Difference between revisions of "Linux"

Line 3: Line 3:
  
 
These are some how-to and tricks for Linux (Debian / Ubuntu) servers and workstations.
 
These are some how-to and tricks for Linux (Debian / Ubuntu) servers and workstations.
 +
 +
 +
{| class="wikitable" style="margin: 1em auto 1em auto"
 +
|+ '''Cells left-aligned, table centered'''
 +
! Duis || aute || irure
 +
|-
 +
| dolor  || in reprehenderit || in voluptate velit
 +
|-
 +
| esse cillum dolore || eu fugiat nulla || pariatur.
 +
|}
  
  

Revision as of 17:14, 21 August 2014

Linux is wonderful! However it can be a mess to setup.

These are some how-to and tricks for Linux (Debian / Ubuntu) servers and workstations.


Cells left-aligned, table centered
Duis aute irure
dolor in reprehenderit in voluptate velit
esse cillum dolore eu fugiat nulla pariatur.


Template:Col-begin Template:Col-break |Core elements |- |Server or workstation Server / workstation setup |- Template:Col-break |Security |- |Internet security Security: anti-virus / root-kits / Fail2Ban |- |SSH Security: SSH |- |FW principle Security: firewall |- |SSL Security: SSL |- |VPN Security: VPN |- |Radar Security: IDS / IPS Template:Col-break |Web |- |Database DB | |Web server Web server |- |Web apps PHP webapps |- |Continuous integration CI webapps Template:Col-break |Network |- |Active directory LDAP |- |Network icon DHCP DNS |- |File share File share technologies |- |Netboot icon This section explains how to setup, boot and maintain a netboot image. |- |Mail icon Mail server (SMTP, POP3/IMAP) |- |Monitoring Monitoring IT components, servers and applications using Zabbix Template:Col-end





Server / workstation core setup

Server or workstation How to setup & maintain a Linux server or workstation with basics services.


Server / Workstation setup
Installation Partitions setup Specifics Prefer IPv4 over IPv6 Applications Photo
Network and hostname configuration XFCE: screensaver bug fix Clean ubuntu
VIM editor Drivers
Sources
Create user
Useful programs
Languages
Automatic updates



Security

How to secure your server / workstation ?


Global security

Internet security Anti-virus / anti root-kits / Fail2Ban



SSH

SSH SSH




Firewall

FW principle This section explains HOW to create, maintain and use a firewall with IpTables.


Firewall
Basics Firewall principle
Firewall basics
Firewall core (main) protocols
Firewall VPN
Firewall OUTPUT filters
Firewall INPUT filters
Advanced Firewall port forwarding
Firewall source address filtering
Installation and scripts Firewall installation scripts


SSL

SSL SSL certificates and chain of trust


SSL server


VPN

VPN Virtual Private Network (VPN)



Intrusion Detection / Protection

Radar Protection is good, but that's not enough! We need to detect attacks.


  • IDS = Intrusion Detection System : tool that detect attacks.
  • IPS = Intrusion Protection System : detect an intrusion attempt and react upon it.


I'm using one of the most famous IDS: "Snort" (https://www.snort.org/).



Linux appliances

User management

Active directory Manage users and groups



DB servers

Database Database servers



Web

Web server

Web server How to setup a website, proxy and SSL certificates...


Web server
Apache 2 Apache 2 installation
Apache 2 HTTP virtual host
Apache 2 HTTPS virtual host
Apache 2 - SSL certificates page
Apache 2 - Redirection (mod rewrite)
Apache 2 - proxy
Apache 2 - Custom error page
Apache 2 - Performances
Apache 2 - Security
Apache 2 - LDAP access
Cherokee Cherokee web server


Web applications

Web apps


Web applications
Web app PhpMyAdmin
Web app PhpLdapAdmin
Web app PhpSecInfo


Continuous Integration applications

Continuous integration C.I - Continuous integration


CI applications
Jenkins
Sonar
SVN server


Network

DHCP and DNS

Network icon DHCP and DNS servers


Network
DHCP server DHCP server installation
DHCP dynamic IP assignation
DHCP static IP assignation
DNS DNS server
DNS server split


File share

File share File share technologies


NetBoot

Netboot icon This section explains how to setup, boot and maintain a netboot image.


Requirements:


NetBoot and "Thin client" (diskless clinets) principle:


NetBoot services setup:


NFS image setup:


Register NFS image to TFTP:


Alternate Netboot scenario: 'Linux installation': network Linux installation



Mail

Mail icon Mail server (SMTP, POP3/IMAP)


Email relay

Email server setup


Monitoring

Monitoring Monitoring IT components, servers and applications using Zabbix


Monitoring
Zabbix server Zabbix server setup
Zabbix server configuration
Zabbix server hosts management
Zabbix server template management = create and manage template
Zabbix server create new application, items, triggers and actions
Zabbix server dashboard
Zabbix agent setup Zabbix agent setup


Note:

I'm using Zabbix v2.2. All the following information are just a practical summary of the Zabbix official documentation applied to my use-case.


Alternative to zabbix, the old good fashion SNMP client !


Other services

  • NTP time sync
  • Logwatch



Management UI

Webmin


Raspberry pi



New menu (under construction)

This section is under construction...