Debian Standard Packages to install afterwards: Difference between revisions

From Edgar BV Wiki
Jump to navigation Jump to search
No edit summary
No edit summary
Line 2: Line 2:


<pre>
<pre>
apt-get install vim mc iproute hal atsar sysstat systune snmpd ncftp postfix denyhosts nscd
apt-get install vim mc iproute hal atsar sysstat systune snmpd ncftp postfix fail2ban nscd
</pre>
</pre>


Line 17: Line 17:
nscd is only usefull for servers not running bind themselves
nscd is only usefull for servers not running bind themselves


fail2ban
vi /etc/fail2ban/jail.conf
chane ignoreip maybe bantime and destemail too
might need apt-get install resolvconf but I don't like it much
== obsolete ==
vi /etc/denyhosts.com
vi /etc/denyhosts.com


Line 22: Line 31:


Also, if a host keeps getting denied, you can stop it from going in the /etc/hosts.deny file by putting the IP address into a line in /var/lib/denyhosts/allowed-hosts
Also, if a host keeps getting denied, you can stop it from going in the /etc/hosts.deny file by putting the IP address into a line in /var/lib/denyhosts/allowed-hosts
might need apt-get install resolvconf but I don't like it much

Revision as of 21:58, 20 August 2015

After a standard install of debian, these packages still need installing.

apt-get install vim mc iproute hal atsar sysstat systune snmpd ncftp postfix fail2ban nscd

Notes:

vim-tiny is installed by debian by default. This is horrible, and which is why we install vim first!

/etc/default/sysstat: turn ENABLED="true"

/etc/default/snmpd: get rid of 127.0.0.1 from SNMPDOPTS

vi /etc/snmp/snmpd.conf: change the community names

nscd is only usefull for servers not running bind themselves

fail2ban

vi /etc/fail2ban/jail.conf

chane ignoreip maybe bantime and destemail too

might need apt-get install resolvconf but I don't like it much

obsolete

vi /etc/denyhosts.com

set PURGE_DENY = 1w and ADMIN_EMAIL = red@tripany.com and SMTP_FROM = Denyhosts $machinename <nobody@localhost>

Also, if a host keeps getting denied, you can stop it from going in the /etc/hosts.deny file by putting the IP address into a line in /var/lib/denyhosts/allowed-hosts