Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@localhost ~]# setenforce 0
[root@localhost ~]# vim /etc/selinux/config
[root@localhost ~]#
![](https://img-blog.csdnimg.cn/direct/b4d37e21034f4c5abe2b9645b83c2e6f.png)
##
### 安装软件
![](https://img-blog.csdnimg.cn/direct/d0dc1bfbed134523b3bb1193c84f937f.png)
[root@localhost ~]# cd /mnt/Packages
[root@localhost Packages]# ls | grep bind //ls过滤有没有bind开头
bind-9.11.4-26.P2.el7_9.9.x86_64.rpm
bind-chroot-9.11.4-26.P2.el7_9.9.x86_64.rpm
bind-dyndb-ldap-11.1-7.el7.x86_64.rpm
bind-export-libs-9.11.4-26.P2.el7_9.9.x86_64.rpm
bind-libs-9.11.4-26.P2.el7_9.9.x86_64.rpm
bind-libs-lite-9.11.4-26.P2.el7_9.9.x86_64.rpm
bind-license-9.11.4-26.P2.el7_9.9.noarch.rpm
bind-pkcs11-9.11.4-26.P2.el7_9.9.x86_64.rpm
bind-pkcs11-libs-9.11.4-26.P2.el7_9.9.x86_64.rpm
bind-pkcs11-utils-9.11.4-26.P2.el7_9.9.x86_64.rpm
bind-utils-9.11.4-26.P2.el7_9.9.x86_64.rpm
cmpi-bindings-pywbem-0.9.5-6.el7.x86_64.rpm
keybinder3-0.3.0-1.el7.x86_64.rpm
rpcbind-0.2.0-49.el7.x86_64.rpm
samba-winbind-4.10.16-19.el7_9.x86_64.rpm
samba-winbind-modules-4.10.16-19.el7_9.x86_64.rpm
ypbind-1.37.1-9.el7.x86_64.rpm
[root@localhost Packages]#
[root@localhost ~]# yum install -y bind //安装软件
已加载插件:fastestmirror, langpacks
Loading mirror speeds from cached hostfile
正在解决依赖关系
–> 正在检查事务
—> 软件包 bind.x86_64.32.9.11.4-26.P2.el7_9.9 将被 安装
–> 解决依赖关系完成
依赖关系解决
================================================================================================================================================================
Package 架构 版本 源 大小
正在安装:
bind x86_64 32:9.11.4-26.P2.el7_9.9 local 2.3 M
事务概要
安装 1 软件包
总下载量:2.3 M
安装大小:5.4 M
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
正在安装 : 32:bind-9.11.4-26.P2.el7_9.9.x86_64 1/1
验证中 : 32:bind-9.11.4-26.P2.el7_9.9.x86_64 1/1
已安装:
bind.x86_64 32:9.11.4-26.P2.el7_9.9
完毕!
[root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]# rpm -qc bind //查询bind软件包安装路径和各配置文档的具体路径
/etc/logrotate.d/named
/etc/named.conf
/etc/named.iscdlv.key
/etc/named.rfc1912.zones
/etc/named.root.key
/etc/rndc.conf
/etc/rndc.key
/etc/sysconfig/named
/var/named/named.ca
/var/named/named.empty
/var/named/named.localhost
/var/named/named.loopback
[root@localhost ~]#
![](https://img-blog.csdnimg.cn/direct/d6a79ba0922c46c4b030144fab7caba7.png)
[root@localhost ~]# vim /etc/named.conf
![](https://img-blog.csdnimg.cn/direct/4f32bc87a0364dd6b33fc7db43c94751.png)
### 也可以这样
![](https://img-blog.csdnimg.cn/direct/98ca7ded9dbc498c88be8d4424efeeb6.png)![](https://img-blog.csdnimg.cn/direct/17188e1161ec45e3af1c7504c2f25b57.png) ![](https://img-blog.csdnimg.cn/direct/c79651ad6ec64b1486fdb0769eb37b6c.png)
![](https://img-blog.csdnimg.cn/direct/888939808ee44bb09f0db08962bd4f6b.png)
[root@localhost ~]# vim /etc/named.rfc1912.zones
//定义相关区域,域名
![](https://img-blog.csdnimg.cn/direct/b90528c579434dd4992fafdee4fe3cbd.png)
![](https://img-blog.csdnimg.cn/direct/ccb4a9a85c40455bb13f99b5a34e0ccb.png)
![](https://img-blog.csdnimg.cn/direct/67122d7f6cdb4e8ba9df335334cd290a.png) ![](https://img-blog.csdnimg.cn/direct/fde713bef77845e1bbc4412da100211d.png)
[root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]# cd /var/named/ //定义域服务器
[root@localhost named]# ls
data named.ca named.localhost slaves
