$Id: howto-suse-prepare-for-server.txt,v 1.1.1.1 2002/02/11 01:22:17 cvsjoko Exp $ $Log: howto-suse-prepare-for-server.txt,v $ Revision 1.1.1.1 2002/02/11 01:22:17 cvsjoko first checkin' ================================================================ root-activity-log for server.webpla.net after reboot on 2002-02-05 17:00 ================================================================ ######################### main server (suse) ######################### [+] control open ports and shutdown unneeded [+] control processlist and shutdown unneeded processes - ps ax - lsof -i - shutdown X-server (listening on port "6000") - WORKAROUND: rcxdm stop - FIXME: disable X11 on startup - shutdown lisa (listening on port "7741") - WORKAROUND: rclisa stop - FIXME: disable lisa on startup - in "/etc/rc.config" set: USE_LISA="none" - stop identd (listening on port "ident") - WORKAROUND: rcidentd stop - FIXME: disable identd on startup - in "/etc/rc.config" set: START_IDENTD="no" - modify ntop-port - in "/etc/rc.config" set: NTOPD_PORT="8030" [-] start needed services - start mysql - cd /usr/local/mysql - ./bin/mysqld_safe --bind-address=212.123.127.169 & - start apache - rcapache start - start snmpd (for mrtg) - rcsnmpd start - enable in /etc/rc.config && run SuSEconfig - start ntopd - rcntopd start - enable in /etc/rc.config && run SuSEconfig - modify ntop to "store persistently host stats" - in /usr/sbin/rcntopd (/etc/rc.d/init.d/ntopd) add switch "-S" to ntopd-start-call [+] otj: - /etc/inittab: change default-runlevel to "3" - startup-skripts - create /home/service/bin/vsdhosts & /home/service/bin/vsdhosts.pl - cd /usr/sbin/ - ln -s /home/service/bin/vsdhosts rcvsdhosts - cd /etc/rc.d/rc3.d - ln -s /home/service/bin/vsdhosts S30vsdhosts - ln -s /home/service/bin/vsdhosts K01vsdhosts - create /home/service/bin/accounting - cd /usr/sbin/ - ln -s /home/service/bin/accounting rcaccounting - cd /etc/rc.d/rc3.d - ln -s /home/service/bin/accounting S30accounting - ln -s /home/service/bin/accounting K01accounting [-] install software - tbd => just ssh, httpd and mysqld should be listening for requests; "lsof -i", "ps ax", again ;) - FIXME: enable firewall-rules for ip-based accounting - FIXME: enable firewall-rules for security-restrictions (- FIXME: run SuSEconfig?) (- FIXME: reboot and test changes?) ######################### vsd-hosts ######################### - start inetd - WORKAROUND: rcinetd start - FIXME: enable "inetd" on startup (in /etc/rc.config) - prepare vsd-hosts: - see "freevsd-prepare-vhost.txt" - start host: "vsboot --start " - netfrag, martha1, moon1-4, experimental1 ######################### main server (suse) ######################### (- FIXME: run SuSEconfig) (- FIXME: reboot and test changes?)