As all of you know, our Zoinodes are coming…and today i’m gonna guide you trough and simple, quick and dirty guide on how to prepare our VPS/Physical rig for this new and exciting adventure.

For the hardware part, well, not much to say but…

at least 2 gigabytes of RAM

at least 20 gigabytes of disk space

Bear in mind that this is just a preparation of your istances , with some real basic and common sense rules and packages to install.

Packages and services need to be configured also, they won’t run on themselves if you don’t set them properly.

Ok, ready, steady go.

For ease of use I’m gonna use Ubuntu 17.10,  a reliable  and stable Long Term Support distro that is installed almost everywhere …for anything.

  • Let’s login with PuTTy or ssh into our server as root either via PuTTy  or for the *nix friends with the usual ssh from our cli
  •  perform a system update with

apt-get update

or

apt update

  •  Since we don’t wanna run things with our root user, let’s create quickly a new user that we will add to the sudo group.

From bash:

adduser dmz

you will be asked for a password, so please give it one. You can skip the rest of the infos required since they are not relevant.

  • then let’s elevate the new user adding it to the sudo group:

usermod -aG sudo dmz

In this way we will be able to run commands with root privileges without bothering of…..doing things from root.  Done, our fresh created and privileged user has been created.

Still with root user, let’s make a quick system refresh as:

apt update

and a quick reboot

reboot

Our server will restart so we can login with our new sudo user. For a nice read, I’d  like to point your attention to this good read

At this point, there’s plenty much more things we could to, but for ease of use and mainly, to PREPARE and CONFIGURE later we can:

 

sudo apt-get install ufw

 

  • Install AppArmor or SELinux hint, i do indeed prefer AppArmor….flame me! 🙂

sudo apt-get install apparmor

 

and last but not least, the very useful Fail2Ban

sudo apt-get install fail2ban

 

As preparatory and mandatory, there’s plenty of things that we can do really, I just wanted to make something quick and simple, a lot of improvements can be done and lot of things can be added, really, it depends from your grade and rank or security paranoy and to be honest, more and most detailed infos will come when the Zoinodes will be out.

some of you will say….”DMZ, are you sure you’re not missing something?

sure my friends but i left it indeed for the last. The most important thing.

The biggest favour we can do to ourselves, actually IS indeed getting rid of the username and password method of authentication and sub it with the infamous SSH keys 🙂

Again,  we are talking about this stuff 

Since the argument is vaste tough simple, I’ve found a nice and must-read article og Indiana University Knowledge Base.

I’ve read it countless times and trust me, is n00b proof 😉

Zoinodes are arriving…..and Moon too!

 

See ya at next guide dear Zoiners!

dmz

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.