Secured CentOS 4.x i386
|
|
- Juliet Gardner
- 8 years ago
- Views:
Transcription
1 Secured CentOS 4.x i386 Created at the Lawrence Berkeley National Laboratory, In Conjunction with the FaST program and Contra Costa's HPC Program. Rev Date Author Revisions 1 08/12/05 Tjioman, Gani gtjioman@sbcglobal.net Abstract: With an increase in hacker activities, software updates and security patches have become essential to protecting network systems and workstations. This document describes one proposed method to create a Secured CentOS 4.x Operating System Workstation and an Archive NFS Server, with automated package / patch management solution, based on YUM. Secured CentOS 4.x i386 1
2 1.0 INTRODUCTION 1.1 PURPOSE SCOPE RESPONSIBILITIES / REASON FOR CHANGES PROCEDURES 2.1 REQUIRED EQUIPMENT CREATE A SECURED WORKSTATION STEP-BY-STEP PROCEDURES STEPS TO CREATE A SECURED WORKSTATION EXTRA CONFIGURATIONS METHODS TO TEST RESULT AUTOMATING CRON FOR SOFTWARE UPDATES CREATE AN NFS ARCHIVE SERVER TO COLLECT CLIENT YUM SOFTWARE UPDATE RESULTS USING CROND TO AUTOMATE YUM SOFTWARE UPGRADES ALTERNATIVE CONFIGURATION METHOD OPEN PORTS TO SELECTIVE HOST SYSTEM CONFIGURATION DATA COMPARISONS COMPARISON OF ACTIVE SYSTEM SERVICES COMPARISON RESULT OF NMAP COMPARISION RESULT OF NETSTAT DEFAULT WORKSTATION PACKAGE SELECTION Secured CentOS 4.x i386 2
3 1.0 INTRODUCTION 1.1 PURPOSE The purpose of this document is to describe one method to create a Secured CentOS 4.x Operating System Workstation and an Archive NFS Server, with automated package / patch management solution, based on YUM. 1.2 SCOPE The procedure used for the documentation was written with the ideology of implementing a Secured Linux configuration for a basic everyday research and document usage. It should be noted that an individual who requires a more complex workstation will require additional configuration, which will increase vulnerabilities to the system. 1.3 RESPONSIBLITIES / REASONS FOR CHANGES It is the responsibility of the Unix Group to maintain this document. Reason for subsequent change after its release are described in this section. Secured CentOS 4.x i386 3
4 2.0 PROCEDURES 2.1 REQUIRED EQUIPMENT CentOS 4.x (or more current), version i386, installation disk PC Computer with the following minimum spec: Intel / AMD x86 or x86_64 Processor 2.0 Ghz and above Western Drive 120 GB WD1200JB DVD / DVD-RW Drive 512 MB / 1 GB PC2700 or PC3200 DDR RAM 2.2 CREATE A SECURED WORKSTATION The following are steps to create a Secured Workstation: Steps to install and secure a Workstation (2.2.1) 1. Install Linux Workstation using CentOS Installation Disks 2. CentOS 4.x i386 Software update 3. Install necessary tools for debugging purposes 4. Disable unnecessary ports and processes that may cause security vulnerabilities 5. Configuring Permissions to directories and files 6. Disable unnecessary Default Account 7. Deny all hosts to use the local INET services 8. Configure "HOSTNAME" to specify user 9. Configure "Syslog.conf" to send logs to Central Syslog Server Extra Configurations (2.2.2) 1. Prepare, download and install the "LBL" version of Mozilla 2. Create a desktop launcher for root to add a user Methods of testing comparison between standard default and stripped down workstation (2.2.3) 1. Use "nmap" to compare the different open ports 2. Use "netstat" to compare the different processes that are listening STEP-BY-STEP PROCEDURES Use the following steps to create an image of CentOS 4.1 Workstation: STEPS TO CREATE A SECURED WORKSTATION 1. Install Linux Workstation using CentOS Installation Disks To install CentOS on a new computer, do the following: Secured CentOS 4.x i386 4
5 1. Insert CentOS 4.1 i386 Installation disk 2. Press "Enter", to install in "graphical mode" 3. Click the "Skip" button, to skip the CD/DVD test 4. Highlight "English", and click on "Next", to use English during installation 5. Highlight "U.S. English" for keyboard configuration 6. Click on the "Workstation" configuration and click on "Next" to install basic Workstation software package installation 7. Click on the "Manually Partition with Disk Druid" and press the "Next" button to partition the hard disk manually 8. Configure the partitions as follow: 1. /boot 100 MBytes ext3 partition 2. /swap 2 x (size of memory) swap partition 3. / 3 GBytes ext3 partition 4. /var 2.5 GBytes ext3 partition 5. /usr 30 GBytes ext3 partition 6. /home the rest of hard drive ext3 partition 9. Click on the "Next" button to format the hard drive 10. Accept the default value at the boot loader configuration screen and click on the "Next" button 11. On the "Network Devices" configuration screen, leave the default value and click "Next" to continue 12. For the Firewall configuration, click the "No Firewall", and leave the "Enable SELinux" to "Active" 13. Leave the "English (USA)" as the default language for the system, and click the "Next" button 14. For the Time Zone Selection screen, highlight the location most suitable to the location the Workstation will be used. For example, "America/Los_Angeles" for PacificTime. Click "Next" to move to the next screen 15. Enter and set the root's password 16. On the "Package Installation Defaults" screen, click on the "Install default software packages" and click on the "Next" button to continue 17. CentOS will now format your hard drive and install the Operating System 2. CentOS 4.1 i386 Software update To update the Operating System, do the following instructions: Secured CentOS 4.x i386 5
6 1. Login as root 2. Install the CentOS RPM signing key, by typing: # rpm --import CentOS-4 2. Once the signing key is installed, type the following: # yes /usr/bin/yum update Install necessary tools for debugging purposes Install "nmap" using yum: 1. Login as root 2. Type the following: # yes /usr/bin/yum install nmap 4. Disable unnecessary ports and processes that may cause security vulnerabilities Turn only necessary ports and processes to secure Workstation: 1. login as root 2. type setup at the command prompt, a setup menu should appear 3. using the arrow key, highlight the "System services" menu 4. using the "space bar" button, check only the services listed on the table below 5. click on the "ok" button and exit the "setup" menu NetworkManager acpid anacron apmd atd autofs bluetooth chargen Active Services Secured CentOS 4.x i386 6
