Difference between revisions of "Linux"
| Line 139: | Line 139: | ||
| + | I'm using one of the most famous IDS: "Snort" (https://www.snort.org/). | ||
| − | + | * [[Snort IDS installation]] | |
| − | + | * [[Snort IDS web-UI]] | |
| − | |||
| − | |||
| − | |||
| − | |||
Revision as of 14:42, 9 August 2014
Linux is wonderful! However it can be a mess to setup.
These are some how-to and tricks for Linux (Debian / Ubuntu) servers and workstations.
Contents
Server / workstation core setup
How to setup & maintain a Linux server or workstation with basics services.
| Server / Workstation setup | |||||
|---|---|---|---|---|---|
| Installation | Partitions setup | Specifics | Prefer IPv4 over IPv6 | Applications | Photo |
| Network and hostname configuration | XFCE: screensaver bug fix | Clean ubuntu | |||
| VIM editor | Drivers | ||||
| Sources | |||||
| Create user | |||||
| Useful programs | |||||
| Languages | |||||
| Automatic updates | |||||
Security
Services security
How to secure your server / workstation ?
| Security | ||
|---|---|---|
| Basic | SSH | SSH Client |
| How-to generate SSH key | ||
| SSH server setup | ||
| SSH server using local user / password auth. | ||
| SSH server using key auth. | ||
| SSH server using LDAP user auth. | ||
| SSH server using LDAP key auth. | ||
| Local prevention | Anti-virus | |
| Rootkit cleaner | ||
| Advanced | VPN | VPN introduction |
| VPN server | ||
| VPN client | ||
| Other | Fail2ban | |
| SSL server | ||
Firewall
This section explains HOW to create, maintain and use a firewall with IpTables.
| Firewall | |
|---|---|
| Basics | Firewall principle |
| Firewall basics | |
| Firewall core (main) protocols | |
| Firewall VPN | |
| Firewall OUTPUT filters | |
| Firewall INPUT filters | |
| Advanced | Firewall port forwarding |
| Firewall source address filtering | |
| Installation and scripts | Firewall installation scripts |
Advanced security
Protection is good, but that's not enough! We need to detect attacks.
- IDS = Intrusion Detection System : tool that detect attacks. Most of them are Open-Source and free of use (non-commercial)
- IPS = Intrusion Protection System : detect an intrusion attempt and react upon it. These are usually commercial tools.
I'm using one of the most famous IDS: "Snort" (https://www.snort.org/).
Linux server services
User management
Manage users and groups
DB servers
Database servers
- MySQL server
- PostgreSQL
Web
How to setup a website, proxy and SSL certificates...
Web applications
| Web applications |
|---|
| Web app PhpMyAdmin |
| Web app PhpLdapAdmin |
| Web app PhpSecInfo |
| Jenkins |
| Sonar |
| SVN server |
Network
Network related services
| Network | |
|---|---|
| DHCP server | DHCP server installation |
| DHCP dynamic IP assignation | |
| DHCP static IP assignation | |
| DHCP netboot configuration | |
| Other | DNS server |
- FTP server
Web server configuration
- Samba server
- Webdav
Network
This section explains HOW to create, maintain and use a firewall with IpTables.
- 0. NetBoot server principle
- 1. NetBoot server setup - network Linux installation
- 2. NetBoot server setup - diskless clients
- 3. Diskless client setup
- 4. PXE menu
- Monitoring : IT components, servers and applications
Other services
- NTP time sync
- Logwatch
- Mail server
Management UI
Raspberry pi
This section is under construction...
