8/6/2019 tcosproyec

1/9

Servidor tcosCaractersticasMemoria ram: 4gProcesador: intel core dos duoDisco duro: 160 g

Contrasea root: d3$&73k0010Contraseas de usuariosDesiteg:desistegUsuario01:usuario01Usuario02:usuario02Usuario03.usuario03Usuario04::usuario04

Usuario20:usuario20

Terminales ligeros tcosInstalacin1.-descargar las llaves publicas de la pagina de tcos o en un terminal escribir las siguientes lneas# wget http://www.tcosproject.org/mariodebian-pub.key# apt-key add mariodebian-pub.key

(in ubuntu you can use sudo apt-key)2.- sistemas/administracin/orgenes de software de ah en otro software en nuestro caso comotenemos el ubutu lucid 10.04 agregar lo sig.

Ubuntu Lucid 10.04

deb http://www.tcosproject.org/ lucid main#deb-src http://www.tcosproject.org/ lucid main3.- de ah en un terminal escribir

Sudo apt-get install tcosy seguir los pasos que dice la terminalde ahi segur los pasos de esta paguinahttp://mariodebian.com/post/1/692

Proxy de red squid

Objetivo

PasosInstalar squid3

Abrir u terminal y escribir lo sig:Sudo apt-get install squid3

8/6/2019 tcosproyec

2/9

Editar el archivosquid.conf asiganandopermisos a usuarios administradores sin restricciones depaginas,crear listas deacesos a paginas permitidas del grupopagos ydel grupodeventas darlesacesos alos puertos y paginas queocupael clientedemensajerainstantnea msnEl archivoseencuetrade la siuientemaneraEtc/squid3/sqid.conf

archivosquid.conf

http_port3128transparent

cache_mem 16 MB

cache_dir ufs /var/spool/squid3 700 16 256

ie_refresh on

offline_modeon

##### REGLAS PARA CREACION DEGRUPOS ######acl all src 0.0.0.0/0.0.0.0acl all src 0.0.0.0/255.255.255.0acl red_local src 192.168.3.0/24aclGrupoPagos src 192.168.3.102-192.168.3.150aclGrupoVentas src 192.168.3.121-192.168.3.130#acl privilegios url_regex "/etc/squid3/privilegios"

acl privilegiosrc 192.168.3.122acldiana src 192.168.3.123

aclisis src 192.168.3.101acl pedrosrc 192.168.3.130aclvenecia src 192.168.3.117acl arturosrc 192.168.3.124

acl htps port443acltaenetport442##### Reglas deaceso parael MSN #####

acl msn_portport1863acl msn_port2 port5223acl serv_msndst200.46.110.0/24

acl serv_msndst64.4.13.0/24acl app_msn req_mime_type-i^application/x-msn-messenger$acl msn_messenger url_regex -igateway.dllacl msn_domdstdomain loginnet.passport.comacl msn_domdstdomain messenger.msn.comacl msn_domdstdomain messenger.msn.caacl msn_domdstdomain messenger.msn.netacl msn_domdstdomainim.sapo.ptacl msn_domdstdomain webmessenger.msn.com

8/6/2019 tcosproyec

3/9

acl msn_domdstdomain c.msn.comacl msn_domdstdomain g.msn.comacl msn_domdstdomain config.messenger.msn.comacl msn_domdstdomain login.live.comacl msn_domdstdomain amsn-project.netacloperadstdomainopera.com

acl adminodstdomain 65.99.205.122/ADMacl admino1 dstdomain 65.99.205.122/PDVacl fop2dstdomain 192.168.3.130/fop2#### REGLAS DESITIOS PERMITIDOS Y DENEGADOS #####

acl permitidos url_regex "/etc/squid3/permitidos"acl PermitidosVentas url_regex "/etc/squid3/permitidosventas"acldenegados url_regex "/etc/squid3/denegados"acl localhostsrc 127.0.0.1/255.255.255.0

http_access allow privilegioallhttp_access allowdiana all

http_access allowisis allhttp_access allow pedroallhttp_access allow arturoallhttp_access allowvenecia all#http_access allowvenecia msn_port#http_access allowvenecia msn_port2#http_access allowvenecia serv_msn#http_access allowvenecia app_msn#http_access allowvenecia msn_dom#http_access allowvenecia msn_messenger#http_access allowvenecia admino#http_access allowvenecia admino1