7 chargen-udp cpuspeed crond cups cups-config-daemon cups-lpd daytime daytime-udp diskdump echo echo-udp eklogin gpm gssftp haldaemon iptables irda irqbalance isdn klogin krb5-telnet kshell kudzu mdmonitor mdmpd messagebus microcode_ctl netdump netfs netplugd network nfs nfslock nscd ntpd pcmcia portmap psacct rawdevices readahead readahead_early rhnsd rpcgssd rpcidmapd rpcsvcgssd rsync saslauthd sendmail smartd spamassassin Secured CentOS 4.x i386 7
8 sshd syslog time time-udp vncserver winbind xfs xinetd ypbind yum 5. Configuring Permissions to directories and files The following table is a list of configuration recommended to further secure the Workstation. Set the proper permission and configure the files and directories listed on the table below: 1. login as root 2. on the command line, use the chmod command to set each file and directory listed on the table: For example: For the /etc directory, type: # chmod -R 755 /etc to remove the writable permission for everyone except root. File / Directory Recommended Permission /etc 755 /bin 755 /sbin 755 /var 755 /dev/mem 640 /etc/init.d 755 /etc/xinetd.conf 644 Secured CentOS 4.x i386 8
9 6. Disable unnecessary Default Account The following table is a list of unnecessary Default Account that can safely be disabled in the /etc/passwd file. To disable the accounts, set the login shell in the /etc/passwd file to /sbin/nologin or /dev/null. For example, to set the default account bin to /dev/null edit the /etc/passwd file as follow: bin:x:1:1:bin:/bin:/dev/null or bin:x:1:1:bin:/bin:/sbin/nologin Login bin daemon adm lp mail news uucp operator games gopher ftp nobody dbus vcsa rpm haldaemon nscd sshd rpc rpcuser nfsnobody mailnull Recommended Passwd Configuration Secured CentOS 4.x i386 9
10 smmsp pcap xfs ntp gdm 7. Deny all hosts to use the local INET services Though, services to connect to system should be turned off at this point, to make sure that other possibilities are eliminated, use the following steps to deny all hosts to use the local INET services: 1. login as root 2. On the command line, type: # vi /etc/hosts.deny 3. Append the following line to the file: all:all 4. Save and exit the file 8. Configure "HOSTNAME" to specify user To identify the Workstation to a specific user, add the "HOSTNAME" as follow: 1. login as root 2. On the command line, type: # vi /etc/sysconfig/network 3. Append the following line to the file HOSTNAME=<user login> 4. On the command line, type: # vi /etc/hosts 5. Append the following line to the file <ip address of computer> <user login> 6. Save and exit the file Secured CentOS 4.x i386 10
11 9. Configure "Syslog.conf" to send logs to Central Syslog Server To configure the Workstation host to send all syslog information to the LBL central syslog server named syslog.lbl.gov, do the following steps: 1. login as root 2. On the command line, type: # vi /etc/syslog.conf 3. Append the following line to the file # Send copy of logs to central syslog server 4. Save and exit the file EXTRA CONFIGURATIONS 1. Prepare, download and install the "LBL" version of Mozilla. - Remove the current version of Mozilla on computer: 1. login as root 2. On the command line, type: # yum remove mozilla - Download the program: 3. Go to URL: 4. In the "Category Index", click on the "Web/ Software" link 5. Click on the "Mozilla 1.4 for Linux" to download the archive: LBNL-Mozilla-linux.tar.gz - Installing the program: 7. Move the downloaded source file in the: /root/desktop directory, to the: /usr/local/src/ directory, by typing the following at the command prompt: # mv /root/desktop/lbnl-mozilla-linux.tar.gz /usr/local/src/ 8. Go to the "/usr/local/src/" directory by typing: # cd /usr/local/src/ 9. Remove the gunzip extension of the downloaded source file, by typing: # gunzip LBNL-Mozilla-linux.tar.gz 10. Untar the file by typing: Secured CentOS 4.x i386 11
12 # tar -xvf LBNL-Mozilla-linux.tar to create a directory called LBNL-Mozilla-linux 11. Go into the LBNL-Mozilla-linux directory, by typing: # cd mozilla-installer 12. At the command prompt type: #./mozilla-installer to install mozilla 13. A "Berkeley Lab Mozilla Installer" menu should appear. 14. Follow the direction to install all the different components. 15. When asked to create the "/usr/local/mozilla/" directory, click "Yes" 16. Continue the installation. 17. Once completed, create a soft link of the mozilla executable by typing: # ln -s /usr/local/mozilla/mozilla /usr/bin/mozilla 18. To execute the LBL mozilla mail, at the command line type: # mozilla -mail & - Create an executable Mozilla Mail via "launcher" icon: 19. Right-click on the launcher icon 20. Click on the "properties", a launcher properties should appear 21. On the "command" line, delete the "launcher" line command and replace with the following command: /usr/bin/mozilla -mail & 22. Click on "Close" to close the launcher properties 2. Create a desktop launcher for root to add a user 1. login as root 2. right click on the desktop 3. highlight "Create Launcher" 4. for the "name" section, type "Add User" 5. in the "command" section, type "/usr/bin/system-config-users" 6. click the "ok" button to completed METHODS TO TEST RESULT 1. Use "nmap" to compare the different open ports Make sure to check that all ports are closed, except for port 631 (ipp services) for Secured CentOS 4.x i386 12
