settings -> Network Adapter -> Advanced -> Bridged(eth0) MAC 주소 확인

- Vmware clone1 우클릭 -> Settings -> Network Adapter -> Advanced -> NAT(eth1) MAC 주소 확인

- 재부팅이 완료되었다면, '70-persistent-net.rules'파일에서 eth 이름을 변경하고 재부팅을 실시한다.

[root@main /root/바탕화면]# vi /etc/udev/rules.d/70-persistent-net.rules

1 # This file was automatically generated by the /lib/udev/write_net_rules
2 # program, run by the persistent-net-generator.rules rules file.
3 #
4 # You can modify it, as long as you keep each rule on a single
5 # line, and change only the value of the NAME= key.
6
7 # PCI device 0x8086:0x100f (e1000)
8 SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:0c:29:00:2d:b7", ATTR{type}=="1", KERNEL=="eth*", NAME="eth2" <- eth0 수정
9
10 # PCI device 0x8086:0x100f (e1000)
11 SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:0c:29:00:2d:c1", ATTR{type}=="1", KERNEL=="eth*", NAME="eth3" <- eth1 수정

: wq!

[root@main /root/바탕화면]# reboot

- 재부팅이 완료되었다면, eth0과 eth1을 up을 시킨다음, MAC 주소를 확인하도록 한다.

[root@main /root/바탕화면]# ifconfig eth0 up
[root@main /root/바탕화면]# ifconfig eth1 up

[root@main /root/바탕화면]# ifconfig
eth0      Link encap:Ethernet HWaddr 00:0C:29:00:2D:B7
          inet6 addr: fec0:1234::20c:29ff:fe00:2db7/64 Scope:Site
          inet6 addr: fe80::20c:29ff:fe00:2db7/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
          RX packets:315 errors:0 dropped:0 overruns:0 frame:0
          TX packets:5 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:28077 (27.4 KiB) TX bytes:406 (406.0 b)

eth1      Link encap:Ethernet HWaddr 00:0C:29:00:2D:C1
          inet6 addr: fe80::20c:29ff:fe00:2dc1/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
          RX packets:11 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:660 (660.0 b) TX bytes:238 (238.0 b)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1 Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING MTU:65536 Metric:1
          RX packets:92 errors:0 dropped:0 overruns:0 frame:0
          TX packets:92 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:7008 (6.8 KiB) TX bytes:7008 (6.8 KiB)

2) clone1 MAC 주소 및 IP 주소 설정

장치	IP	Subnet Mask	Gateway	DNS
eth0	172.20.1.101	255.255.0.0	-	-
eth1	192.168.1.101	255.255.255.0	192.168.1.254	168.126.63.1

- vi 편집기를 이용하여 eth0, eth1 MAC 주소 및 IP 주소를 변경하도록 한다.

[root@main /root/바탕화면]# vi /etc/sysconfig/network-scripts/ifcfg-eth0

1 DEVICE=eth0
2 TYPE=Ethernet
3 UUID=10a63f41-0a00-4e31-8112-ccb1d344bfc6
4 ONBOOT=yes
5 NM_CONTROLLED=no
6 BOOTPROTO=none
7 HWADDR=00:0C:29:E9:9C:40 <- 00:0C:29:00:2D:B7 수정
8 IPADDR=172.20.1.1 <- 172.20.1.101 수정
9 PREFIX=16
10 DEFROUTE=yes
11 IPV4_FAILURE_FATAL=yes
12 IPV6INIT=no
13 NAME="System eth0"

: wq!

[root@main /root/바탕화면]# vi /etc/sysconfig/network-scripts/ifcfg-eth1

1 DEVICE=eth1
2 TYPE=Ethernet
3 UUID=f0625107-190c-4dd7-8a2c-41b65a08749b
4 ONBOOT=yes
5 NM_CONTROLLED=no
6 BOOTPROTO=none
7 HWADDR=00:0C:29:E9:9C:4A <- 00:0C:29:00:2D:C1 수정
8 IPADDR=192.168.1.100 <- 192.168.1.101 수정
9 PREFIX=24
10 GATEWAY=192.168.1.254
11 DNS1=168.126.63.1
12 DEFROUTE=yes
13 IPV4_FAILURE_FATAL=yes
14 IPV6INIT=no
15 NAME="System eth1"

: wq!

- 'network' 서비스를 재시작한다.