#http_acc

ess all

owisis fop2

http_access allow htpshttp_access allowtaenet

##### CONFIGURACIONGRUPO PAGOS #######http_access allowGrupoPagos permitidos

##### CONFIGURACIONGRUPOVENTAS #######

http_access allowGrupoVentas PermitidosVentashttp_access allowGrupoVentas msn_porthttp_access allowGrupoVentas msn_port2http_access allowGrupoVentas serv_msnhttp_access allowGrupoVentas app_msnhttp_access allowGrupoVentas msn_domhttp_access allowGrupoVentas msn_messengerhttp_access allowGrupoVentas opera#http_access allow red_local all

8/6/2019 tcosproyec

4/9

http_access denydenegadoshttp_access deny all

#http_access allow all

Listas depermitidos parael areadepagosEtc/squid3/permitidos

kayako.comteamviewer.com/es/87.230.73.24opera.com

google.comgstatic.comgoogle.com.mxbancaempresarialazteca.com.mx

bancomer.com.mxbbvanet.com.mxbanamex.combanamex.com.mxsantander.com.mxsantander-serfin.comscotiabank.com.mxhsbc.com.mxbanorte.comsiprel.netsiprel.mxsiprel.com.mx

appspot

.co

mgoogleapis.com

#65.99.205.122/PDV#65.99.205.122/ADM

taetelcel.comtaenet.com.mxk-eex.com.mxmovistar.com.mx

pagatae.com.mxrecargaqui.com.mxsiprel.sytes.net

####fop2##192.168.3.130/fop2Listadepermitidos ventas

8/6/2019 tcosproyec

5/9

Etc/

siprel.netappspot.com

googleapis.comgoogle.com

siprel.com.mxsiprel.sytes.netopera.comtelcel.comiusacell.com.mxmovistar.com.mxunefon.com.mx

pronosticos.gob.mxg.msn.com

melatemovil.comcachitomovil.com

segujuegos.com

hotmail.comlogin.live.com

63.208.13.12664.4.12.20064.4.12.20165.54.131.24965.54.194.11865.54.211.61207.46.104.20

207.46.110.2207.46.110.254207.46.245.222207.46.245.214messenger.hotmail.commessenger.msn.commessenger.microsoft.comecho-v1.msgr.hotmail.comecho-v2.msgr.hotmail.comlogin.passport.netmessenger.t1msn.com.mx65.54.226.24665.54.226.25265.54.228.24365.54.228.25465.54.229.24665.54.229.25465.54.225.24465.54.225.252loginnet.passport.com65.54.225.241

8/6/2019 tcosproyec

6/9

65.54.225.25465.54.226.24765.54.226.25465.54.228.24465.54.228.25365.54.229.248

65.54.229.253login.passport.com65.54.231.24065.54.230.240207.68.173.24564.202.167.12963.241.128.250207.68.173.245config.messenger.msn.com

Comparticiondecarpetasenlaredconsamba

Instalar samba:Abrir unterminal yescribir losig. Sudoapt-get install sambaEditar el archivosmb.conf queseecuetraen la sigdireccin etc/samba/smb.conf

## Sampleconfiguration filefor theSamba suitefor DebianGNU/Linux.### This is themain Samba configuration file. You shouldreadthe# smb.conf(5) manual pageinorder tounderstandtheoptions listed# here. Samba has a hugenumber of configurableoptions mostof which# arenotshowninthis example

## Someoptions thatareoften worth tuning havebeenincludedas# commented-outexamples inthis file.# - When such options arecommentedwith ";", theproposedsetting# differs fromthedefaultSamba behaviour# - When commentedwith "#", theproposedsettingis thedefault# behaviour of Samba buttheoptionis consideredimportant# enough tobementionedhere## NOTE: Whenever you modifythis fileyou shouldrunthecommand# "testparm"tocheckthatyou havenotmadeany basic syntactic#errors.