13 network printing capability, by typing: # nmap -ss -p T insane localhost 2. Use "netstat" to compare the different processes that are listening To use "netstat", type the following syntax at the command prompt: # netstat -a grep LISTEN After reboot, to see what is still listening, iterate through and disable unnecessary programs until the "netstat" list is as clean as possible. 2.3 AUTOMATING CRON FOR SOFTWARE UPDATES The following is one method to writing a "cron" script to execute an automated "yum" package / patch management solution. An output report should be printed to a file called "yumresult", located in the "/home/sysadmin/archivedir" directory of the Archive Server machine. This directory should be automatically mounted to the "/archivedir/" directory of the Secured Workstations CREATE AN NFS ARCHIVE SERVER TO COLLECT CLIENT YUM SOFTWARE UPDATE RESULTS To create the NFS Archive Server, we will use an image of the Secured Workstation machine we have created, with the following updates: 1. login as root 2. type setup at the command prompt, a setup menu should appear 3. highlight the "System services" menu, using the arrow key and press the enter button 4. using the "space bar" button, un-check the selection for nfs, "nfslock" & "portmap" 5. click on the "ok" button and exit the "setup" menu 6. configure system's "hostname" to "yumarchiveserver", by typing: # hostname yumarchiveserver 7. configure system's "domainname" to "yumarchiveserver.lbl.gov", by typing: # domainname yumarchiveserver.lbl.gov 8. reboot the system 9. log back in as root 10. Click on the desktop "add user" launcher, created earlier, to add a user. 11. Add "sysadmin" as a user Secured CentOS 4.x i386 13
14 12. logout root, and log back in as "sysadmin" 13. create a directory called "archivedir" in the "/home/sysadmin/" directory, by typing: # mkdir /home/sysadmin/archivedir 14. change the permission of "archivedir" directory with "777", by typing: # chmod 777 archivedir 15. add the following line to the "/etc/exports" file: /home/sysadmin/archivedir *(rw) 16. save and exit the file USING CROND TO AUTOMATE YUM SOFTWARE UPGRADES The following are steps required to automating yum for a software upgrade on Client Workstation. - Uninstall up2date application 1. login as root 2. at the command prompt, type: # yes yum remove up2date - Create a script file to execute "cron" to run "yum" updates 1. login as root 2. create an nfs archive directory "archivedir" at the root directory by typing: # mkdir /archivedir 3. create a new file at the "/etc/" directory, by typing the following at the command prompt: # vi /etc/cronyum 4. enter the following input to the file: #!/bin/bash # the script will mount an nfs directory located in the archive system, to a temporary directory in the local client machine. Updates yum, and append the result to a file called "yumresult" and "yumresult_userlist" in the "archivedir" located in the archive system. # mount NFS mount -t nfs <ip address of archive server>:/home/sysadmin/archivedir/ /archivedir/ # sleep 4 minutes sleep 4 Secured CentOS 4.x i386 14
15 echo " " >> /archivedir/yumresult echo "Yum output from host: `hostname`" >> /archivedir/yumresult # execute an automatic yum update (yes /usr/bin/yum update) >> /archivedir/yumresult # append a line to a server file for acknowledgment echo "cron completed at " `date` >> /archivedir/yumresult # write a list of users who have completed yum update script echo `hostname` " " `date` >> /archivedir/yumresult_userlist # unmount the NFS directory from the local client machine umount /archivedir 5. save the file and exit 6. change the permission to 755 for /etc/cronyum by typing, # chmod 755 /etc/cronyum 7. to activate "cron", type the following at the command prompt: # crontab -e 8. an empty "vi" editor should open. 9. to execute yum to automatically install updates at 1:30 am every Monday morning, add the following line to the file: 30 1 * * mon /etc/cronyum 10. save and close the file 11. to execute the "cron" process, type the following at the command prompt: # service crond start Secured CentOS 4.x i386 15
16 2.4 ALTERNATIVE CONFIGURATION METHOD OPEN PORTS TO SELECTIVE HOST SYSTEM CONFIGURATION If a user request to enable port 22 of SSH, make sure to configure hosts.allow and hosts.deny files properly, to allow only a certain user into the system. - Turn off sshd (SSH) to open port login as root 2. type setup at the command prompt, a setup menu should appear 3. highlight the "System services" menu, using the arrow key and press the enter button 4. using the "space bar" button, check the selection for ssh 5. click on the "ok" button and exit the "setup" menu 6. at the command prompt, type: "/etc/init.d/sshd start" - Edit the "hosts.allow" and hosts.deny files to restrict connections 1. at the command prompt, type: # vi /etc/hosts.allow 2. go to the bottom of the file and use the following syntax to restrict access: <the service(s) to enable>: <host ip address> For example, to enable the "sshd" services for host , add the line as follow: sshd: Or to enable all the ports / services, type: all: save the file and exit the editor 4. type the following on the command prompt: # vi /etc/hosts.deny 5. at the bottom of the file, add the following line to block all connection request from unlisted hosts: all:all 6. save the file and exit the editor 7. reboot system Secured CentOS 4.x i386 16
17 2.5 DATA COMPARISONS The data taken are comparisons between a default installed Workstation to the Secured Workstation COMPARISON OF ACTIVE SYSTEM SERVICES The following graph shows a comparison of system services between a default Workstation to a Secured Workstation: Active Default Action Taken Result of Active Services NetworkManager acpid activated anacron activated deactivate apmd activated deactivate atd activated deactivate autofs activated bluetooth chargen chargen-udp cpuspeed activated deactivate crond activated cups activated cups-config-daemon activated deactivate cups-lpd daytime daytime-udp diskdump echo echo-udp eklogin gpm activated deactivate gssftp haldaemon activated iptables activated irda irqbalance activated isdn activated deactivate klogin krb5-telnet kshell kudzu activated mdmonitor activated deactivate mdmpd messagebus activated microcode_ctl activated netdump Secured CentOS 4.x i386 17
