> sudo apt-get update
> sudo apt-get upgrade

this will run loads of installs and type “y” for yes if you have to. After installing, reboot.

Now you need to setup your date time. there are other methods but this method adjusts and prevents time drift. You can make this more complicated via NTP daemon. Read this https://help.ubuntu.com/12.04/serverguide/NTP.html

setting local of system, which adds compilers to your server. Notice we use Sudo alot? Its meaning to run the command as the super user (Super User DO).

> sudo apt-get install build-essential

Nano is a great text editor that is simple and easy to use. You will need to frequently use ctrl+x to save and quit once you finish your changes. Here we use nano to edit the password file of your server. After entering the command below, find your username and change from bin/sh to bin/bash. For example:”myuser:x:1000:1001::/home/myuser:/bin/sh” to “myuser:x:1000:1001::/home/myuser:/bin/bash”

> sudo nano /etc/passwd

This command is to load the default shell as bash. Bash shell has more commands and is easier to use.

Installing Security Packages – ClamAV and NMAP

ClamAV is a general antivirus which is constantly maintained by public and a group of dedicated team. Kudos to them! To install and start a basic scan, enter in terminal and run,

> sudo apt-get install clamav
> sudo freshclam -r -i

There are a few methods to make clamAV a default daemon mode so you can invoke this via other applications. Mailservers can find this very useful. Another use is if you have upload folders.
NMAP is a port scanner to see if you have open ports

> sudo apt-get install nmap
> sudo nmap [IPAddress]

In command line, key in the following.

> sudo apt-get install ufw
> sudo ufw enable
> sudo ufw status
> sudo ufw logging on [this enables logging]
> sudo ufw allow ssh
> sudo ufw allow 80/tcp
> sudo ufw allow ftp
> sudo ufw allow smtp

To enable FTP to successfully go through your firewall, you might need to open certain ports. The example below opens from 20000 to 20999.

> sudo ufw allow ftps
> sudo ufw allow proto tcp from any to any port 20000:20999
> sudo ufw delete allow ftps [this is to delete a rule]
> sudo ufw status [this is to view the firewall]

Now reboot your machine. you can do this easily via command line below.

> sudo reboot

Using CHKROOTKIT

> apt-get install chkrootkit
> chkrootkit

Moving around Ubuntu Server 12.04

The following are places which are commonly accessed by admins

• /etc/init.d/… – directory where all your application controls are stored
• /etc/… – directory where your applications are stored
• /var/www/… – directory where your web server html/php files are stored
• /var/log/… – directory where your log files are stored
• /home/…. – directory where home directory of your users are held
• /etc/passwd – file which stores the password
• /etc/shadow – file which I cant remember what this is for
• /etc/group – file which shows how groups and users are defined for this system

Some nice Commands

• if php5-cgi is installed, you can find the version of Php: php-cgi -v
• copy command: sudo cp /mysource /mytarget
• changes the permissions of the folder or file: chmod -R 777 myfolder
• secure access into another machine: ssh asd@123.45.67.89
• view memory usage: free -m
• shows which group user mydomain is in: grep mydomain /etc/group
• usermod -a -G adm demo
• Top / ps -ef
• vmstat 1 [si so is the swap]
• crontab -e [to edit]
• crontab -l [to list]
• To find out if a file exists and create one if there isnt one: touch filename

References

• Ref: https://help.ubuntu.com/community/InstallingSecurityTools
• SECURE KEY GENERATION: ADMIN USER + PUBLIC KEY
• http://cloudservers.rackspacecloud.com/index.php/Ubuntu_-_Setup
• http://www.cyberciti.biz/faq/howto-linux-add-user-to-group/
• http://www.kalzumeus.com/2010/12/12/staging-servers-source-control-deploy-workflows-and-other-stuff-nobody-teaches-you/