This is a guide to setting up your own domain of Linux machines, or mixed Linux and Windows machines, on an always-up connection with a static IP and a named domain. It is not really intended for setups which use dynamic IPs, or which are regularly disconnected from their provider for long periods of time, though some basic hints for operating such a setup are available in section Using A Dynamic IP.
With the increasing availability of permanent connections and static IPs, it's becoming easier for people and organizations to set up a real domain, with the associated Internet presence. Proper planning at the outset can reduce problems later.
Much of this document describes techniques for implementing unobtrusive security on the newly exposed network. This deals with protection from external attack, and from casual internal attack. It does not claim to provide an extremely secure setup, but is usually enough to discourage the less determined attacker.
This document is primarily directed at small organizations which have an existing network of computers, possibly with a shared dialup line, which are trying to move to a permanent, relatively high-speed connection, either to improve data transfer with the outside world, or to create a WWW or FTP site. The document is also directed at new organizations which want to skip the early stage and start out with higher speed networking and services under their own domain name.
Throughout this document, I will discuss the configuration of a newly registered domain, example.com. Note that the name example.com is reserved by the Internet Assigned Numbers Authority for use in documentation, and so will never correspond to an actual domain.
Much of the information in this document is available in other places. I have tried to distill the material relevant to the creation of a new domain. Where detail on a specific subject is lacking, you may want to consult one of the more comprehensive documents.
This document will also assume a mixed OS environment. Specifically, I will assume that some desktop machines are running some version of Microsoft Windows, while servers and the private network gateway are running Linux.