18 netfs activated deactivate netplugd network activated nfs nfslock activated deactivate nscd ntpd pcmcia activated deactivate portmap Activated deactivate psacct rawdevices activated deactivate readahead activated deactivate readahead_early activated deactivate rhnsd rpcgssd activated deactivate rpcidmapd activated deactivate rpcsvcgssd activated deactivate rsync saslauthd sendmail Activated smartd activated spamassassin sshd activated deactivate syslog activated deactivate time time-udp vncserver winbind xfs activated xinetd activated deactivate ypbind yum COMPARISON RESULT OF NMAP There are several methods to test the result of the Secured Workstation. One method is to use NMAP, a free port scanning software, designed to detect open ports on targeted computer. The software determines which port services are open on the localhost computer. The result of NMAP are shown below, between default Workstation and Secured Workstation, when used as such: # nmap -ss -p T insane localhost Secured CentOS 4.x i386 18
19 Default CentOS Workstation Secured CentOS Workstation Secured CentOS 4.x i386 19
20 Note that, all service ports, except for port 631 of Internet Printing Protocol Service (IPP) are closed, for the Secured Workstation image. This is compared to that of the Default Workstation, where port 22 (SSH), port 25 (SMTP), port 111 (rpcbind), port 631 (IPP), and port (Status) are open. The result shows that the Secured Workstation has much less of security vulnerability with less ports opened COMPARISION RESULT OF NETSTAT Using NETSTAT in the following format: # netstat -a grep LISTEN will show what is still listening after reboot. Below is a comparison of the different services after reboot, between the Default and Secured Workstation: Secured CentOS 4.x i386 20
21 Default CentOS Workstation Secured CentOS 4.x i386 21
22 Secured CentOS Workstation DEFAULT WORKSTATION PACKAGE SELECTION Below is a list of installed packages for the Default Workstation setup. Package Installed # of Packages Installed Desktops X Window System Installed 38 out of 42 GNOME Desktop Environment Installed 41 out of 42 KDE (K Desktop Environment) 0 out of 14 Secured CentOS 4.x i386 22
23 Applications Editors Installed 2 out of 5 Engineering and Scientific 0 out of 7 Graphical Internet Installed 6 out of 10 Text-based Internet Installed 4 out of 4 Office/Productivity Installed 6 out of 9 Sound and Video Installed 12 out of 16 Authoring and Publishing 0 out of 12 Graphics Installed 11 out of 13 Games and Entertainment 0 out of 1 Servers Server Configuration Tools 0 out of 12 Web Server 0 out of 20 Mail Server 0 out of 12 Windows File Server 0 out of 3 DNS Name Server 0 out of 3 FTP Server 0 out of 1 PostgreSQL Database 0 out of 16 MySQL Database 0 out of 14 News Server 0 out of 1 Network Servers 0 out of 13 Legacy Network Server 0 out of 9 Development Development Tools Installed 55 out of 71 X Software Development Installed 16 out of 18 GNOME Software Development Installed 30 out of 30 KDE Software Development 0 out of 20 Legacy Software Development 0 out of 5 System Administration Tools Installed 11 out of 12 System Tools 0 out of 33 Printing Support Installed 11 out of 12 Miscellaneous Everything Minimal Secured CentOS 4.x i386 23
NATIONAL POPULATION REGISTER (NPR)
NATIONAL POPULATION REGISTER (NPR) Project Name: NPR Version No: 1.0.0 Release Date: Group Name: NPR-ECIL Version Date: LINUX SERVER INSTALLATION AND CONFIGURATION FOR JAVA BASED NPR DATAENTRY SOFTWARE
More informationThe Ten Minute Guide to Setting Up a Linux Web Server
Hentzenwerke Whitepaper Series The Ten Minute Guide to Setting Up a Linux Web Server By Whil Hentzen Here's a quick tutorial to the essential steps involved in setting up a Linux Web Server, using Fedora
More informationNetwork Infrastructure Security Recommendations
Hardening Red Hat Enterprise Linux Ensure that file systems with user-writeable directories (ie /home, /tmp, /var/tem) are mounted on separate partitions. Ensure updates are applied as soon as they become
More informationUsing Red Hat Enterprise Linux with Georgia Tech's RHN Satellite Server Installing Red Hat Enterprise Linux
Using Red Hat Enterprise Linux with Georgia Tech's RHN Satellite Server Installing Red Hat Enterprise Linux NOTE: If you need more information regarding the installation process for other distributions
More informationOS Installation Guide Red Hat Linux 9.0
OS Installation Guide Red Hat Linux 9.0 C o n t e n t s Contents 3 About This Guide 5 1 Planning Your Installation 7 Requirements 7 2 Installing Red Hat 9.0 Error! Bookmark not defined. What s Next? 19
More informationGetting Started With Your Virtual Dedicated Server. Getting Started Guide
Getting Started Guide Getting Started With Your Virtual Dedicated Server Setting up and hosting a domain on your Linux Virtual Dedicated Server using Plesk 8.0. Getting Started with Your Virtual Dedicated
More informationDeploying IBM Lotus Domino on Red Hat Enterprise Linux 5. Version 1.0
Deploying IBM Lotus Domino on Red Hat Enterprise Linux 5 Version 1.0 November 2008 Deploying IBM Lotus Domino on Red Hat Enterprise Linux 5 1801 Varsity Drive Raleigh NC 27606-2072 USA Phone: +1 919 754
More informationLOCKSS on LINUX. Installation Manual and the OpenBSD Transition 02/17/2011
LOCKSS on LINUX Installation Manual and the OpenBSD Transition 02/17/2011 1 Table of Contents Overview... 3 LOCKSS Hardware... 5 Installation Checklist... 7 BIOS Settings... 10 Installation... 11 Firewall
More informationLinux System Administration on Red Hat
Linux System Administration on Red Hat Kenneth Ingham September 29, 2009 1 Course overview This class is for people who are familiar with Linux or Unix systems as a user (i.e., they know file manipulation,
More informationGetting Started Guide. Getting Started With Your Dedicated Server. Setting up and hosting a domain on your Linux Dedicated Server using Plesk 8.0.
Getting Started Guide Getting Started With Your Dedicated Server Setting up and hosting a domain on your Linux Dedicated Server using Plesk 8.0. Getting Started with Your Dedicated Server Plesk 8.0 Version
More informationLOCKSS on LINUX. CentOS6 Installation Manual 08/22/2013
LOCKSS on LINUX CentOS6 Installation Manual 08/22/2013 1 Table of Contents Overview... 3 LOCKSS Hardware... 5 Installation Checklist... 6 BIOS Settings... 9 Installation... 10 Firewall Configuration...
