{"id":24,"date":"2012-07-29T13:23:00","date_gmt":"2012-07-29T13:23:00","guid":{"rendered":"http:\/\/www.mirageglobe.com\/wp\/?p=24"},"modified":"2012-07-29T13:23:00","modified_gmt":"2012-07-29T13:23:00","slug":"draw-up-an-ubuntu-server-environment","status":"publish","type":"post","link":"https:\/\/pages.alldaycity.com\/mirageglobe\/draw-up-an-ubuntu-server-environment\/","title":{"rendered":"Draw up an Ubuntu Server Environment"},"content":{"rendered":"<p><strong>Ubuntu<\/strong><br \/>\nUbuntu Server is becoming a de-facto linux platform due to its frequent updates and wide adoption. This makes it one of the most simpliest to manage in Linux distributions. Other popular distributions include Debian (which ubuntu is built upon), Fedora, Suse. With cloud computing, you can launch an instance very easily. An instance is just like an empty hardware box, with the only difference of it being virtual. When you start off with a newly installed machine, lets see how we can set it up. We will focus on Ubuntu server edition here.<br \/>\n<strong>Choosing a version<\/strong><br \/>\nFor ubuntu, there are a few versions. It runs in twice a year release cycle, thus 10.04 (is around april) and 10.10 (is around october). So why are versions important? The release cycle keeps the basic packages updated. If you are running a server and is not looking to update your ubuntu installation every 6 months, use a LTS (Long Term Support). The LTS versions have a gap of about 2 years with 4 years support. 10.04 (Lucid) and 12.04 (Precise) is LTS versions as of writing.<br \/>\n<strong>Getting the basics up<\/strong><br \/>\nNow we have a command prompt blinking in our face. What now? Type in the following.<\/p>\n<div><\/div>\n<div>\n<blockquote><p>&gt; sudo apt-get update<br \/>\n&gt; sudo apt-get upgrade<\/p><\/blockquote>\n<p>this will run loads of installs and type &#8220;y&#8221; for yes if you have to. After installing, reboot.<\/p>\n<div>\n<blockquote><p>&gt; sudo reboot<\/p><\/blockquote>\n<\/div>\n<p>Now you need to setup your date time.\u00a0there are other methods but this method adjusts and prevents time drift. You can make this more complicated via NTP daemon. Read this\u00a0<a href=\"https:\/\/help.ubuntu.com\/12.04\/serverguide\/NTP.html\">https:\/\/help.ubuntu.com\/12.04\/serverguide\/NTP.html<\/a>\n<\/div>\n<blockquote><p>&gt; nano \/etc\/cron.daily\/ntpdate<\/p><\/blockquote>\n<p>Enter this line if its not there, without the quotes! &#8220;ntpdate ntp.ubuntu.com&#8221;. Save and exit using ctrl-x.<\/p>\n<blockquote><p>&gt; sudo chmod 755 \/etc\/cron.daily\/ntpdate<\/p><\/blockquote>\n<div>setting local of system, which adds compilers to your server. Notice we use Sudo alot? Its meaning to run the command as the super user (Super User DO).<\/div>\n<div>\n<blockquote><p>&gt; sudo apt-get install build-essential<\/p><\/blockquote>\n<div><\/div>\n<\/div>\n<div><b>Change the default shell to bash<\/b><\/div>\n<div><b>\u00a0<\/b><\/div>\n<div>Nano is a great text editor that is simple and easy to use. You will need to frequently use ctrl+x to save and quit once you finish your changes. Here we use nano to edit the password file of your server. After entering the command below, find your username and change from bin\/sh to bin\/bash. For example:&#8221;myuser:x:1000:1001::\/home\/myuser:\/bin\/sh&#8221; to\u00a0&#8220;myuser:x:1000:1001::\/home\/myuser:\/bin\/bash&#8221;<\/div>\n<div>\n<blockquote><p>&gt; sudo nano \/etc\/passwd<\/p><\/blockquote>\n<p>This command is to load the default shell as bash. Bash shell has more commands and is easier to use.\n<\/p><\/div>\n<div><b>Installing Security Packages &#8211; ClamAV and NMAP<\/b><br \/>\n<b><br \/>\n<\/b>ClamAV is a general antivirus which is constantly maintained by public and a group of dedicated team. Kudos to them! To install and start a basic scan, enter in terminal and run,<\/p>\n<blockquote><p>&gt; sudo apt-get install clamav<br \/>\n&gt; sudo freshclam -r -i<\/p><\/blockquote>\n<p>There are a few methods to make clamAV a default daemon mode so you can invoke this via other applications. Mailservers can find this very useful. Another use is if you have upload folders.<br \/>\nNMAP is a port scanner to see if you have open ports<\/p>\n<blockquote><p>&gt; sudo apt-get install nmap<br \/>\n&gt; sudo nmap [IPAddress]<\/p><\/blockquote>\n<\/div>\n<div><b>Installing UFW (Uncomplicated FireWall)<\/b><\/div>\n<div><\/div>\n<div>In command line, key in the following.