introduction FreeBSD

FreeBSD

FreeBSD is a UNIX-like operating system (such as UNIX operating systems), available for free on the internet, it is very widely used in the world of the ISP (Internet service provider), embedded devices, and other fields that require high reliability. FreeBSD is made from the original UNIX source code produced by AT & T in 1970.
Many years ago, AT & T requires a lot of computers to run their business. At that time, AT & T is forbidden to participate in the computer business. So finally they sell their software licenses and their source code to the university at a cheap price. University students can access this technology can read the source code and learn how the software works. In return, AT & T gets:
programmer free, free patches, as well as the scientist who improve the quality of software AT & T. everyone is happy. Software AT & T is very famous in this license is UNIX. why is called UNIX-like? Well, the word "UNIX" is a trademark name (trademark) which is owned by The Open Group. So if you have a product operating system, and want to be named UNIX, your product must be certified by The Open Group, and you have to pay a lot of money into them. Because FreeBSD is made not for profit, then renamed to UNIX-like.

Network Address Translation (NAT)In FreeBSD, the mechanism of Network Address Translation (NAT) is run by the NATD program that works as a daemon. Network Address Translation Daemon (NATD) provides a solution to the problem of saving the IP address by hiding internal network, by creating packages that are generated inside look as if produced from a machine that has a legal IP address. Natd provides connectivity to the outside world without having to use a legal IP address in the internal network. Nat provide Network Address Translation facility for use with divert socket. Natd change all packets destined for other hosts such that the source IP addresses originating from natd machine. For each packet is modified by this rule, made the translation table to record this transaction. With NAT, the rule that in order to communicate using the IP address should be legal, dilanggar.NAT works by converting the IP-IP address to the IP address of one or more others. The converted IP address is the IP address assigned to each machine in the internal network (can be any IP). IP address being converted is outside the internal network IP address is a legal and valid / routable.
NAT mechanismA TCP packet consists of a header and data. The header has a number of fields in it, one of the important field here is the MAC (Media Access Control) address of origin and destination, source and destination IP address and port number of origin and destination.A machine while machine B contact, the IP packet header contains the IP address A IP B as the origin and the destination IP address. The header also contains the origin port number (usually selected by the transmitting machine of a set of port number) and port number of specific goals, such as port 80 (for web).Then B receives packets on port 80 and select the port number used as a reply to the origin port number replaces the earlier port 80. Machine B, then flip the origin and destination IP address and port number of origin and destination in the packet header. So the situation is now IP B IP address IP A is the origin and the destination IP address. Then B sends the packet back to A. During the open session, the data packets back and forth using the selected port number. Router (usual - without NATD) modifying the field of origin and destination MAC address in the header when it wants to route packets through it. IP address, port number, and the sequence number of origin and destination are not touched at all. NAT also works on this basis. Starting with the internal translation table for all internal network IP addresses that send packets through it. Then set the port number of tables that will be used by the IP address is valid. When a packet is sent from the internal network to be delivered out to the NATD, NATD do the following:1. Take note of the IP address and port of origin in the translation table2. Replaces the original IP packet number with a valid IP number itself3. Assign specific port number for packets sent out, put it in the translation table and replace it with a port number of origin specific port number.When the reply packet comes back, check NATD port number destination. If it matches the specific port number that has been set before, then he will see the translation table and search engine on the internal network where appropriate. Once found, he would rewrite the port number and IP address to the destination IP address and port number that the original source is used first to start the connection. Then send the package to a machine on the internal network of the destination. Natd maintain the contents of the translation table for the connection still open.


Domain Name System (DNS)
Domain Name System (DNS) is to distribute the database system used to search the computer name (name resolution) in a network that uses TCP / IP (Transmission ControlProtocol / Internet Protocol). DNS is used in applications that connect to the Internet such as web browsers or e-mail, in which the DNS helps map the host name to an IP address of a computer. Besides being used in the Internet, DNS can also be implemented to a private network or intranet where the DNS has advantages such as:
1. Easy, control is very easy because the user no longer bothered to remember the IP address of a host computer enough name (computer name).
2. Consistently, the IP address of a computer host name can be changed but not changed.
3. Simple, user only use one domain name to search both the Internet and in the Intranet.

DNS structure
Domain Name Space is a domain grouping hierarchy based on the name, which is divided into several sections including:

Root-Level Domains
Domain is determined by the level of capability that exist in a hierarchical structure called the level. The top level in the hierarchy is called the root domain. Root domain are expressed based on the period in which the symbol for the root domain is (".").

Top-Level Domains
In the sections below is a sample of top-level domains:
com Commercial Organizations
edu education institution or university
org Organization Non-profit
net Networks (Internet backbone)
gov nonmilitary government organizations
miles military government organizations
num No phone
arpa Reverse DNS
xx for the two-letter country code (id: Indonesia, sg: Singapore, au: australia, etc) Top-level domains can contain second-level domains and hosts.

With Apache Web Server

Nowadays the web is one of the many information services accessible by Internet users in the world. As one of the information services it needs to be built which is able to handle web requests (requests) from many users with a good (reliable) without leaving the safety aspect. Security issues is one of the important aspects in web development because of negligence in dealing with web server security can be fatal.
Apache is one of the popular web server distribution dengandukungan feature very much. Existing statistical calculation shows that the Apache web server to be the most widely used in the Internet world, reaching a value of 60% of all existing web server. Apache achieving success in addition to the current popularity due to have many features that are not found in other web server, also because Apache is a free application that runs on a variety of operating systems. There are several aspects that need to be implemented in a secure web server, among other things:
1. The web service server with low previllages
2. Access to the web server settings
3. Minimize public services on the machine running the web server
4. Provide special filesystem for web services server

QMAIL (mail server)
Qmail is an MTA (Mail Transfer Agent Internet) that is safe, reliable, and simple. Sendmail is an alternative system qmail-binmail contained on UNIX. qmail uses SMTP (Simple Mail Transfer Protocol) to exchange messages with MTA's on other systems.By using qmail, there are several advantages, among others:1. Security:qmail was designed with security guarantee is considerably higher than with Sendmail. It is an absolute necessity because mail delivery is a critical issue for the user.2. Performance:qmail as mail delivery, can deliver more than 20 simultaneous conduction (as default).3. Reliability:Qmail upon receiving a message, the message is not guaranteed to be lost. qmail also supports maildir, a new mailbox format that works reliably. Maildirs, unlike mbox files and mh folders, will not be lost in case the system crashes during delivery. In addition, the user can read the letter on NFS safely, and at the same time, a number of NFS clients can send mail to that user.4. Simplicity:Qmail size smaller than other types of Internet MTA. MTA has a mechanism of forwarding, aliasing, and separate mailing lists. While qmail has a simple forwarding mechanism, which allows the user to handle their mailing lists. Qmail was written by Dan Bernstein (DJB), a professor of mathematics at the University of Illinois at Chicago. qmail was first released in beta version 0.70 on January 24, 1996. Version 1.0 was issued on February 20, 1997. The last version is a 1:03 version issued on June 15, 1998. The plan, in the near future, will be released version 2.0. qmail following the classic UNIX philosophy, in which each tool perform a single function and function well-defined complex, which was built by connecting a set of tools into a "pipeline". Whereas the alternative is to build a more complex tools, which recreate the functions of simple tools. In lieu of Sendmail, qmail supports host and user masquerading, full host hiding, virtual domains, null clients, list-owner rewriting, relay control, doublebouncerecording, arbitrary RFC 822 address lists, cross-host mailing list loop detection, pre-recipient checkpointing , Downed host backoffs, independent message retry schedules, etc..