More informationGetting Started With Your Virtual Dedicated Server. Getting Started Guide
Getting Started Guide Getting Started With Your Virtual Dedicated Server Setting up and hosting a domain on your Linux Virtual Dedicated Server using cpanel. Getting Started with Your Virtual Dedicated
More informationTANDBERG MANAGEMENT SUITE 10.0
TANDBERG MANAGEMENT SUITE 10.0 Installation Manual Getting Started D12786 Rev.16 This document is not to be reproduced in whole or in part without permission in writing from: Contents INTRODUCTION 3 REQUIREMENTS
More informationGetting Started With Your Virtual Dedicated Server. Getting Started Guide
Getting Started Guide Getting Started With Your Virtual Dedicated Server Setting up and hosting a domain on your Linux Virtual Dedicated Server using Simple Control Panel. Getting Started with Your Virtual
More informationParallels Plesk Panel 11 for your Linux server
Getting Started Guide Parallels Plesk Panel 11 for your Linux server Getting Started Guide Page 1 Getting Started Guide: Parallels Plesk Panel 11, Linux Server Version 1.1 (11.1.2012) Copyright 2012. All
More informationII. Installing Debian Linux:
Debian Linux Installation Lab Spring 2013 In this lab you will be installing Debian Linux in a KVM (Kernel Virtual Machine). You will be guided through a series of steps to setup the network (IP addresses,
More informationRed Hat Linux 7.2 Installation Guide
Red Hat Linux 7.2 Installation Guide Ryan Spangler spanglerrp22@uww.edu http://ceut.uww.edu April 2002 Department of Business Education/ Computer and Network Administration Copyright Ryan Spangler 2002
More informationSimple. Control Panel. for your Linux Server. Getting Started Guide. Simple Control Panel // Linux Server
Getting Started Guide Simple Control Panel for your Linux Server Getting Started Guide Page 1 Getting Started Guide: Simple Control Panel, Linux Server Version 2.1 (02.01.10) Copyright 2010. All rights
More informationLinux Server Configuration Guidelines
Linux Server Configuration Guidelines This document is meant to be a living document and intended to accompany more detailed, step- by- step resources. Suggestions in this document are taken from administrators
More informationLocal Caching Servers (LCS): User Manual
Local Caching Servers (LCS): User Manual Table of Contents Local Caching Servers... 1 Supported Browsers... 1 Getting Help... 1 System Requirements... 2 Macintosh... 2 Windows... 2 Linux... 2 Downloading
More informationInstalling an IBM Workplace/Portal Server on Linux
Installing an IBM Workplace/Portal Server on Linux Auteur Roel Broersma Versie 1.0 Page 1 of 9 Installing an IBM Workplace/Portal Server on Linux... 1 1. Introduction... 3 2. Installing CentOS... 4 3.
More information25265 - SYSTEM ADMINISTRATION LAB
25265 - SYSTEM ADMINISTRATION LAB Ex.NO:1 Installation of Windows Server 2003 AIM: To write Installation of Windows 2003 Server. PROCEDURE: To install Windows Server 2003: 1 Insert the Windows Server 2003
More informationParallels Plesk Panel 11 for your Windows Server
Getting Started Guide Parallels Plesk Panel 11 for your Windows Server Getting Started Guide Page 1 Getting Started Guide: Parallels Plesk Panel 11, Windows Server Version 1.1 (11.1.2012) Copyright 2012.
More informationInstallation & Configuration Guide for Solaris 8
Installation & Configuration Guide for Solaris 8 Document version 1.1.2, 2003-02-27 CWRU Information Technology Services If you have any questions or problems using these instructions, simply contact the
More informationA candidate following a programme of learning leading to this unit will be able to:
Unit 24: Linux+ Learning Outcomes A candidate following a programme of learning leading to this unit will be able to: Demonstrate knowledge of planning the implementation Show knowledge of how to install
More informationGetting Started With Your Virtual Dedicated Server. Getting Started Guide
Getting Started Guide Getting Started With Your Virtual Dedicated Server Setting up and hosting a domain on your Windows Server 2003 Virtual Dedicated Server using Plesk. Getting Started with Your Virtual
More informationMonitoring a Linux Mail Server
Monitoring a Linux Mail Server Mike Weber mweber@spidertools.com] Various Methods to Monitor Mail Server Public Ports SMTP on Port 25 POPS on Port 995 IMAPS on Port 993 SNMP Amavis on Port 10024 Reinjection
More informationGetting Started in Red Hat Linux An Overview of Red Hat Linux p. 3 Introducing Red Hat Linux p. 4 What Is Linux? p. 5 Linux's Roots in UNIX p.