dynamic named.empty named.loopback
[root@localhost named]# ll
总用量 16
drwxrwx—. 2 named named 6 2月 24 2022 data
drwxrwx—. 2 named named 6 2月 24 2022 dynamic
-rw-r-----. 1 root named 2253 4月 5 2018 named.ca
-rw-r-----. 1 root named 152 12月 15 2009 named.empty
-rw-r-----. 1 root named 152 6月 21 2007 named.localhost
-rw-r-----. 1 root named 168 12月 15 2009 named.loopback
drwxrwx—. 2 named named 6 2月 24 2022 slaves
[root@localhost named]#
![](https://img-blog.csdnimg.cn/direct/e3b9638cab0a4c7c942cf3a159cb55db.png)
[root@localhost named]# cp -p named.localhost xy101.com.zone
[root@localhost named]# ll
总用量 20
drwxrwx—. 2 named named 6 2月 24 2022 data
drwxrwx—. 2 named named 6 2月 24 2022 dynamic
-rw-r-----. 1 root named 2253 4月 5 2018 named.ca
-rw-r-----. 1 root named 152 12月 15 2009 named.empty
-rw-r-----. 1 root named 152 6月 21 2007 named.localhost
-rw-r-----. 1 root named 168 12月 15 2009 named.loopback
drwxrwx—. 2 named named 6 2月 24 2022 slaves
-rw-r-----. 1 root named 152 6月 21 2007 xy101.com.zone
[root@localhost named]#
![](https://img-blog.csdnimg.cn/direct/b6925d4923574082933d96c228909d96.png)
[root@localhost named]# vim xy101.com.zone
[root@localhost named]#
![](https://img-blog.csdnimg.cn/direct/508fac9f4991481988dc0e2d35ffc26c.png)
![](https://img-blog.csdnimg.cn/direct/2c6f7c956ab64a43816f6845c851aa88.png)
[root@localhost named]# systemctl start named
[root@localhost named]# systemctl enable named
Created symlink from /etc/systemd/system/multi-user.target.wants/named.service to /usr/lib/systemd/system/named.service.
[root@localhost named]#
![](https://img-blog.csdnimg.cn/direct/d94d3ca0582942639d749f0615ff7866.png)
### 验证
#### 客户端设置DNS服务器地址
![](https://img-blog.csdnimg.cn/direct/dd09e8cc40c0443d8a20d21f06564462.png) ![](https://img-blog.csdnimg.cn/direct/ceff235ff53c48f988c3d5e83a9fac62.png)
![](https://img-blog.csdnimg.cn/direct/0c7b3c5457904718af38199864a27084.png)
[root@localhost ~]# vim /etc/resolv.conf
[root@localhost ~]#
[root@localhost ~]# nslookup www.xy101.com
Server: 20.0.0.30
Address: 20.0.0.30#53
Name: www.xy101.com
Address: 20.0.0.40
[root@localhost ~]# nslookup mail.xy101.com
Server: 20.0.0.30
Address: 20.0.0.30#53
Name: mail.xy101.com
Address: 20.0.0.50
[root@localhost ~]# nslookup news.xy101.com
Server: 20.0.0.30
Address: 20.0.0.30#53
Name: news.xy101.com
Address: 20.0.0.60
[root@localhost ~]# nslookup ftp.xy101.com
Server: 20.0.0.30
Address: 20.0.0.30#53
ftp.xy101.com canonical name = www.xy101.com.
Name: www.xy101.com
Address: 20.0.0.40
[root@localhost ~]# nslookup biubiubiu.xy101.com
Server: 20.0.0.30
Address: 20.0.0.30#53
Name: biubiubiu.xy101.com
Address: 20.0.0.100
[root@localhost ~]#
[root@localhost ~]# host www.xy101.com
www.xy101.com has address 20.0.0.40
[root@localhost ~]# host ftp.xy101.com
ftp.xy101.com is an alias for www.xy101.com.
www.xy101.com has address 20.0.0.40
[root@localhost ~]#
[root@localhost ~]# dig www.xy101.com
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.9 <<>> www.xy101.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10366
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.xy101.com. IN A
;; ANSWER SECTION:
www.xy101.com. 86400 IN A 20.0.0.40
;; AUTHORITY SECTION:
xy101.com. 86400 IN NS xy101.com.
