Installing PowerDNS with MySql backend
The PowerDNS Nameserver is a modern, advanced and high performance authoritative-only nameserver. It is written from scratch and conforms to all relevant DNS standards documents. Furthermore, PowerDNS interfaces with almost any database.
This tutorial has been tested and is working on Debian etch and lenny
1. Install the PowerDNS server and MySql backend using apt
apt-get install pdns-server pdns-backend-mysql
Scan your web server for vulnerabilities with Nikto on squeeze
Nikto is a web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers.
1. Add non-free archive to apt sources (pico /etc/apt/sources.list)
deb http://ftp.uk.debian.org/debian/ squeeze main non-free
deb-src http://ftp.uk.debian.org/debian/ squeeze main non-free
Installing PowerDNS as supermaster with slaves
The PowerDNS Nameserver is a modern, advanced and high performance authoritative-only nameserver. It is written from scratch and conforms to all relevant DNS standards documents. Furthermore, PowerDNS interfaces with almost any database.
This tutorial has been tested to be working on Debian squeeze. It's assumed that you are installing one supermaster and one or more slaves that will sync with the master automatically.
On all servers
1. Install the PowerDNS server and MySql backend using apt
apt-get install pdns-server pdns-backend-mysql
Monitoring Varnish with Munin
Varnish is a great reverse proxy and very useful for load balancing. Here you can find a tutorial on installing Varnish: Installing and configuring Varnish HTTP accelerator.
Munin is a network/system monitoring application that presents output in graphs through a web interface. If you haven't installed it already, use this tutorial: Monitoring multiple servers with Munin.
Assuming you have both varnish and munin installed, here's a tutorial on installing a plugin for munin to monitor Varnish.
1. Install git-core to receive the plugin from github
apt-get install git-core
Scan your server for rootkits with rkhunter
rkhunter (Rootkit Hunter) is a tool that scans for rootkits, backdoors and possible local exploits. It does this by comparing SHA-1 hashes of important files with known good ones in online database, searching for default directories (of rootkits), wrong permissions, hidden files, suspicious strings in kernel modules, and special tests for Linux and FreeBSD.
1. Install rkhunter
apt-get install rkhunter
Installing and using the IPMI tool
The Intelligent Platform Management Interface (IPMI) is a standardized computer system interface used by system administrators to manage a computer system and monitor its operation.
The development of this interface specification was led by Intel Corporation and is supported by more than two hundred computer systems vendors including Dell, Hewlett-Packard, Intel, and NEC Corporation.
1. Install the ipmitool which is used to send commands and receive information from the management interface.
apt-get install ipmitool
Installing and configuring vsftpd for local unix users
vsftpd is a secure, fast and stable FTP server. In this tutorial we'll install the server allow local unix to access their home directories.
1. Install vsftpd
apt-get install vsftpd
Installing Dovecot IMAP and POP3 daemon with MySql backend on squeeze
Dovecot is an open source IMAP and POP3 server for Linux/UNIX-like systems, written primarily with security in mind. Dovecot primarily aims to be a lightweight, fast and easy to set up open source mailserver.
It's assumed that you have already installed and configured Postfix according to this tutorial:
Installing Postfix with MySql backend and SASL for SMTP authentication
1. Install required packages
apt-get install dovecot-imapd dovecot-pop3d
How to install Roundcube on squeeze
Roundcube is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking.
Installation is easy in Debian but the application is pretty outdated in the squeeze apt repository so you may want to install the latest version manually instead. You can download the source from Sourceforge.
1. Install roundcube
apt-get install roundcube roundcube-mysql
Installing sSMTP MTA (Mail Transfer Agent)
sSMTP is an extremely simple MTA to get mail off the system to a mail hub. It contains no suid-binaries or other dangerous things - no mail spool to poke around in, and no daemons running in the background. Mail is simply forwarded to the configured mailhost. Extremely easy configuration.
This is ideal for web servers to avoid running MTA daemons like sendmail, Exim and Postfix which use up resources on the server.
1. Install sSMTP (Note: Any previously installed MTA will be removed)
apt-get install ssmtp