Preface p. ix Getting Started in Red Hat Linux An Overview of Red Hat Linux p. 3 Introducing Red Hat Linux p. 4 What Is Linux? p. 5 Linux's Roots in UNIX p. 6 Common Linux Features p. 8 Primary Advantages
More informationSecurity Correlation Server Quick Installation Guide
orrelogtm Security Correlation Server Quick Installation Guide This guide provides brief information on how to install the CorreLog Server system on a Microsoft Windows platform. This information can also
More informationTable of Contents. Introduction. Audience. At Course Completion. Prerequisites
Table of Contents Introduction Audience At Course Completion Prerequisites Certified Professional Exams Student Materials Course Outline Introduction This in-depth, 5-day course helps students acquire
More informationSecure File Transfer Installation. Sender Recipient Attached FIles Pages Date. Development Internal/External None 11 6/23/08
Technical Note Secure File Transfer Installation Sender Recipient Attached FIles Pages Date Development Internal/External None 11 6/23/08 Overview This document explains how to install OpenSSH for Secure
More informationIntroduction to Operating Systems
Introduction to Operating Systems It is important that you familiarize yourself with Windows and Linux in preparation for this course. The exercises in this book assume a basic knowledge of both of these
More informationProcedure to Create and Duplicate Master LiveUSB Stick
Procedure to Create and Duplicate Master LiveUSB Stick A. Creating a Master LiveUSB stick using 64 GB USB Flash Drive 1. Formatting USB stick having Linux partition (skip this step if you are using a new
More informationGroundWork Monitor Open Source 5.1.0 Installation Guide
GroundWork Monitor Open Source 5.1 is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version
More informationCacti The ULTIMATE Management Solution
Cacti The ULTIMATE Management Solution Cacti SNMP Management Installation HOW-TO For Linux Author: Lee Carter Published: October 20 th 2004 Version 2 Updated November 1, 2004 Table of Contents Purpose...3
More informationHow To Run A Linux Agent On Alandesk (For Free) On A Linux Server (For A Non-Free) On Your Ubuntu Computer (For Cheap) On An Ubuntu 2.5 (For Ubuntu) On Linux
LANDesk Management Suite 8.8 SP3 Best Known Method for Managing Linux Agents Contents Introduction... 4 Scope... 4 Assumptions... 4 Supported Linux Platforms... 4 Prerequisite Software... 4 The Linux Agent
More informationHow to install PowerChute Network Shutdown on VMware ESXi 3.5, 4.0 and 4.1
How to install PowerChute Network Shutdown on VMware ESXi 3.5, 4.0 and 4.1 Basic knowledge of Linux commands and Linux administration is needed before user should attempt the installation of the software.
More informationTrend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice.
Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice. Before installing and using the software, please review the readme files,
More informationOperating System Installation Guidelines
Operating System Installation Guidelines The following document guides you step-by-step through the process of installing the operating systems so they are properly configured for boot camp. The document
More informationGetting Started With Your Dedicated Server. Getting Started Guide
Getting Started Guide Getting Started With Your Dedicated Server Setting up and hosting a domain on your Windows Server 2003 Dedicated Server using Plesk. Getting Started with Your Dedicated Server Version
More informationTutorial Guide to the IS Unix Service
Tutorial Guide to the IS Unix Service The aim of this guide is to help people to start using the facilities available on the Unix and Linux servers managed by Information Services. It refers in particular
More informationBasic Installation of the Cisco Collection Manager
CHAPTER 3 Basic Installation of the Cisco Collection Manager Introduction This chapter gives the information required for a basic installation of the Cisco Collection Manager and the bundled Sybase database.
More informationDocuShare Installation Guide
DocuShare Installation Guide Publication date: February 2011 This document supports DocuShare Release 6.6.1 Prepared by: Xerox Corporation DocuShare Business Unit 3400 Hillview Avenue Palo Alto, California
More informationCreate a virtual machine at your assigned virtual server. Use the following specs
CIS Networking Installing Ubuntu Server on Windows hyper-v Much of this information was stolen from http://www.isummation.com/blog/installing-ubuntu-server-1104-64bit-on-hyper-v/ Create a virtual machine
More informationParallels. for your Linux or Windows Server. Small Business Panel. Getting Started Guide. Parallels Small Business Panel // Linux & Windows Server
Getting Started Guide Parallels Small Business Panel for your Linux or Windows Server Getting Started Guide Page 1 Getting Started Guide: Parallels Small Business Panel, Linux & Windows Server Version
More informationCloud.com CloudStack Community Edition 2.1 Beta Installation Guide
Cloud.com CloudStack Community Edition 2.1 Beta Installation Guide July 2010 1 Specifications are subject to change without notice. The Cloud.com logo, Cloud.com, Hypervisor Attached Storage, HAS, Hypervisor
More informationGroundWork Monitor Community Edition 5.2.1 Install Guide VMware Virtual Appliance
GroundWork Monitor Community Edition is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version
More informationAvira Update Manager User Manual
Avira Update Manager User Manual Table of contents Table of contents 1. Product information........................................... 4 1.1 Functionality................................................................
More informationTimeIPS Server. IPS256T Virtual Machine. Installation Guide
TimeIPS Server IPS256T Virtual Machine Installation Guide TimeIPS License Notification The terms and conditions applicable to the license of the TimeIPS software, sale of TimeIPS hardware and the provision
More informationParallels Plesk Panel 9.2
Getting Started Guide Parallels Plesk Panel 9.2 for your Windows Server Getting Started Guide Page 1 Getting Started Guide: Parallels Plesk Panel 9.2, Windows Server Version 2.2 (1.6.2012) Copyright 2012.
More informationRed Hat Linux Administration II Installation, Configuration, Software and Troubleshooting
Course ID RHL200 Red Hat Linux Administration II Installation, Configuration, Software and Troubleshooting Course Description Students will experience added understanding of configuration issues of disks,
More informationInstallation Guide for WebSphere Application Server (WAS) and its Fix Packs on AIX V5.3L
Installation Guide for WebSphere Application Server (WAS) and its Fix Packs on AIX V5.3L Introduction: This guide is written to help any person with little knowledge in AIX V5.3L to prepare the P Server
More informationDell Proximity Printing Solution. Installation Guide
Dell Proximity Printing Solution Installation Guide Notes and Cautions NOTE: A NOTE indicates important information that helps you make better use of your computer. CAUTION: A CAUTION indicates potential
More informationThe 2013 Experimental Warning Program (EWP) Virtual Weather Event Simulator (WES) Windows & Linux Installation Documentation
The 2013 Experimental Warning Program (EWP) Virtual Weather Event Simulator (WES) Windows & Linux Installation Documentation National Severe Storms Laboratory (NSSL) Norman, OK Contents I WINDOWS CONFIGURATION
More informationSigniant Agent installation
Signiant Agent installation Release 11.3.0 March 2015 ABSTRACT Guidelines to install the Signiant Agent software for the WCPApp. The following instructions are adapted from the Signiant original documentation
More information42goISP Documentation
42goISP Documentation 42goISP Documentation I Table of Contents General...1 1 What is 42goISP?...1 2 Terms and structure of the manual...1 3 Installation/Upgrade/Deinstallation...1 3.1 Installation...1
More informationUser Manual of the Pre-built Ubuntu 9 Virutal Machine
SEED Document 1 User Manual of the Pre-built Ubuntu 9 Virutal Machine Copyright c 2006-2011 Wenliang Du, Syracuse University. The development of this document is funded by the National Science Foundation
More informationQNX Software Development Platform 6.6. Installation Guide
QNX Software Development Platform 6.6 QNX Software Development Platform 6.6 Installation Guide Table of Contents Table of Contents Preface: About This Guide...iv Typographical conventions...v Before you
More information4PSA Total Backup 3.0.0. User's Guide. for Plesk 10.0.0 and newer versions
4PSA Total Backup 3.0.0 for Plesk 10.0.0 and newer versions User's Guide For more information about 4PSA Total Backup, check: http://www.4psa.com Copyright 2009-2011 4PSA. User's Guide Manual Version 84359.5
More informationHow To Set Up A Backupassist For An Raspberry Netbook With A Data Host On A Nsync Server On A Usb 2 (Qnap) On A Netbook (Qnet) On An Usb 2 On A Cdnap (
WHITEPAPER BackupAssist Version 5.1 www.backupassist.com Cortex I.T. Labs 2001-2008 2 Contents Introduction... 3 Hardware Setup Instructions... 3 QNAP TS-409... 3 Netgear ReadyNas NV+... 5 Drobo rev1...
