GOLETA5 Build Notes
January 2009

this server was replace with GOLETA9 (during build and subsequently renamed GOLETA5).

  1. Downloaded and burned Ubuntu Server 8.10 ISO image (with difficulty).
  2. Installed Ubuntu server
  3. Rebooted into single user mode to change root password
    1. Press ESC during boot for boot menu
    2. Select Recovery Mode
    3. Go to root console and type "passwd" to change password.
  4. Copied over my homer /etc/issue for fun.
    /etc/issue requires "\" to be escaped "\\"
    For ssh logon /etc/issue.net doesn't show - /var/run/motd. Edit the Banner directive in /etc/ssh/sshd_config.
  5. Downloaded squid.
    "sudo apt-get install squid squid-common"
  6. Downloaded Putty for SSH access from my Windows XP desktop
  7. Installed calamaris for squid log reporting
    "sudo apt-get install calamaris" - documentation appears to be weak
  8. WPAD for automatic proxy configuration on GOLETA8 via DHCP
  9. Installed apache on GOLETA5 to serve WPAD file
    "sudo apt-get install apache2"
  10. Install Nagios for network Monitoring
    Instructions from Nagios.sourceforge.net:
  11. Installed nsclient++ on Windows machine for Nagios
    Monitoring Windows Machines *
    Note: Directions have a flaw in 4, 5 and 8 - run in this order for Windows 2003:

    NSclient++.exe /install
    NSclient++.exe /start
    NSclient++.exe SysTray -install

  12. Configure Nagios server for NSclient
    Nagios Object Definitions
    Test configuration with: /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
  13. Configure Netscreen SNMP for Nagios monitoring
    forums.juniper.net - JNet : Security : Firewalls : many traps are sent to SNMP client
  14. Install TFTP server for Netscreen firmware updates.
    TFTP Links:

    Netscreen TFTP command example: "netscreen> save config from flash to tftp <ipaddress> <filename>"

  15. Turned off samba server
    Ubuntu has an "update-rc.d -f samba remove" command to disable a service and "update-rc.d samba defaults" to re-eanble it. Compare to Redhat's, "chkconfig httpd off" or "chkconfig httpd --del". "sudo /etc/init.d/samba stop" to stop a service (note path differs from /etc/rc.d/init.d on redhat).
  16. Ran NMap against server:
    PORT STATE SERVICE VERSION
    22/tcp open ssh OpenSSH 5.1p1 Debian-3ubuntu1 (protocol 2.0)
    25/tcp open smtp Postfix smtpd
    53/tcp open domain
    80/tcp open http Apache httpd 2.2.9 ((Ubuntu))
    110/tcp open pop3
    143/tcp open imap?
    993/tcp open ssl OpenSSL
    995/tcp open ssl OpenSSL
    3128/tcp open http-proxy Squid webproxy 2.7.STABLE3
  17. Note: Use "dpkg -l" to list all installed packages or add a string at the end to be more specific. [MORE]