Dynamic DNS with a virtual web server
Apache on the Horizon
If your host system is wired to a router that uses DHCP to assign IP addresses, the new virtual system will pick up an IP address from the DHCP server. When you type ping www.linux-magazine.com, 100 percent of the packets should reach their target.
If they don't, check to see whether the host machine can access the Internet, and make sure the computer is using a network cable rather than a WLAN connection.
On openSUSE, you can run YaST to re-initialize the network card – sudo /etc/init.d/networking restart does the same thing on Ubuntu. On both systems, the /sbin/ifconfig commands will tell you which IP address the computer is using. Make a note of the address because you will need it soon.
The next step is to install the Apache server. For Ubuntu users, sudo apt-get install apache2 will take care of this. The package manager picks the required packages off the Internet and configures the server with standard settings that should be fine initially. On openSUSE 10.3, launch YaST and install apache2 via the Software management module. Then start up a console, become root, and enter /etc/init.d/apache2 start.
To find out whether your server is already accessible on your internal network, exit VMware and, in your browser, enter the guest system's IP address. Although the host and guest operating systems are physically located on the same machine, they use different IP addresses and appear as two separate machines on the LAN. If you type the IP address in your browser's address box, Ubuntu should show you the available website (Figure 4). OpenSUSE 10.3 returns a page with Error 403, which proves that the server is running – it just doesn't have a web page to display in its /svr/www/htdocs directory.
If you are unable to access the server, the guest system might be protected by a firewall (e.g., this is the case on openSUSE), so go back to the guest system, select Security and Users | Firewall in YaST, and add HTTP Server to the list of Allowed services. This allows incoming connections to port 80.
Assigning a Static IP
Most home and small-office networks are protected with a router/firewall device that performs Network Address Translation (NAT). In this configuration, only the router actually participates in the Internet address space, and the computers on the local network receive private, non-routable addresses through DHCP. If you plan to set up your virtual web server on the internal network, you'll need to configure the router to forward incoming http requests to the web server system.
One easy solution is to make sure the router sends any requests for port 80 (the Apache server's standard port) to the address of the virtual server. If you want the router to forward incoming port 80 traffic to your virtual web server, you'll need to give the virtual server a static IP address on the internal network. Most routers let you configure static IP addresses for the hosts on local networks through a browser interface.
For instructions on accessing the configuration interface, see the manual for your router. Each router handles this differently, but the usual procedure is to type the router's internal IP address in the browser's address box. The configuration interface will let you set up the DHCP server to give the virtual machine a static IP address (see the box titled "Assigning a Static IP Address").
After assigning a static IP address, log on to the router interface. New routers make life very easy for users: The DI-624 by D-Link, for example, has a separate section, Virtual Server, in which you can simply enable port 80 for the virtual server with the internal IP address of the virtual web server. After rebooting the router, the virtual server should be accessible from the Internet.
To check this, enter the web server's address in your browser. Your Apache server's front page should appear. Every router works differently, and not all routers have a convenient interface, so you might need to read the router manual or go to a support forum to find out how to forward port 80 to your virtual server's IP address. Also, you will need to forward other ports for other services. For example, you will need to forward ports 20 and 21 to run an ftp server.
DynDNS.com , and the other providers I mentioned earlier, assign domain names to servers with dynamic IP addresses. To set up an account, you need a valid email address. After logging on at the website, select My Services and then Add New Hostname. Start by typing a hostname that other users will use to access your server – select the domain from the list. As the Service Type, select Host with IP address. In IP Address , click on the link that automatically discovers and enters your current IP address (Figure 5). A couple of minutes after you click Create Host, you should be able to access your server.
Of course, you can't visit the DynDNS website each time your provider gives you a new IP address. To remove the need to do so, simply install Ddclient, which takes care of this task for you.
If your virtual machine is running on Ubuntu, enter sudo apt-get install ddclient to install the software. The system will ask you to name your dynamic DNS provider during the installation (http://www.dyndns.com in this case), and then your complete Internet address (kris.dyndns.com), along with your user name and password for the DynDNS website. Finally, the software will ask you about the interface for the dynamic DNS service; specify your active Ethernet interface, say, eth0. By entering sudo /etc/init.d/ddclient start you can then call Ddclient and modify the details of the configuration via sudo dpkg-reconfigure ddclient.
If you run openSUSE, first launch YaST and install the ddclient package. Add the entries shown in Listing 1 to the /etc/ddclient.conf configuration file (you need to be root to modify it). The login, password lines are for your dynamic DNS service credentials, and the selected Internet address is down at the bottom. The other entries you can use as is. Launch the utility by becoming root and typing ddclient.
Add to ddclient.conf
daemon=600 pid=/var/run/ddclient.pid use=web, web=checkip.dyndns.com/, web-skip='IP Address' login=kkissling password=my_secret_password protocol=dyndns2 server=members.dyndns.com wildcard=YES kris.dyndns.com
To see whether ddclient is doing a good job, type tail -f /var/log/messages at the console. If the log contains the word SUCCESS, you know that the tool is advertising the IP address correctly; if not, you will need to check the configuration file syntax.
The virtual web server is now a fixed component of your system, and it will launch whenever you boot the server. Just try this out to be sure: Boot the router and the virtual server and then access the web address you just set up. You should see your own virtual web server. As a web server operator, you can now offer a variety of web services. But remember, unless you take additional steps to configure a secure interface, the whole world will be able to access any resources you make available through the web server system.
Assigning a Static IP
The router identifies the guest system by reading the virtual network card's MAC address. To discover the MAC address, you can pop up a console on the guest system and type /sbin/ifconfig. Then, return to the router configuration interface and assign a static IP address to the virtual server's MAC address. Of course, the static address must be a legal address for the internal network segment.
After making these changes, reboot the virtual machine. To see the IP address you assigned, type /sbin/ifconfig. Alternatively, you can use YaST (openSUSE) or the network settings in the Ubuntu system management tool to assign a static IP address.
Buy this article as PDF
3ROS attack tool lowers the technical bar so anyone can be an intruder.
Mozilla's latest browser offers powerful new privacy feature
If attackers are on your system, saving your passwords in a password vault is no protection.
Faulty hash algorithm persists, despite efforts by experts to raise awareness.
Powerful man-in-the-middle attack is now targeting online shopping.
Another high-profile coder says the kernel team needs a kinder, gentler culture.
Bug database has a bug of its own that could allow an intruder to create an unauthorized account.
Report focuses federal resources on achieving universal Internet access.
Leading browser makers say “no” to porous encryption algorithm