<\/div>\n<div>\n<blockquote><p>&gt; sudo apt-get install ufw<br \/>\n&gt; sudo ufw enable<br \/>\n&gt; sudo ufw status<br \/>\n&gt; sudo ufw logging on [this enables logging]<br \/>\n&gt; sudo ufw allow ssh<br \/>\n&gt; sudo ufw allow 80\/tcp<br \/>\n&gt; sudo ufw allow ftp<br \/>\n&gt; sudo ufw allow smtp<\/p><\/blockquote>\n<p>To enable FTP to successfully go through your firewall, you might need to open certain ports. The example below opens from 20000 to 20999.<\/p>\n<blockquote><p>&gt; sudo ufw allow ftps<br \/>\n&gt; sudo ufw allow proto tcp from any to any port 20000:20999<br \/>\n&gt; sudo ufw delete allow ftps [this is to delete a rule]<br \/>\n&gt; sudo ufw status [this is to view the firewall]<\/p><\/blockquote>\n<p>Now reboot your machine. you can do this easily via command line below.\n<\/p><\/div>\n<div>\n<blockquote><p>&gt; sudo reboot<\/p><\/blockquote>\n<\/div>\n<div><\/div>\n<div>\n<b> Using CHKROOTKIT<\/b><\/p>\n<blockquote><p>&gt; apt-get install chkrootkit<br \/>\n&gt; chkrootkit<\/p><\/blockquote>\n<p><b>Moving around Ubuntu Server 12.04<\/b>\n<\/div>\n<div>The following are places which are commonly accessed by admins<\/div>\n<div><\/div>\n<div>\n<ul>\n<li>\/etc\/init.d\/&#8230; &#8211; directory where all your application controls are stored<\/li>\n<li>\/etc\/&#8230; &#8211; directory where your applications are stored<\/li>\n<li>\/var\/www\/&#8230; &#8211; directory where your web server html\/php files are stored<\/li>\n<li>\/var\/log\/&#8230; &#8211; directory where your log files are stored<\/li>\n<li>\/home\/&#8230;. &#8211; directory where home directory of your users are held<\/li>\n<li>\/etc\/passwd &#8211; file which stores the password<\/li>\n<li>\/etc\/shadow &#8211; file which I cant remember what this is for<\/li>\n<li>\/etc\/group &#8211; file which shows how groups and users are defined for this system<\/li>\n<\/ul>\n<p><b>Some nice Commands<\/b><\/p>\n<ul>\n<li>if php5-cgi is installed, you can find the version of Php:\u00a0php-cgi -v<\/li>\n<li>copy command:\u00a0sudo cp \/mysource \/mytarget<\/li>\n<li>changes the permissions of the folder or file: chmod -R 777 myfolder<\/li>\n<li>secure access into another machine: ssh asd@123.45.67.89<\/li>\n<li>view memory usage: free -m<\/li>\n<li>shows which group user mydomain is in:\u00a0grep mydomain \/etc\/group<\/li>\n<li>usermod -a -G adm demo<\/li>\n<li>Top \/ ps -ef<\/li>\n<li>vmstat 1 [si so is the swap]<\/li>\n<li>crontab -e [to edit]<\/li>\n<li>crontab -l [to list]<\/li>\n<li>To find out if a file exists and create one if there isnt one: touch filename<\/li>\n<\/ul>\n<\/div>\n<div><\/div>\n<div>\n<b>References<\/b><\/p>\n<ul>\n<li>Ref: https:\/\/help.ubuntu.com\/community\/InstallingSecurityTools<\/li>\n<li>SECURE KEY GENERATION: ADMIN USER + PUBLIC KEY<\/li>\n<li>http:\/\/cloudservers.rackspacecloud.com\/index.php\/Ubuntu_-_Setup<\/li>\n<li>http:\/\/www.cyberciti.biz\/faq\/howto-linux-add-user-to-group\/<\/li>\n<li>http:\/\/www.kalzumeus.com\/2010\/12\/12\/staging-servers-source-control-deploy-workflows-and-other-stuff-nobody-teaches-you\/<\/li>\n<\/ul>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Ubuntu Ubuntu Server is becoming a de-facto linux platform due to its frequent updates and wide adoption. This makes it one of the most simpliest to manage in Linux distributions. Other popular distributions include Debian (which ubuntu is built upon), Fedora, Suse. With cloud computing, you can launch an instance very easily. An instance is [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-24","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/pages.alldaycity.com\/mirageglobe\/wp-json\/wp\/v2\/posts\/24","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pages.alldaycity.com\/mirageglobe\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/pages.alldaycity.com\/mirageglobe\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/pages.alldaycity.com\/mirageglobe\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/pages.alldaycity.com\/mirageglobe\/wp-json\/wp\/v2\/comments?post=24"}],"version-history":[{"count":0,"href":"https:\/\/pages.alldaycity.com\/mirageglobe\/wp-json\/wp\/v2\/posts\/24\/revisions"}],"wp:attachment":[{"href":"https:\/\/pages.alldaycity.com\/mirageglobe\/wp-json\/wp\/v2\/media?parent=24"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/pages.alldaycity.com\/mirageglobe\/wp-json\/wp\/v2\/categories?post=24"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/pages.alldaycity.com\/mirageglobe\/wp-json\/wp\/v2\/tags?post=24"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}