;; ADDITIONAL SECTION:
xy101.com. 86400 IN A 20.0.0.30
;; Query time: 0 msec
;; SERVER: 20.0.0.30#53(20.0.0.30)
;; WHEN: 五 4月 26 02:48:42 CST 2024
;; MSG SIZE rcvd: 88
[root@localhost ~]#
## 实验DNS反向解析:
### 在正向的基础上
[root@localhost ~]# vim /etc/named.conf
![](https://img-blog.csdnimg.cn/direct/46cf9efbda4e444da18509f0cec11037.png)
[root@localhost ~]# vim /etc/named.rfc1912.zones
![](https://img-blog.csdnimg.cn/direct/54a9d4137c404c7aa7af8fdf497bcfbb.png)
![](https://img-blog.csdnimg.cn/direct/76149f1f16d042fb9931b8eb13653493.png)
[root@localhost ~]#
[root@localhost ~]# cd /var/named/
[root@localhost named]# ls
data dynamic named.ca named.empty named.localhost named.loopback slaves xy101.com.zone
[root@localhost named]# ll
总用量 20
drwxrwx—. 2 named named 23 4月 25 18:17 data
drwxrwx—. 2 named named 60 4月 25 18:18 dynamic
-rw-r-----. 1 root named 2253 4月 5 2018 named.ca
-rw-r-----. 1 root named 152 12月 15 2009 named.empty
-rw-r-----. 1 root named 152 6月 21 2007 named.localhost
-rw-r-----. 1 root named 168 12月 15 2009 named.loopback
drwxrwx—. 2 named named 6 2月 24 2022 slaves
-rw-r-----. 1 root named 294 4月 25 18:16 xy101.com.zone
[root@localhost named]#
[root@localhost named]#
[root@localhost named]# cp -p xy101.com.zone xy101.com.zone.local
[root@localhost named]# ll
总用量 24
drwxrwx—. 2 named named 23 4月 25 18:17 data
drwxrwx—. 2 named named 60 4月 25 18:18 dynamic
-rw-r-----. 1 root named 2253 4月 5 2018 named.ca
-rw-r-----. 1 root named 152 12月 15 2009 named.empty
-rw-r-----. 1 root named 152 6月 21 2007 named.localhost
-rw-r-----. 1 root named 168 12月 15 2009 named.loopback
drwxrwx—. 2 named named 6 2月 24 2022 slaves
-rw-r-----. 1 root named 294 4月 25 18:16 xy101.com.zone
-rw-r-----. 1 root named 294 4月 25 18:16 xy101.com.zone.local
[root@localhost named]#
![](https://img-blog.csdnimg.cn/direct/297639b75617420db8dfdd1485fa6fb9.png)
[root@localhost named]#
[root@localhost named]# vim xy101.com.zone.local
![](https://img-blog.csdnimg.cn/direct/40bda71ed48943c6b6c2700794cd82bd.png)
![](https://img-blog.csdnimg.cn/direct/3f3ea75d8ccf48df9b2e7f18bbb9708f.png)
[root@localhost named]# systemctl restart named
[root@localhost named]#
### 验证
![](https://img-blog.csdnimg.cn/direct/d4e2dee866564e4a9a06915a7fefdab4.png)
![](https://img-blog.csdnimg.cn/direct/6ac6249745b348a58ade92dc8e0fffe4.png)
[root@localhost ~]# nslookup 20.0.0.40
40.0.0.20.in-addr.arpa name = www.xy101.com.
[root@localhost ~]# nslookup 20.0.0.50
50.0.0.20.in-addr.arpa name = mail.xy101.com.
[root@localhost ~]# nslookup 20.0.0.60
60.0.0.20.in-addr.arpa name = news.xy101.com.
[root@localhost ~]# host www.xy101.com.
www.xy101.com has address 20.0.0.40
[root@localhost ~]# host 20.0.0.40
40.0.0.20.in-addr.arpa domain name pointer www.xy101.com.
[root@localhost ~]# host 20.0.0.50
50.0.0.20.in-addr.arpa domain name pointer mail.xy101.com.
