ServerSetupFedora22: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
Line 1: | Line 1: | ||
<pre> # yum install man screen lm_sensors wget rsync fail2ban mailx sendmail-cf nut clamav clamav-update nfs-utils strace smartmontools logwatch etckeeper OpenIPMI ipmitool</pre> | |||
# Install etckeeper | # Install etckeeper |
Revision as of 21:48, 12 April 2011
# yum install man screen lm_sensors wget rsync fail2ban mailx sendmail-cf nut clamav clamav-update nfs-utils strace smartmontools logwatch etckeeper OpenIPMI ipmitool
- Install etckeeper
- Disable root login via ssh
- Enable sudo
- Install fail2ban
- yum remove unneeded software
- yum update
- Configure GRUB serial console redirection
- Configure kdump for system panics
- Configure NUT for UPS alerts
- Configure Time Server for local network access
- Add UDP 123 to IPTables
- Configure syslog for network client writes
- Add UDP 514 to IPTables
- Add UDP 514 to IPTables
- Mount raid array
- Configure md alerts
- Enable NFS
- Add TCP 2049 to IPTables
- Disable NFSv2/3 /etc/sysconfig/nfs
- $ service rpcbind start ; chkconfig rpcbind on
- $ service nfslock start ; chkconfig nfslock on
- $ service nfs start ; chkconfig nfs on
- Enable samba
- Add TCP port 139/445 to IPTables
- Enable iSCSI
- ^ Configure bacula and web interface
- Setup mail relay
- $ echo drew > /root/.forward
- echo "andrew: drew" >> /etc/aliases; newaliases
- echo "root: drew" >> /etc/aliases; newaliases
- Remove 127.0.0.1 /etc/mail/sendmail.mc
- Add TCP port 25 to IPTables
- Configure smartd to monitor hard drives
- ^ Configure thermal alerts for server
- Configure logwatch
- Setup clamav virus protection for Samba and weekly scan
- Setup cron jobs
- Keep anacron from waking me up at night! # vi /etc/anacrontab // START_HOURS_RANGE
- Keep anacron from waking me up at night! # vi /etc/anacrontab // START_HOURS_RANGE
- ^ Configure Snort passive IDS
- ^ Transparent Proxy with Squid for bandwidth utilization tally
- Upload firmware for tv tuner card
- Setup mythtv
- Configure MythWeb
- Force http to https redirection
- Add TCP port 443 to IPTables
- Configure webdav for tomboy notes / foxit marks
- Configure mod_auth_pam for httpd authentication
- ^ Verify all log files in /var/log are not giving any errors or notifications
- ^ Check logs for whats growing!
- ls -alR /var/log | grep ^- | awk {'print $5" "$8'} | sort -k 2| sort -n