openSUSE_15.3_en

1. Tripwire Install Tripwire is a host-based intrusion detection system (IDS) that monitors files and directories and notifies the user of any changes. 1.1 Installation and configuration ① Download and install 2. Chkrootkit Install ①Download and install chkrootkit 3. Logwatch Install ① Install # zypper -n install logwatch ② Edit the configuration file 4. DiCE  Install Every time the global IP is changed, which happens when the Internet is disconnected or the router is disconnected and rebooted, the dynamic DNS must be accessed to notify the change in global IP. DiCE does that work for you automatically.

Installation of open source integrated monitoring software "Zabbix" Zabbix is an open source integrated monitoring software for centralized monitoring of servers, networks and applications. It provides monitoring, fault detection and notification functions required for integrated monitoring. With Zabbix agent and SNMP support for many platforms, you can monitor your entire system with a single Zabbix. To run Zabbix, you need PHP programming language, MySQL/MariaDB as database server, and a web server such as Apache or Nginx. In this case, we will proceed on the assumption that all of the following conditions have already been configured. ・OS : OpenSUSE15.5 ・Web server : Apache2.4.51 ・PHP8.0.29 ・Database : MariaDB10.6 Please refer to the following to configure the above

What is openSUSE? OpenSUSE is a community-based, free to the public, Linux distribution that is actively adopting the latest technologies. It is sponsored by Novell and developed by the community. Originally SUSE Linux was developed by SUSE, but after the acquisition of SUSE by Novell in 2003, Novell moved to a 100% open source distribution with a community-based development structure through the OpenSUSE project and changed the name from SUSE Linux to After the acquisition of SUSE by Novell in 2003, Novell moved to a community-based development structure with the OpenSUSE project as a 100% open source distribution and changed the name from SUSE Linux to the current name. openSUSE is available in two versions: Leap, the stable version, and Tumbleweed, which uses a rolling release model and is also the basis for the paid version of SUSE Linux Enterprise.

1. Install Mysql8 First, make sure the server is up to date. Update the server package # zypper ref # zypper up -y  1.2 Example of creating  Mysql8 database and user Try to create a user, password, and database for wordpress to install in the following database　:　 wp_db user　:　wp_user password　:　?WHxx333Yo 2. Install Wordpress 2.1 Install required libraries # zypper install php-gd php-pdo php-mysql php-mbstr

1. Server Backup 1.1 Backup under /srv/www/ ①Create a backup script file # cd /srv/www/system/ # vi backup_all.sh 1.2. MySQL database backup ①Create a backup script file # cd /srv/www/system # vi db_my_backup.sh Contents of db_my_backup.sh 2.Restoring Data 2.1 Restore the backup files under /srv/www/ ① Save the backup file used for the restore to the server's "/ (root)" directory. 2.2 Restore MySQL data ① Save the database backup file to a directory of your choice.、 （In the example, the directory is "/srv/www/backup/db_bak".）Unzip the data

1.Obtaining an SSL Certificate (Let's Encrypt) Pre-assignment Enable mod_ssl # a2enmod ssl 1.1 Install the certificate # zypper -n install certbot # certbot certonly --webroot -w /srv/www/htdocs/[Web site directory] -d  [Domain name] Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator webroot, Installer None # First time only, you need to register your email address and agree to the terms o

1.SNORT Install Snort is a network-type IDS (intrusion detection system). It captures packets flowing on the network and detects suspicious packets. The source file is used directly from https://snort.org/. 1.1 advance preparation Install the required libraries # zypper install wget bison flex libfl2 gcc libpcap-devel libpcap-devel-32bit libpcap1 automake libtool make glibc-devel-32bit zlib-devel zlib-devel-32bit libWN3 libdnet-devel libdnet1 efl efl-lang elua libXvMC1 libecore1 libector1 libedje1 libeet1 libpcrecpp0 libstdc++-devel libstdc++6-devel-gcc7 pcre-devel ethtool net-tools-deprecated net-tools net-tools-lang libopenssl-1_1-devel libtirpc-devel moonjit moonjit-devel 1.2 SNORT and daq download and installation

Create a private key for the client and a public key for the server so that the client can log in using the key pair authentication. 1.Key pair creation Create a pair of public and private keys for the user who will connect to the Linux server using OpenSSH. To create a key pair, use ssh-keygen. The creation of a public/private key pair should be performed as a user with remote login privileges. If you do not specify the destination and file name, id_ecdsa and id_ecdsa.pub will be created in /home/(user name)/.ssh/.    On the way, you will also enter the password for the key.

1. Install clamav (anti-virus software) 1.1 Install Clamav # zypper -n install clamav 1.2 Virus definition file update ①Virus definition file update setting # vi /etc/freshclam.conf ■Line 71. Insert "#" at the beginning of the line "DatabaseMirror database.clamav.net".し、 "DatabaseMirror db.jp.clamav.net" added. #DatabaseMirror database.clamav.net DatabaseMirror db.jp.clamav.net

1. Install Web server Apache 1.1Install apache2 ( httpd-2.4.43 ) # zypper -n install apache2 1.2 Apache2 : Basic Configuration 2. Apache2 : Use Perl scripts. Configure Perl scripts to be used as CGI 2.1 Install Perl ①Install # zypper -n install perl 3. Apache2 : Virtual Host Configuration Configure both domains sample1.korodes.com sample2.korodes.com to be displayed on a single server 4. Apache2 : Use PHP scripts Install PHP and configure it so that PHP scripts can be used

1. vsftpd (FTP server installation) 1.1 Install vsftpd It is already installed when you install openSUSE. If it is not installed, you can install it with the following command # zypper -n install vsftpd 1.2 Edit vsftpd configuration file Save the unedited vsftpd.conf with .bak.

1.Setting up a remote connection using SSH SSH is a service to connect to a server remotely, basically running right after the OS installation, but the default settings are somewhat insecure. Configure settings to increase the security of ssh connections. 1.1 Change the configuration file of SSH service. The configuration file for the SSH service is "/etc/ssh/sshd_config".

1. Disable SELinux SELinux is a feature that provides a highly secure system architecture that prevents the concentration of privileges on root. In openSUSE, it is disabled at the time of installation. To check # vi /etc/selinux/config SELINUX=disabled 2. Use su command Not required if you set the root password at the time of installation. If you don't want to set the root password, set it as follows After logging in as a general user