[root@main /root/바탕화면]# service network restart
인터페이스 eth0 (을)를 종료 중:                            [ OK ]
인터페이스 eth1 (을)를 종료 중:                            [ OK ]
loopback 인터페이스 종료 중:                               [ OK ]
loopback 인터페이스 활성화중 입니다:                       [ OK ]
eth0 인터페이스 활성화중 입니다: Determining if ip address 172.20.1.101 is already in use for device eth0...
                                                           [ OK ]
eth1 인터페이스 활성화중 입니다: Determining if ip address 192.168.1.101 is already in use for device eth1...
                                                           [ OK ]

[root@main /root/바탕화면]# ifconfig
eth0      Link encap:Ethernet HWaddr 00:0C:29:00:2D:B7
          inet addr:172.20.1.101 Bcast:172.20.255.255 Mask:255.255.0.0
          inet6 addr: fec0:1234::20c:29ff:fe00:2db7/64 Scope:Site
          inet6 addr: fe80::20c:29ff:fe00:2db7/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
          RX packets:13002 errors:0 dropped:0 overruns:0 frame:0
          TX packets:14 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:1148784 (1.0 MiB) TX bytes:980 (980.0 b)

eth1      Link encap:Ethernet HWaddr 00:0C:29:00:2D:C1
          inet addr:192.168.1.101 Bcast:192.168.1.255 Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fe00:2dc1/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
          RX packets:748 errors:0 dropped:0 overruns:0 frame:0
          TX packets:14 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:45264 (44.2 KiB) TX bytes:964 (964.0 b)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1 Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING MTU:65536 Metric:1
          RX packets:204 errors:0 dropped:0 overruns:0 frame:0
          TX packets:204 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:15552 (15.1 KiB) TX bytes:15552 (15.1 KiB)

3) 호스트 이름 및 호스트 IP 주소 설정

- 호스트 이름 변경

[root@main /root/바탕화면]# vi /etc/sysconfig/network

1 NETWORKING=yes
2 HOSTNAME=main <- clone1 수정
3 GATEWAY=192.168.1.254
4 NTPSERVERARGS=iburst

: wq!

- 호스트 IP 주소 설정

[root@main /root/바탕화면]# vi /etc/hosts

1 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
2 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
3 172.20.1.101 clone1 clone1.com

: wq!

[root@main /root/바탕화면]# reboot

clone1 구성이 완료되었다면, clone2를 실행하도록 한다.

2. Xwindow을 이용한 clone2 환경 설정

장치	IP	Subnet Mask	Gateway	DNS
eth0	172.20.1.201	255.255.0.0	-	-
eth1	192.168.1.201	255.255.255.0	192.168.1.254	168.126.63.1

- 'clone1'과 동일한 방법으로 진행한다.

- 'clone2' 작업이 완료되었다면, 부팅 모드를 Run-Level 3(텍스트-모드)으로 조정하여, 재부팅을 실시한다.

[root@main /root/바탕화면]# vi /etc/inittab

  1 # inittab is only used by upstart for the default runlevel.
2 #
3 # ADDING OTHER CONFIGURATION HERE WILL HAVE NO EFFECT ON YOUR SYSTEM.
4 #
5 # System initialization is started by /etc/init/rcS.conf
6 #
7 # Individual runlevels are started by /etc/init/rc.conf
8 #
9 # Ctrl-Alt-Delete is handled by /etc/init/control-alt-delete.conf
10 #
11 # Terminal gettys are handled by /etc/init/tty.conf and /etc/init/serial.conf,
12 # with configuration in /etc/sysconfig/init.
13 #
14 # For information on how to write upstart event handlers, or how
15 # upstart works, see init(5), init(8), and initctl(8).
16 #
17 # Default runlevel. The runlevels used are:
18 #   0 - halt (Do NOT set initdefault to this)
19 #   1 - Single user mode
20 #   2 - Multiuser, without NFS (The same as 3, if you do not have networking)
21 #   3 - Full multiuser mode
22 #   4 - unused
23 #   5 - X11
24 #   6 - reboot (Do NOT set initdefault to this)
25 #
26 id:5:initdefault: <- id:3:initdefault: 수정

: wq!

[root@main /root/바탕화면]# reboot

3. main, clone1, clone2 네트워크 테스트

- main, clone1, clone2를 실행한다.

