GOLETA5 Build Notes
this server was replace with GOLETA9 (during build and subsequently renamed GOLETA5).
- Downloaded and burned Ubuntu Server 8.10 ISO image (with difficulty).
- Installed Ubuntu server
- Disk partioning not quite as desired - got bored with fighting with wizard.
- Installed mail, DNS and Samba server.
- Root password didn't take for some reason
- Rebooted into single user mode to change root password
- Press ESC during boot for boot menu
- Select Recovery Mode
- Go to root console and type "passwd" to change password.
- Copied over my homer /etc/issue for fun.
/etc/issue requires "\" to be escaped "\\"
For ssh logon /etc/issue.net doesn't show - /var/run/motd.
Edit the Banner directive in /etc/ssh/sshd_config.
- Downloaded squid.
"sudo apt-get install squid squid-common"
- Downloaded Putty for SSH access from my Windows XP desktop
- Installed calamaris for squid log reporting
"sudo apt-get install calamaris" - documentation appears to be weak
- WPAD for automatic proxy configuration on GOLETA8 via DHCP
- Installed apache on GOLETA5 to serve WPAD file
"sudo apt-get install apache2"
Install Nagios for network Monitoring
Instructions from Nagios.sourceforge.net:
- Installed nsclient++ on Windows machine for Nagios
Monitoring Windows Machines *
Note: Directions have a flaw in 4, 5 and 8 - run in this order for Windows 2003:
NSclient++.exe SysTray -install
- Configure Nagios server for NSclient
Nagios Object Definitions
Test configuration with: /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
- Configure Netscreen SNMP for Nagios monitoring
forums.juniper.net - JNet : Security : Firewalls : many traps are sent to SNMP client
- Install TFTP server for Netscreen firmware updates.
- "sudo apt-get install tftpd"
- startup script is /etc/inetd.conf
- Run "sudo mkdir /srv/tftp","sudo chmod -R 777 /srv/tftp","sudo chown -R nobody:nogroup /srv/tftp" and "sudo /etc/init.d/openbsd-inetd restart"
- See also "dpkg -l tftpd" and "apt-cache policy tftpd"
Netscreen TFTP command example: "netscreen> save config from flash to tftp <ipaddress> <filename>"
- Turned off samba server
Ubuntu has an "update-rc.d -f samba remove" command to disable
a service and "update-rc.d samba defaults" to re-eanble it.
Compare to Redhat's, "chkconfig httpd off" or
"chkconfig httpd --del". "sudo /etc/init.d/samba stop" to stop
a service (note path differs from /etc/rc.d/init.d on redhat).
- Ran NMap against server:
|PORT ||STATE ||SERVICE ||VERSION|
|22/tcp ||open ||ssh ||OpenSSH 5.1p1 Debian-3ubuntu1 (protocol 2.0)|
|25/tcp ||open ||smtp ||Postfix smtpd|
|53/tcp ||open ||domain |
|80/tcp ||open ||http ||Apache httpd 2.2.9 ((Ubuntu))|
|110/tcp ||open ||pop3 |
|143/tcp ||open ||imap? |
|993/tcp ||open ||ssl ||OpenSSL|
|995/tcp ||open ||ssl ||OpenSSL|
|3128/tcp ||open ||http-proxy ||Squid webproxy 2.7.STABLE3|
- Note: Use "dpkg -l" to list all installed packages or add a string at the
end to be more specific. [MORE]