Introduction
Like I mentioned in my test post, this blog will be used as
a platform to talk about my journey in the class WEB375 Web
Architecture. This week I'll be focusing on the brainstorming of my course
project, my experience with the lab, and the objectives I learned.
Course Project
Getting started had me feeling nervous until I watched the
video Professor shared in the announcements. I had prepared myself on a week
before the session started because classes always open early. I have a few
ideas on how to start this week.
-Not going to do single host as of now. Putting the web,
mail, file, and database server isn’t how it’s done anymore. Instead I’m
looking to have one host machine supply one service. A router can be used to
allow the servers to run on a local network.
-Going to determine services (includes servers and remote
GUI Desktop), protocol & ports, server applications, and client
applications. I understand it’s better to administrate through a terminal but
it’s good to have the option and know how to use both.
Week 1 Lab
This week was just a brush up on stuff I have learned in the
past. Syntax and remembering which directory I am in were my biggest problems.
It took me about an hour, but I believe everything is correct. I'm looking
forward to seeing how the other labs will go.
Week 1 Objectives
I found that most of these objectives can't be found in
the book or lesson, so I used what I know and some sources (left links for fact
checking).
TCP Packets & Ports: Transmission control protocol is
how computers speak over the internet. Packets are just information that are
sent using protocols. Ports are how we can receive information from the
internet. Ports have their own number which refers to the type of
protocol.
Filtering packets on Cisco routers or iptables in
Linux: I didn't know this myself, so I went to Cisco's website (I'll leave a
link below). Access control lists can control what enters and leaves the
network. As for iptables, I found a website called booleanworld that answers
this question. Filtering packets can be done using a framework called
netfilter. With netfilter you can "[allow/drop/modify traffic]". A
link will be left below for this as well.
Proxy servers such as the one available in Apache: Apache is
a web server. I found a lot of information online about Apache's reverse proxy.
Here's what apchepetutor said "A reverse proxy is a gateway
for servers, and enables one web server to provide content from another
transparently. As with a standard proxy, a reverse proxy may
serve to improve performance of the web by caching; this is a simple way to
mirror a website.".
Concept of a DMZ and how it can be implemented: I checked
the book for DMZ/demilitarized zone and couldn't find anything unfortunately. A
quick Google search told me it's the border that separates the Korean Peninsula
in half. The DMZ network name was named after the border. I found an article on
Techrepublic. Most of this information went over my head. The concept is that
you can have public servers separated from your local area network. This adds
security to your network. As for how to implement, I will send you off to this
link:
https://www.techrepublic.com/article/lock-it-down-implementing-a-dmz/
The implementation progress is twice as long as this post!
Copy this: "To DMZ-ize your current setup" then paste into the find
function (ctrl+f).
I hope the next set of objectives are in the book or lesson!
-Jake
Links:
https://community.cisco.com/t5/network-architecture-documents/how-to-filter-ip-packets/ta-p/3131213
https://www.booleanworld.com/depth-guide-iptables-linux-firewall/
https://www.techrepublic.com/article/lock-it-down-implementing-a-dmz/
