Sunday, 13 December 2009

playing with ubuntu v1

Ok... play time has officially begun, today's item:

Ubuntu 8.10 - Server

1. Did a base install added the user required and all is well with the world.

2. apt-get install openssh-server (not in base installation)

3. Enable root
sudo su -
passwd

4. Edit sshd_config
PermitRootLogin no

service ssh restart

5. Edit the sudoers config file to remove extra privileges from the user we added in the installation
and comment the last line
#%admin ALL=(ALL) ALL

6. Install and tweak rkhunter and chkrootkit to our likings
apt-get install mailutils rkhunter chkrootkit
Edit the default/rkhunter configuration and change
REPORT_EMAIL (to your email)
DB_UPDATE_EMAIL (to yes)

7. Configure exim
dpkg-reconfigure exim4-config

8. Edit rkhunter.conf to:
DISABLE_TESTS="suspscan hidden_procs deleted_files packet_cap_apps apps"
uncomment
ALLOWHIDDENDIR=/dev/.udev
ALLOWHIDDENDIR=/dev/.static
ALLOWHIDDENDIR=/dev/.initramfs


9. Edit the cron.daily/rkhunter file to say:
echo "Subject: WARNINGS from rkhunter on $(hostname -f)"


Thanks for playing :)

No comments:

Post a Comment