VM - HackMD

# VM ###### tags: skills39 >## VMware >>### install windows >>>#### install windows 10 >>>#### install windwos server >>>1. set the Language and region >>>![](https://i.imgur.com/yRuSBhP.png) >>>2. install >>>![](https://i.imgur.com/hZPLeCW.png) >>>3. set the version >>>![](https://i.imgur.com/Z7FDuzT.png) >>>4. agree the accept the license terms >>>![](https://i.imgur.com/SEg9quQ.png) >>>5. select disk pratition >>>![](https://i.imgur.com/SdGBqwn.png) >>>6. what for the install to complete >>>![](https://i.imgur.com/eWfNw8u.png) >>>7. login to the account >>>![](https://i.imgur.com/D0wGswM.png) >>>![](https://i.imgur.com/SmYIaq1.png) >>>8. done!!! >>>![](https://i.imgur.com/ZkhH9Mc.png) >>### install linux >>>#### install debian --------------------------------------------- >>## windows server >>>### Active Directory >>>#### Active Directory install >>>open windwos server manager >>>![](https://i.imgur.com/7VwH8mA.png) >>>Add roles and features >>>![](https://i.imgur.com/Ve67fHo.png) >>>Next >>>![](https://i.imgur.com/J3MFlv6.png) >>>Next >>>![](https://i.imgur.com/3snHAB2.png) >>>Next >>>![](https://i.imgur.com/gXvzaCP.png) >>>select Active Directory Domain Service >>>![](https://i.imgur.com/MAvvnHR.png) >>>Add Feature >>>![](https://i.imgur.com/NCkJJi2.png) >>>Next >>>![](https://i.imgur.com/ob6AS8H.png) >>>install >>>![](https://i.imgur.com/4V9k5vy.png) >>>what for the installation >>>![](https://i.imgur.com/ydg5mtw.png) >>>Close >>>![](https://i.imgur.com/wMucCvW.png) >>>done >>>#### Active Directory setup >>>![](https://i.imgur.com/h1EU1wQ.png) >>> >>>![](https://i.imgur.com/nJs38mL.png) >>> >>>![](https://i.imgur.com/Yv1aIM8.png) >>> >>>![](https://i.imgur.com/xC6peLI.png) >>> >>>![](https://i.imgur.com/DsezkMI.png) >>> >>>![](https://i.imgur.com/8GRN3F5.png) >>> >>>![](https://i.imgur.com/PeBLeTC.png) >>> >>>![](https://i.imgur.com/wkmUaxs.png) >>> >>>![](https://i.imgur.com/CSB6VJu.png) >>> >>>![](https://i.imgur.com/2UcjD37.png) >>> >>>![](https://i.imgur.com/l0D1KRm.png) >>> >>>#### Active Directory password policy >>>#### add user to group >>>``` >>>C:\Users\Administrator>net user "username" "password" /add >>>C:\Users\Administrator>net group "group-name" "username" /add >>>``` >>>### DHCP server >>>![](https://i.imgur.com/BhnXyOx.png) >>## windows >>>mount smb in clt >>>>```net use Z: \\computer_name\share_name``` >>>> >>>for loop >>>>```for /l %x in (1, 1, 10) do ``` >>>> --------------------------------------------- ## linux debiab #### basic command ``` cd [OPTIONS] directory #change the current directory to DIR ``` #### install basic package ``` apt-get install vim net-tools tree ``` #### install vm-tools ``` #mount vm-tools install cdrom mount /dev/cdrom /mnt/cdrom #copy installation tar file to other location cp /mnt/cdrom/VMwareTools-version.tar.gz /tmp/ #cd into the directory that just copy to cd /tmp #upzip the installation tar tar -zxvf VMwareTools-version.tar.gz #cd into the file just unzip cd vmware-tools-distrib #run the installation ./vmware-install.pl ``` config repository list ``` /etc/apt/sources.list.d/ ``` ### network config #### List Network Interfaces ``` ip link show ``` #### change network interface name ``` vim /etc/default/grub GRUB_CMDLINE_LINUX="" GRUB_CMDLINE_LINUX="net.ifnames=0 biosdevname=0" grub-mkconfig -o /boot/grub/grub.cfg ``` #### set network interface ``` vim /etc/network/interface ``` DHCP ``` auot eth0 iface eth0 inet dhcp ``` Static IP ``` auto eth0 iface eth0 inet static address 192.168.11.87 netmask 255.255.255.0 gateway 192.168.11.1 ``` reload networking config ``` /etc/init.d/networking restart ``` or ``` service networking restart ``` ### DNS service #### install bind9 ``` sudo apt-get install bind9 bind9utils bind9-doc dnsutils ``` ## web ### apache2 #### install apache2 web server ``` apt-get install apache2 ``` #### start apache web server ``` service apache2 start ``` #### check apache2 status ``` systemctl status apache2 ``` #### config apache web server ``` apache2 #find the config file cd /etc/apache2 ``` ### config apache2 VirtualHost https://httpd.apache.org/docs/2.4/vhosts/examples.html https://noter.tw/3980/ubuntu-16-04-%E8%A8%AD%E5%AE%9A-apache-virtualhost-2/ ``` <VirtualHost *:80> # 自己要對應的 domain ServerName mydomain.com ServerAdmin webmaster@localhost # html檔目錄路徑 DocumentRoot /var/www/html/mydomain/ # 這可以設定 log 等級 #LogLevel info ssl:warn # log 檔案路徑 ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost> ``` --- ### nginx #### install nginx web server ``` apt-get install nginx ``` #### start nginx server ``` service nginx ``` #### check nginx status ``` systemctl status nginx ``` #### http to https ``` server { listen 80; server_name names; return 301 https://names; } ``` --- ## ssl ### create key and crt ``` openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout server.key -out server.crt ``` ### generat pfx ``` openssl pkcs12 -export -out server.pfx -inkey server.key -in server.crt ``` ### dns service #### seup dns service ### NAT use iptables command to setup NAT ![](https://i.imgur.com/Gbi86KE.gif) 刪除現有規則 ``` iptables -F (OR) iptables --flush ``` ### Firewall use iptables command to setup firewall https://www.thegeekdiary.com/centos-rhel-how-to-block-incoming-and-outgoing-ports-using-iptables/ allow an incoming port using iptables commamd ``` iptables -A INPUT -p tcp --dport [port number] -j ACCEPT ``` block all incoming port using iptables command ``` iptables -A INPUT-j REJECT ``` port forward ``` iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to 192.168.0.1 ``` enable forward ``` sysctl net.ipv4.ip_forward=1 ``` save rules ``` iptables-save > /etc/[name] ``` restore the rules ``` iptables-restore /etc/[name] ``` --------------------------------------------