nuy

1. SSH service security settings The SSH service allows root user login by default. Since the root user already knows the username, if the password is known, he can log in to the server with administrator rights. 1.1 Creating a general user If you have created a general user during the installation of Ubuntu 20, this step is not necessary. If the only user created on the server is root, you will not be able to log in remotely via SSH, so if you have not created a user when you installed the OS, you will need to create one beforehand. To create a user, use the "useradd" command. The "-m" option is used to create a home directory and the "-p" option is used to specify a password. For example, to set "ubuntuuser" as the user account name and "123456" as the password, you would run

オープンソースの統合監視ソフトウェア「Zabbix」 Zabbix とは、サーバー、ネットワーク、アプリケーションを集中監視するためのオープンソースの統合監視ソフトウェアです。統合監視に必要な監視、障害検知、通知機能を備えています。多数のプラットフォームに対応した Zabbix エージェントと SNMP に対応しているため、システム全体を Zabbix ひとつで監視することが可能です。 Zabbixを実行するにはPHPプログラミング言語、データベースサーバーとしてはMySQL、ApacheやNginxなどのWebサーバーが必要です。今回はこれらすべてが構成済みという前提で進めます。  1. Zabbixインストール 1.1 Zabbixリポジトリを設定 Zabbix公式チームは、Debianベースのシステム用のAptパッケージリポジトリを提供しています。 Ubuntuシステムにリポジトリを追加するには、次のコマンドを使用します。

1. Introduction of disk usage check scripts 1.1 Script creation # cd /opt/script/ # vi disk_capacity_check.sh Contents of disk_capacity_check.sh #!/bin/bash #Specify email address for notification MAIL="<your mailaddress> " DVAL=`/bin/df / | /usr/bin/tail -1 | /bin/sed 's/^.* \([0-9]*\)%.*$/\1/'` if [ $DVAL -gt 80 ]; then echo "Disk usage alert: $DVAL %" | mail -s "Disk Space Alert in `hostname`" $MAIL fi

1. Install MySQL 8 1. Install # apt -y install mysql-server-8.0 2. MySQL server security settings Run the tool mysql_secure_installtion to configure security-related settings for your MySQL server. When you run it, you will be asked a series of questions to help you configure your security settings. You will first be asked if you want to use a password validation plugin, as shown below. Password validation means that you can check the password strength of users for MySQL and restrict them to accepting only passwords that are secure enough. For example, it should be at least a few characters long and always contain at least one symbol and one number. Type y if you like and press Enter

1. Install an NTP server # apt -y install chrony # vi /etc/chrony/chrony.conf 3. Apache2 installation First allow port http:80 and port https:443 on UFW # ufw allow http # ufw allow https # ufw reload 2. Install the FTP server vsftpd ①Install # apt install vsftpd ②Open PORT 21 at UFW # ufw allow ftp # ufw reload

1. Install SNORT Snort is an open source network intrusion detection system that can perform real-time traffic analysis and packet logging over IP networks. It can perform "protocol analysis", "content search" and "matching" and can be used to detect a variety of attacks such as "buffer overflows", "stealth port scans", "CGI attacks", "SMB probes", "OS fingerprinting attempts", "semantic URL attacks" and "server message block probes". 2.Install Tripwire Install a system to detect tampering of Linux server files by crackers. This time, we will introduce Tripwire, a host-type IDS (IDS=Intrusion Detection System) as a file tampering detection system. Tripwire detects the addition/modification/deletion of files by creating a database of the file status at the time of deployment and comparing the database with the current status of the files.

Download Ubuntu Server 20.04 installation image The Ubuntu Server installation image can be downloaded from the official website. You will need to create an installation CD/DVD from the downloaded iso file.(About 1.2G) If you are installing on a virtual machine using Vmware or similar, you can use the iso file itself. Download the iso file   :  Ubuntu official download site