# A well-establishedpracticeis tonametheoriginal file# "smb.conf.master" andcreatethe "real" config filewith#testparm -s smb.conf.master >smb.conf# This minimizes thesizeofthereally usedsmb.conf file# which, accordingtotheSamba Team, impacts performance# However, usethis with cautionif your smb.conf filecontains nested# "include" statements. SeeDebian bug #483187 for a case# whereusing a master fileis nota goodidea.#

8/6/2019 tcosproyec

7/9

#=======================Global Settings =======================

[global]workgroup = SIPRELserver string = %h server (Samba, Ubuntu)dns proxy = no

log file= /var/log/samba/log.%mmax log size= 997

syslog = 0panic action = /usr/share/samba/panic-action %d

security = adsobey pam restrictions = yesunix passwordsync = yes

passwdprogram = /usr/bin/passwd%upasswdchat= *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n*password\supdated\ssuccessfully* .

pam passwordchange= yesmaptoguest= baduser

usershareallow guests = yesusernamemap = /etc/samba/smbuserssecurity = ads

[printers]comment= All Printersbrowseable= no

path = /var/spool/sambaprintable= yes

; guestok = no; readonly = yes

createmask = 0700

# Windo

ws clie

nts loo

k fo

rthis shar

enam

eas a s

ourc

eo

fdo

wnload

able# printer drivers

[print$]comment= Printer Drivers

path = /var/lib/samba/printers; browseable= yes; readonly = yes; guestok = no# Uncommenttoallow remoteadministrationof Windows printdrivers.# You may needtoreplace 'lpadmin' with thenameofthegroup your# admin users aremembers of.# Pleasenotethatyou alsoneedtosetappropriateUnix permissions#tothedrivers directory for theseusers tohavewriterights init; writelist= root, @lpadmin# A samplesharefor sharing your CD-ROM with others.

;[cdrom]; comment= Samba server's CD-ROM; readonly = yes; locking = no

8/6/2019 tcosproyec

8/9

; path = /cdrom; guestok = yes# Thenexttwoparameters show howtoauto-mounta CD-ROM whenthe# cdrom shareis accesed. For this towork /etc/fstab mustcontain# anentry likethis:#

# /dev/scd0 /cdrom iso9660defaults,noauto,ro,user 0 0## TheCD-ROM gets unmountedautomatically after theconnectiontothe## If youdon'twanttouseauto-mounting/unmounting make suretheCD# is mountedon /cdrom#; preexec = /bin/mount/cdrom; postexec = /bin/umount/cdrom

[publica]path = /home/publica

writeable= yesbrowseable= yesguestok = yes

[publica]comment=carpeta Publica

path = /home/publica/gestok = yespublic = yeswritable= yes

[Maritza]

path = /h

ome/Mar

itzabrowseable= yes

guestok = yes

validusers = Maritzawrite list= Maritzaread list= Maritza

[Maritza]comment=carpeta Maritza

path = /home/Maritza/gestok = yespublic = yeswritable= yes

[Isis]path = /home/Isisbrowseable= yesguestok = yes

8/6/2019 tcosproyec

9/9

validusers = Isiswrite list= Isisread list= Isis

[Isis]comment=carpeta Isis

path = /home/Isis/gestok = yespublic = yeswritable= yes

[Rocio]path = /home/Rociobrowseable= yesguestok = yes

validusers = Rociowrite list= Rocio

read list= Rocio

[Rocio]comment=carpeta Rocio

path = /home/Rocio/gestok = yespublic = yeswritable= yes