- 'Putty'를 이용하여 main, clone1, clone2를 접속하도록 한다.

[root@clone2 /root]#

- main에서 clone1, clone2으로 Ping 테스트를 실시한다.

[root@main /root]# ping -c 1 172.20.1.101
PING 172.20.1.101 (172.20.1.101) 56(84) bytes of data.
64 bytes from 172.20.1.101: icmp_seq=1 ttl=64 time=1.98 ms

--- 172.20.1.101 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 2ms
rtt min/avg/max/mdev = 1.987/1.987/1.987/0.000 ms

[root@main /root]# ping -c 1 172.20.1.201
PING 172.20.1.201 (172.20.1.201) 56(84) bytes of data.
64 bytes from 172.20.1.201: icmp_seq=1 ttl=64 time=2.81 ms

--- 172.20.1.201 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 2ms
rtt min/avg/max/mdev = 2.819/2.819/2.819/0.000 ms

- clone1에서 main, clone2으로 Ping 테스트를 실시한다.

[root@clone1 /root]# ping -c 1 172.20.1.1
PING 172.20.1.1 (172.20.1.1) 56(84) bytes of data.
64 bytes from 172.20.1.1: icmp_seq=1 ttl=64 time=0.428 ms

--- 172.20.1.1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.428/0.428/0.428/0.000 ms

[root@clone1 /root]# ping -c 1 172.20.1.201
PING 172.20.1.201 (172.20.1.201) 56(84) bytes of data.
64 bytes from 172.20.1.201: icmp_seq=1 ttl=64 time=0.717 ms

--- 172.20.1.201 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.717/0.717/0.717/0.000 ms

- clone2에서 main, clone1으로 Ping 테스트를 실시한다.

[root@clone2 /root]# ping -c 1 172.20.1.1
PING 172.20.1.1 (172.20.1.1) 56(84) bytes of data.
64 bytes from 172.20.1.1: icmp_seq=1 ttl=64 time=0.605 ms

--- 172.20.1.1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.605/0.605/0.605/0.000 ms

[root@clone2 /root]# ping -c 1 172.20.1.101
PING 172.20.1.101 (172.20.1.101) 56(84) bytes of data.
64 bytes from 172.20.1.101: icmp_seq=1 ttl=64 time=0.311 ms

--- 172.20.1.101 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.311/0.311/0.311/0.000 ms

4. main, clone1, clone2 호스트를 지정하도록 한다.

- main에서 clone1, clone2 호스트 IP 주소 설정

[root@main /root]# vi /etc/hosts

1 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
2 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
3 172.20.1.1 main main.com
4 172.20.1.101 clone1 clone1.com <- 추가
5 172.20.1.201 clone2 clone2.com <- 추가

: wq!

- clone1에서 main, clone2 호스트 IP 주소 설정

[root@clone1 /root]# vi /etc/hosts

1 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomai n4
2 ::1 localhost localhost.localdomain localhost6 localhost6.localdomai n6
3 172.20.1.101 clone1 clone1.com
4 172.20.1.1 main main.com <- 추가
5 172.20.1.201 clone2 clone2.com <- 추가

: wq!

- clone2에서 main, clone1 호스트 IP 주소 설정

[root@clone2 /root]# vi /etc/hosts

1 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomai n4
2 ::1 localhost localhost.localdomain localhost6 localhost6.localdomai n6
3 172.20.1.201 clone2 clone2.com
4 172.20.1.1 main main.com <- 추가
5 172.20.1.101 clone1 clone1.com <- 추가

: wq!

- 호스트 Ping 테스트 실시

[root@main /root]# ping -c 1 clone1
[root@main /root]# ping -c 1 clone1.com

[root@main /root]# ping -c 1 clone2

[root@main /root]# ping -c 1 clone1.com

[root@clone1 /root]# ping -c 1 main
[root@clone1 /root]# ping -c 1 main.com

[root@clone1 /root]# ping -c 1 clone2

[root@clone1 /root]# ping -c 1 clone2.com

[root@clone2 /root]# ping -c 1 main
[root@clone2 /root]# ping -c 1 main.com

[root@clone2 /root]# ping -c 1 clone1

[root@clone2 /root]# ping -c 1 clone1.com

[참고] eth1을 사용하지 않을 경우, main에서 다음과 같이 NAT & IP Forward 설정을 추가한다.