[root@localhost ~]# host 20.0.0.60
60.0.0.20.in-addr.arpa domain name pointer news.xy101.com.
[root@localhost ~]#
![](https://img-blog.csdnimg.cn/direct/060b9e58c337412b885ba25bb3e0a04c.png)
![](https://img-blog.csdnimg.cn/direct/21b234eb70fb42ffb361ad7d87b01c01.png) ![](https://img-blog.csdnimg.cn/direct/b490c60095284958a4d4203e0ceb5e2e.png)
![](https://img-blog.csdnimg.cn/direct/407bdd978eb745ec8f690814d17e01e1.png) ![](https://img-blog.csdnimg.cn/direct/c1cdc01114464820bfe8ea25621c8264.png)
##
## 实验搭建主从域名服务器
以下步骤两台虚拟机同时操作
![](https://img-blog.csdnimg.cn/direct/fea7d6f8fcb14cce8bbb1cd5ab63de34.png)
![](https://img-blog.csdnimg.cn/direct/24dc8a9936324f37b57f973252276a18.png)
![](https://img-blog.csdnimg.cn/direct/287d9dacc7334c348e3a893424c5ae8c.png)
![](https://img-blog.csdnimg.cn/direct/5175aa3dd1494c3e96f647bb1b3b5315.png)
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@localhost ~]# setenforce 0
[root@localhost ~]# vim /etc/selinux/config
[root@localhost ~]# df
文件系统 1K-块 已用 可用 已用% 挂载点
devtmpfs 1913548 0 1913548 0% /dev
tmpfs 1930624 0 1930624 0% /dev/shm
tmpfs 1930624 12784 1917840 1% /run
tmpfs 1930624 0 1930624 0% /sys/fs/cgroup
/dev/mapper/centos-root 36805060 4577592 32227468 13% /
/dev/sda1 1038336 191084 847252 19% /boot
tmpfs 386128 52 386076 1% /run/user/0
/dev/sr0 4635056 4635056 0 100% /mnt
[root@localhost ~]# yum install -y bind
已加载插件:fastestmirror, langpacks
Loading mirror speeds from cached hostfile
正在解决依赖关系
–> 正在检查事务
—> 软件包 bind.x86_64.32.9.11.4-26.P2.el7_9.9 将被 安装
–> 解决依赖关系完成
依赖关系解决
==========================================================================================================================================================
Package 架构 版本 源 大小
正在安装:
bind x86_64 32:9.11.4-26.P2.el7_9.9 local 2.3 M
事务概要
安装 1 软件包
总下载量:2.3 M
安装大小:5.4 M
Downloading packages:
Running transaction check
Running transaction test
Transacti
vim /etc/named.conf
![](https://img-blog.csdnimg.cn/direct/1c385252722f443491798e98e350c80a.png)
### **以上操作两台虚拟机都要操作**
### 修改主服务器
[root@localhost named]# vim /etc/named.rfc1912.zones
zone “xy101.com” IN {
type master;
file “xy101.com.zone”;
allow-transfer { 20.0.0.10; };
};
zone “0.0.20.in-addr.arpa” IN {
type master;
file “xy101.com.zone.local”;
allow-transfer { 20.0.0.10; };
};
zone “localhost.localdomain” IN {
type master;
file “named.localhost”;
allow-update { none; };
};
zone “localhost” IN {
type master;
file “named.localhost”;
allow-update { none; };
};
zone “1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa” IN {
type master;
file “named.loopback”;
allow-update { none; };
![](https://img-blog.csdnimg.cn/direct/67b5fd957e284a7f820bf3b9b9b1d437.png)
[root@localhost named]# cd /var/named/
[root@localhost named]# ll
总用量 24
drwxrwx—. 2 named named 23 4月 25 18:17 data
drwxrwx—. 2 named named 60 4月 25 23:16 dynamic
-rw-r-----. 1 root named 2253 4月 5 2018 named.ca
-rw-r-----. 1 root named 152 12月 15 2009 named.empty
-rw-r-----. 1 root named 152 6月 21 2007 named.localhost
-rw-r-----. 1 root named 168 12月 15 2009 named.loopback
drwxrwx—. 2 named named 6 2月 24 2022 slaves
-rw-r-----. 1 root named 294 4月 25 18:16 xy101.com.zone
-rw-r-----. 1 root named 264 4月 25 23:11 xy101.com.zone.local
[root@localhost named]#
[root@localhost named]# cp -p named.localhost xy101.com.zone
[root@localhost named]# vim xy101.com.zone
![](https://img-blog.csdnimg.cn/direct/1746a29740aa4ece8bdd5fdedc0f8679.png)
![](https://img-blog.csdnimg.cn/direct/46687c5eb5ff4ed293ea5ef85ad9be36.png)
![](https://img-blog.csdnimg.cn/direct/9a676e2bfa874056862521dd51cb4ce7.png)
### 从服务器
[root@localhost ~]#
[root@localhost ~]# vim /etc/named.rfc1912.zones
![](https://img-blog.csdnimg.cn/direct/d3766f18ac984c81bf67822e2ae0b019.png)
### 先启动主再启动从
主
[root@localhost named]# systemctl start named
[root@localhost named]# systemctl enable named.service
[root@localhost named]#
从
[root@localhost ~]# systemctl enable named
Created symlink from /etc/systemd/system/multi-user.target.wants/named.service to /usr/lib/systemd/system/named.service.