More informationfreesshd SFTP Server on Windows
freesshd SFTP Server on Windows Configuration Steps: Setting up the Bridgestone User ID... 2 Setup the freesshd Server... 3 Login as the Bridgestone User ID using WinSCP... 5 Create Default Bridgestone
More informationPartek Flow Installation Guide
Partek Flow Installation Guide Partek Flow is a web based application for genomic data analysis and visualization, which can be installed on a desktop computer, compute cluster or cloud. Users can access
More informationCONNECTING TO DEPARTMENT OF COMPUTER SCIENCE SERVERS BOTH FROM ON AND OFF CAMPUS USING TUNNELING, PuTTY, AND VNC Client Utilities
CONNECTING TO DEPARTMENT OF COMPUTER SCIENCE SERVERS BOTH FROM ON AND OFF CAMPUS USING TUNNELING, PuTTY, AND VNC Client Utilities DNS name: turing.cs.montclair.edu -This server is the Departmental Server
More informationMoxa Device Manager 2.0 User s Guide
First Edition, March 2009 www.moxa.com/product 2009 Moxa Inc. All rights reserved. Reproduction without permission is prohibited. Moxa Device Manager 2.0 User Guide The software described in this manual
More informationPlexxi Control Installation Guide Release 2.1.0
Plexxi Control Installation Guide Release 2.1.0 702-20002-10 Rev 1.2 February 19, 2015 100 Innovative Way - Suite 3322 Nashua, NH 03062 Tel. +1.888.630.PLEX (7539) www.plexxi.com Notices The information
More informationTopaz Installation Sheet
Topaz Installation Sheet P/N 460924001E ISS 08FEB12 Content Introduction... 3 Recommended minimum requirements... 3 Setup for Internet Explorer:... 4 Topaz installation... 10 Technical support... 14 Copyright
More informationRed Hat Certifications: Red Hat Certified System Administrator (RHCSA)
Red Hat Certifications: Red Hat Certified System Administrator (RHCSA) Overview Red Hat is pleased to announce a new addition to its line of performance-based certifications Red Hat Certified System Administrator
More informationConfiguring Secure Linux Hosts
A Perspective on Practical Security 2005 by Landon Curt Noll BOSTON NEW YORK SAN FRANCISCO SACRAMENTO CHARLOTTE WASHINGTON DC Introduction Congratulations! You have just installed Linux; an Open Source
More informationDocuShare Installation Guide
DocuShare Installation Guide Publication date: May 2009 This document supports DocuShare Release 6.5/DocuShare CPX Release 6.5 Prepared by: Xerox Corporation DocuShare Business Unit 3400 Hillview Avenue
More information13. Configuring FTP Services in Knoppix
13. Configuring FTP Services in Knoppix Estimated Time: 45 minutes Objective In this lab, the student will configure Knoppix as an FTP server. Equipment The following equipment is required for this exercise:
More informationSecurity Correlation Server Quick Installation Guide
orrelog Security Correlation Server Quick Installation Guide This guide provides brief information on how to install the CorreLog Server system on a Microsoft Windows platform. This information can also
More informationLinux Security Ideas and Tips
Linux Security Ideas and Tips Hugh Brown Sr. Systems Administrator ITS Enterprise Infrastructure University of Iowa October 8, 2014 Hugh Brown (University of Iowa) Linux Security Ideas and Tips October
More informationHOMEROOM SERVER INSTALLATION & NETWORK CONFIGURATION GUIDE
HOMEROOM SERVER INSTALLATION & NETWORK CONFIGURATION GUIDE Level 1, 61 Davey St Hobart, TAS 7000 T (03) 6165 1555 www.getbusi.com Table of Contents ABOUT THIS MANUAL! 1 SYSTEM REQUIREMENTS! 2 Hardware
More informationUser Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream
User Manual Onsight Management Suite Version 5.1 Another Innovation by Librestream Doc #: 400075-06 May 2012 Information in this document is subject to change without notice. Reproduction in any manner
More informationPenetration Testing LAB Setup Guide
Penetration Testing LAB Setup Guide (External Attacker - Intermediate) By: magikh0e - magikh0e@ihtb.org Last Edit: July 06 2012 This guide assumes a few things... 1. You have read the basic guide of this
More informationLinux System Administration. System Administration Tasks
System Administration Tasks User and Management useradd - Adds a new user account userdel - Deletes an existing account usermod - Modifies an existing account /etc/passwd contains user name, user ID #,
More informationInstallation Guide for FTMS 1.6.0 and Node Manager 1.6.0
Installation Guide for FTMS 1.6.0 and Node Manager 1.6.0 Table of Contents Overview... 2 FTMS Server Hardware Requirements... 2 Tested Operating Systems... 2 Node Manager... 2 User Interfaces... 3 License
More informationSemantic based Web Application Firewall (SWAF - V 1.6)
Semantic based Web Application Firewall (SWAF - V 1.6) Installation and Troubleshooting Manual Document Version 1.0 1 Installation Manual SWAF Deployment Scenario: Client SWAF Firewall Applications Figure
More informationNewton Linux User Group Graphing SNMP with Cacti and RRDtool
Newton Linux User Group Graphing SNMP with Cacti and RRDtool Summary: Cacti is an interface that can be used to easily manage the graphing of SNMP data. These graphs allow you to visualize performance
More informationLinux Overview. Local facilities. Linux commands. The vi (gvim) editor
Linux Overview Local facilities Linux commands The vi (gvim) editor MobiLan This system consists of a number of laptop computers (Windows) connected to a wireless Local Area Network. You need to be careful
More informationWhite Paper. Fabasoft on Linux - Preparation Guide for Community ENTerprise Operating System. Fabasoft Folio 2015 Update Rollup 2
White Paper Fabasoft on Linux - Preparation Guide for Community ENTerprise Operating System Fabasoft Folio 2015 Update Rollup 2 Copyright Fabasoft R&D GmbH, Linz, Austria, 2015. All rights reserved. All
More informationInstallation Notes for Outpost Network Security (ONS) version 3.2
Outpost Network Security Installation Notes version 3.2 Page 1 Installation Notes for Outpost Network Security (ONS) version 3.2 Contents Installation Notes for Outpost Network Security (ONS) version 3.2...
