nuy

1. SSH Service Security Settings The SSH service allows the root user to log in by default, and since the root user already knows the user name and can log in to the server with administrative privileges once the password is known, we will deny this setting. 1.1 Creating a General User If you have created a general user when installing Ubuntu 23, this procedure is not necessary. If you have already created a user at the time of OS installation, this procedure is not necessary. If you have already created a user during OS installation, this procedure is not necessary. 2. Firewall Settings Ubuntu often uses software called "ufw" to configure the firewall UFW is installed when the OS is installed. Here are the steps to configure minimal filter settings after installation.

SSH connection with authentication using public key cryptography  Creation of public and private key pairs Create a public/private key pair for a user connecting to the Linux server using OpenSSH. Use ssh-keygen to create key pairs. This time, we will create a key set using the RSA cipher used in the SSH protocol Version 2. Creation of public/private key pairs is performed with remote login user privileges (huong). If you do not specify the destination and file name, id_ed25519,id_ed25519.pub will be created in /home/huong/.ssh/. On the way, enter the password for the key.

1.Install NTP server 2. Install FTP server vsftpd 2.1Installation and configuration ①Install 2.2 Vsftpd Over SSL/TLS ①Create a self-signed certificate. If you are using a trusted, legitimate certificate such as Let's Encrypt, you do not need to do this work. 3. File server installation with Samba Build a file server with access rights that requires user authentication with Samba. Installation Procedure (1) Create a shared folder with access rights that requires user authentication. (2) Create a group with access rights (3)Create users belonging to groups that can be accessed (4)Edit configuration file

1.Anti-virus software Clamav installed 1.1 Install # apt install clamav clamav-daemon The clamav-related configuration files are installed in the "/etc/clamav/" folder. 2. Email software installation 2.1 Postfix : Installation/Configuration Install Postfix and build an SMTP server. 25/TCP is used for SMTP. To prevent unauthorized mail relay, use the SASL function of Dovecot (see below), and configure Postfix so that authentication is required even for outgoing mail. 2.2 Dovecot : Installation/Configuration Install Dovecot and build a POP/IMAP server, using 110/TCP for POP and 143/TCP for IMAP 2.7 Applied ClamAV to mail server Postfix Set up Postfix and Clamav to work together to scan incoming and outgoing mail in real time. ①Install Amavisd and Clamav Daemon and start Clamav Daemon 2.7 Applied ClamAV to mail server Postfix Set up Postfix and Clamav to work together to scan incoming and outgoing mail in real time. ①Install Amavisd and Clamav Daemon and start Clamav Daemon 2.7 Applied ClamAV to mail server Postfix Set up Postfix and Clamav to work together to scan incoming and outgoing mail in real time. ①Install Amavisd and Clamav Daemon and start Clamav Daemon 2.8Applied spamassassin to mail server Postfix 2.5.1 spamassassin install ①Install