[root@localhost ~]#
### 验证
先在主 验证
[root@localhost named]# vim /etc/resolv.conf
[root@localhost named]#
![](https://img-blog.csdnimg.cn/direct/bec3ea30cab147faab96b45237c9621a.png)
## 最后
**自我介绍一下,小编13年上海交大毕业,曾经在小公司待过,也去过华为、OPPO等大厂,18年进入阿里一直到现在。**
**深知大多数网络安全工程师,想要提升技能,往往是自己摸索成长,但自己不成体系的自学效果低效又漫长,而且极易碰到天花板技术停滞不前!**
**因此收集整理了一份《2024年网络安全全套学习资料》,初衷也很简单,就是希望能够帮助到想自学提升又不知道该从何学起的朋友。**
![img](https://img-blog.csdnimg.cn/img_convert/64d47ff265a4b03f694c0eb0e6c9a11d.png)
![img](https://img-blog.csdnimg.cn/img_convert/6df0b61718adc638c772238d6b2d2df9.png)
![img](https://img-blog.csdnimg.cn/img_convert/b8f68997ecb9e9c1f0b88de5a28b3420.png)
![img](https://img-blog.csdnimg.cn/img_convert/252ce1a256edcb07c8c514f029ef3f22.png)
![img](https://img-blog.csdnimg.cn/img_convert/ba0e8dff1715d4c965fce9a0acc55548.png)
**既有适合小白学习的零基础资料,也有适合3年以上经验的小伙伴深入学习提升的进阶课程,基本涵盖了95%以上网络安全知识点!真正的体系化!**
[**如果你觉得这些内容对你有帮助,需要这份全套学习资料的朋友可以戳我获取!!**](https://bbs.csdn.net/topics/618653875)
**由于文件比较大,这里只是将部分目录截图出来,每个节点里面都包含大厂面经、学习笔记、源码讲义、实战项目、讲解视频,并且会持续更新!**
## 最后
**自我介绍一下,小编13年上海交大毕业,曾经在小公司待过,也去过华为、OPPO等大厂,18年进入阿里一直到现在。**
**深知大多数网络安全工程师,想要提升技能,往往是自己摸索成长,但自己不成体系的自学效果低效又漫长,而且极易碰到天花板技术停滞不前!**
**因此收集整理了一份《2024年网络安全全套学习资料》,初衷也很简单,就是希望能够帮助到想自学提升又不知道该从何学起的朋友。**
[外链图片转存中...(img-uocOaS9q-1715485658196)]
[外链图片转存中...(img-QSlcalQ5-1715485658196)]
[外链图片转存中...(img-vgrrmvRu-1715485658197)]
[外链图片转存中...(img-tsB6Gn8J-1715485658197)]
[外链图片转存中...(img-OPLI9xDJ-1715485658197)]
**既有适合小白学习的零基础资料,也有适合3年以上经验的小伙伴深入学习提升的进阶课程,基本涵盖了95%以上网络安全知识点!真正的体系化!**
[**如果你觉得这些内容对你有帮助,需要这份全套学习资料的朋友可以戳我获取!!**](https://bbs.csdn.net/topics/618653875)
**由于文件比较大,这里只是将部分目录截图出来,每个节点里面都包含大厂面经、学习笔记、源码讲义、实战项目、讲解视频,并且会持续更新!**