More informationISPConfig Documentation
ISPConfig Documentation ISPConfig Documentation I Table of Contents General...1 1 What is ISPConfig?...1 2 Terms and structure of the manual...1 3 Installation/Upgrade/Deinstallation...1 3.1 Installation...1
More informationEasy Setup Guide 1&1 CLOUD SERVER. Creating Backups. for Linux
Easy Setup Guide 1&1 CLOUD SERVER Creating Backups for Linux Legal notice 1&1 Internet Inc. 701 Lee Road, Suite 300 Chesterbrook, PA 19087 USA www.1and1.com info@1and1.com August 2015 Copyright 2015 1&1
More informationGo to CGTech Help Library. Installing CGTech Products
Go to CGTech Help Library Installing CGTech Products VERICUT Installation Introduction to Installing VERICUT Installing and configuring VERICUT is simple, typically requiring only a few minutes for most
More informationCloudPortal Business Manager 2.2 POC Cookbook
CloudPortal Business Manager 2.2 POC Cookbook February 9, 2014 Contents 1 Overview... 3 2 Prepare CloudPlatform to Be Used with CloudPortal Business Manager... 4 2.1 Assumptions... 4 2.2 Steps to configure
More informationHow to Tunnel Remote Desktop using SSH (Cygwin) for Windows XP (SP2)
How to Tunnel Remote Desktop using SSH (Cygwin) for Windows XP (SP2) The ssh server is an emulation of the UNIX environment and OpenSSH for Windows, by Redhat, called cygwin This manual covers: Installation
More informationInstalling the SSH Client v3.2.2 For Microsoft Windows
WIN1011 June 2003 Installing the SSH Client v3.2.2 For Microsoft Windows OVERVIEW... 1 SYSTEM REQUIREMENTS... 2 INSTALLING THE SSH PACKAGE... 2 STARTING THE PROGRAMS... 5 USING THE SHELL CLIENT... 8 USING
More informationLinux Boot Camp. Our Lady of the Lake University Computer Information Systems & Security Department Kevin Barton Artair Burnett
Linux Boot Camp Our Lady of the Lake University Computer Information Systems & Security Department Kevin Barton Artair Burnett Schedule for the Week Schedule for the Week Mon Welcome from Enrollment Management
More informationInstallation and Deployment
Installation and Deployment Help Documentation This document was auto-created from web content and is subject to change at any time. Copyright (c) 2016 SmarterTools Inc. Installation and Deployment SmarterStats
More informationGLS250 "Enterprise Linux Systems Administration"
GLS250 "Enterprise Linux Systems Administration" Intended for students already comfortable with working in the Unix environment, this in-depth course helps students acquire the variety of skills needed
More informationKhóa học Enterprise Linux System Administration
Khóa học chuyên sâu vào công việc cài đặt, quản lý và bảo trì hệ thống linux bao gồm cả máy chủ và máy trạm. Nội dung chủ yếu gồm cài đăt, quản trị người dùng, quản trị file, quotas, FACLs, RAID and LVM;
More informationINSTALL ZENTYAL SERVER
GUIDE FOR Zentyal Server is a small business server based on Ubuntu s LTS server version 10.04 and the ebox platform. It also has the LXDE desktop installed with Firefox web browser and PCMAN File manager.
More informationConfiguring MailArchiva with Insight Server
Copyright 2009 Bynari Inc., All rights reserved. No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any
More informationUsing ESXi with PowerChute Business Edition
Using ESXi with PowerChute Business Edition This help covers the following topics: Installing vma for an ESXi Host Server Configuring and Running ESXi 1 Installing vma for an ESXi Host Server vsphere Management
More informationNovell Identity Manager Resource Kit
AUTHORIZED DOCUMENTATION Installation Guide for SUSE Linux Enterprise Server 10 SP2 Novell Identity Manager Resource Kit 1.2 August 17, 2009 www.novell.com Identity Manager Resource Kit 1.2 Installation
More informationNavigating the Rescue Mode for Linux
Navigating the Rescue Mode for Linux SUPPORT GUIDE DEDICATED SERVERS ABOUT THIS GUIDE This document will take you through the process of booting your Linux server into rescue mode to identify and fix the
More informationPearl Echo Installation Checklist
Pearl Echo Installation Checklist Use this checklist to enter critical installation and setup information that will be required to install Pearl Echo in your network. For detailed deployment instructions
More informationRunning a Default Vulnerability Scan
Running a Default Vulnerability Scan A Step-by-Step Guide www.saintcorporation.com Examine. Expose. Exploit. Welcome to SAINT! Congratulations on a smart choice by selecting SAINT s integrated vulnerability
More information