[root@main /root]# chkconfig iptables on

[root@main /root]# service iptables stop

[root@main /root]# iptables -A FORWARD -i eth0 -j ACCEPT
[root@main /root]# iptables -A FORWARD -o eth0 -j ACCEPT
[root@main /root]# iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE

[root@main /root]# service iptables save

[root@main /root]# service iptables status

[root@main /root]# vi /etc/sysctl.conf

1 # Kernel sysctl configuration file for Red Hat Linux
2 #
3 # For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and
4 # sysctl.conf(5) for more details.
5
6 # Controls IP packet forwarding
7 net.ipv4.ip_forward = 1 <- '0'을 '1'로 변경
8

: wq!

[root@main /root]# reboot

5. 'Telnet-Server' & 'Telnet' 클라이언트 설치

- 'Telnet-Server' & 'Telnet' 클라이언트 설치 유무를 확인한다.

[root@main /root]# yum list telnet-server
Loaded plugins: fastestmirror, refresh-packagekit, security
Loading mirror speeds from cached hostfile
* base: centos.tt.co.kr
* extras: mirror.oasis.onnetcorp.com
* updates: mirror.oasis.onnetcorp.com
base                                                                       | 3.7 kB     00:00
extras                                                                     | 3.4 kB     00:00
updates                                                                    | 3.4 kB     00:00
updates/primary_db                                                         | 4.0 MB     00:00
Available Packages
telnet-server.x86_64                              1:0.17-48.el6

[root@main /root]# yum list telnet
Loaded plugins: fastestmirror, refresh-packagekit, security
Loading mirror speeds from cached hostfile
* base: centos.tt.co.kr
* extras: mirror.oasis.onnetcorp.com
* updates: mirror.oasis.onnetcorp.com
Available Packages
telnet.x86_64 1:0.17-48.el6 base
[root@main /root]#

- 'Telnet-Server' & 'Telnet' 클라이언트 설치 실시

[root@main /root]# yum -y install telnet-server
[root@main /root]# yum -y install telnet

[root@main /root]# rpm -ql telnet-server
/etc/xinetd.d/telnet
/usr/sbin/in.telnetd
/usr/share/man/man5/issue.net.5.gz
/usr/share/man/man8/in.telnetd.8.gz
/usr/share/man/man8/telnetd.8.gz

- 'Telnet-Server' 설치 후, 환경 설정 변경

[root@main /root]# vi /etc/xinetd.d/telnet

1 # default: on
2 # description: The telnet server serves telnet sessions; it uses \
3 #   unencrypted username/password pairs for authentication.
4 service telnet
5 {
6     flags       = REUSE
7     socket_type = stream
8     wait        = no
9     user        = root
10     server      = /usr/sbin/in.telnetd
11     log_on_failure += USERID
12     disable     = yes <- no 수정
13

: wq!

- 'xinetd' 재시작 실시

[root@main /root]# service xinetd restart
'xinetd 를 정지 중: [ OK ]
xinetd (을)를 시작 중: [ OK ]

- telnet 접속 확인

[root@main /root]# telnet localhost
Trying ::1...
Connected to localhost.
Escape character is '^]'.
CentOS release 6.6 (Final)
Kernel 2.6.32-504.el6.x86_64 on an x86_64
login: user1
Password: centos
Last login: Mon Mar 14 14:04:30 from localhost
[user1@main /home/user1]$
[user1@main /home/user1]$ exit
logout
Connection closed by foreign host.
[root@main /root]#

- 같은 방법으로 clone1, clone2에서도 'Telnet-Server', 'Telnet' 클라이언트를 설치하도록 한다.

저작자표시 비영리 변경금지

'서버 > Linux III' 카테고리의 다른 글

Linux III - 06. FTP 클라이언트 (0)	2016.03.15
Linux III - 05. 리눅스 서비스 운영 방식(Standalone & xinetd) (0)	2016.03.14
Linux III - 04. 방화벽 해지하는 방법 (0)	2016.03.14
Linux III - 02. 리눅스 네트워크 설정 (0)	2016.03.09
Linux III - 01. 리눅스 메인 서버 설치 (0)	2016.03.08

Posted by 김정우 강사(카카오톡 : kim10322)

Cisco Network / Linux / 모의 해킹 / 정보 보안

'서버 > Linux III' 카테고리의 다른 글

카테고리

링크

티스토리툴바