nuy

1.Install SNORT2Snort is an open source network intrusion detection system capable of performing real-time traffic analysis and packet logging on IP networks.It can perform "protocol analysis," "content search," and "matching," and can be used to detect a variety of attacks, including "buffer overflows," "stealth port scans," "CGI attacks," "SMB probes," "OS fingerprinting attempts," "semantic URL attacks," and "server message block probes.2.Install TripwireImplement a system to detect file tampering on Linux servers by crackers.This time, Tripwire, a host-based IDS (IDS=Intrusion Detection System), will be installed as the file tampering detection system.Tripwire creates a database of file status at the time of installation, and detects file additions/changes/deletions by comparing the database with the current status of the file.

1. Install NTP server# apt -y install chrony# vi /etc/chrony/chrony.conf# Line 8.：Comment the default settings and add the NTP server for your time zone.#pool 2.debian.pool.ntp.org iburstpool ntp.nict.jp iburst# Add to the last line (Range for which time synchronization is allowed)allow 192.168.11.0/242. Install FTP Server2.1 Install Vsftpd# apt install vsftpdFTP Port21 allowed# ufw allow ftp# ufw reload

1. Installing and configuring the vim editorDebian has "nano" as the default editor. nano is somewhat difficult to use, and there are few environments where it is used, so we will introduce the procedure for changing the editor to "vim".。1.1 Check vim packageDebian has vim installed by default, but it is a package called "vim-tiny", which is a less functional version. Let's check the installed vim package.Debian uses the "dpkg" command to check packages. The "-l" option displays a list of packages.Since the "dpkg" command as is will show all packages installed on the system, we will use the "grep" command to extract only those packages that contain the string "vim". Execute as follows

1. Antivirus software Clamav installedInstall Clam AntiVirus, a free anti-virus software for Linux, as an anti-virus measure.By installing this anti-virus software, you can not only scan the entire server for viruses, but also scan incoming and outgoing mail for viruses if you build and configure a mail server.1.1 Install# apt install clamav clamav-daemon2. Mail server installationPostfix was developed as a Mail Transport Agent (MTA) to replace sendmail, and is a mail server that is highly compatible with sendmail, secure, easy to maintain, and fast.In addition, since Postfix only functions as an SMTP server for sending mail, the POP server Dovecot for receiving mail will be installed separately in the latter half.2.1 Postfix : Installation Configuration3 Applied ClamAV to mail server PostfixSet up Postfix and Clamav to work together to scan incoming and outgoing mail in real time.①Install Amavisd and Clamav Daemon and start Clamav Daemon