Server Rebuild

By tunafish
in Linux

 Share

Recommended Posts

Grand Master

tunafish

Posted
Posted

I run a Linux Debian Lenny server (even though it's in testing it was stable for me). Anyway i have decided i want to nuke it and redo the whole os install etc, as my servers full of usless crap that needs a cleanout etc.

Well anyway i was thinking of going right back to debian. unless someone can convince me otherwise.

The server is my home file server, home web testing server etc, and it's open to the web.

Things i do run on it are:

Apache, mysql5, php5, pureftp, samba, webmin, gnump3d, fireflymediaserver, ssh with no direct root login.

Anyway i am looking for something that will be secure and stable.

I am looking for a nice secure firewall maybe thats easy to understand, ability to support raid etc. I just need an overall secure kernel as well.

Link to comment
https://www.neowin.net/forum/topic/619796-server-rebuild/
Share on other sites
Grand Master

kyro

Posted
Posted

whatever you do is never enough and its advisable to take security measures in steps. I would suggest you the following.

1) http://www.rfxnetworks.com/apf.php http://www.rfxnetworks.com/sim.php http://www.rfxnetworks.com/proj.php

2) recompile your kernel with http://www.grsecurity.net/ ( V .Advance)

3) remove all unwanted services,packages,tools, make sure your folders/files ownership are secure (cant really guide here, its vast)

4) feeling adventurous ,enable SE-Linux .

and I got guide here , old one when i was learning to be admin , its got nice tips too https://www.neowin.net/forum/index.php?showtopic=271716

Link to comment
https://www.neowin.net/forum/topic/619796-server-rebuild/#findComment-589207717
Share on other sites
Experienced

pdog

Posted
Posted

You shouldn't be running a GUI of any sort on a server, it increases the attack vector and makes it less secure. If you want secure, you can always look at OpenBSD, which has only had 2 remote security holes in it's default install in 10 YEARS! PF is also a very nice firewall/queuing/forwarding/packet filtering system. You might also check out FreeBSD, that is a little easier to get used to than OpenBSD. Debain Etch is my distro that I use for my servers, it's pretty secure out of the box, and is also really easy to use.

Link to comment
https://www.neowin.net/forum/topic/619796-server-rebuild/#findComment-589230520
Share on other sites
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • Nvidia's GeForce NOW summer sale drops prices for Ultimate and Premium memberships

      By AndrewSteel · Posted

      Not such a great deal, Ultimate, which gives you full 5080 features is $181.99 CAD per month, that's $2183.88 per year, I can buy the 5080 for $1809.99 CAD, then it goes up to $279.99 per month after the first billing cycle. Typical cloud rental, costs more than buying the hardware.
    • Microsoft about to radically change how often your Edge browser updates

      By leonsk29 · Posted

      Wow, spoken like a true blind hater, you don't even provide arguments. Please, go check my comment above to @seacaptain and you'll find out why what you say doesn't make sense in this context...
    • Microsoft about to radically change how often your Edge browser updates

      By grunger106 · Posted

      Get used to this, with AI tooling now uncovering new vulns and getting them exploitable far faster than has ever been possible before software is going to need to be updated far more frequently. Back in the day it may take reseachers weeks or months to do what AI can now do in hours. Once its a threat is discovered it's weaponsized far more quickly, meaning you simply can't be waiting 2, 3, 4 weeks to deploy a patch, it needs to be patched immediately. Going to be interesting handling this in the enterprise space where traditionally patching has been steady, but very staged (and rightly so up until now), that is going to have to change.
    • Microsoft about to radically change how often your Edge browser updates

      By leonsk29 · Posted

      You don't need to "close all browser sessions constantly" or wait for updates to install. The updates download in the background while you use the browser, without interrupting you, they install automatically the next time you launch the app. And they install very fast (depending on your storage speeds, of course), you have to wait at most 2-3 extra seconds, if any. Seems like you haven't used Edge in a loooooooong time...
    • Segra 1.6.0

      By Copernic · Posted

      Segra 1.6.0 by Razvan Serea Segra is a free, open-source OBS-powered game recorder offering fast gameplay capture, instant clips, AI highlights, deep game integration, and seamless uploads—perfect for gamers, streamers, and content creators. Lightweight, fast, zero bloat. Segra key features: Automatic Game Recording: Begin capturing gameplay the moment your game launches, with zero manual setup. Instant Clipping: Save important moments instantly using a customizable hotkey—perfect for highlights, montages, or quick shares. Segra AI Highlights: Let Segra automatically detect kills, assists, deaths, and key events to generate polished highlight reels without manual editing. Gameplay Uploads: Upload recordings and clips directly to Segra.tv for fast sharing and cloud access. Deep Game Integration: Enjoy advanced game-data tracking across hundreds of supported titles, enabling smart highlight generation and stat-informed clipping. High-Performance Capture: Record up to 4K at 144 FPS using OBS-powered technology with minimal performance impact, supporting NVENC, AMD VCE, and custom quality controls. Segra Editor: Edit recordings easily with timeline controls, segment management, and event-based navigation to build the perfect clip. Customization Options: Adjust hotkeys, output formats, storage paths, codecs, capture quality, and performance settings for a tailored recording experience. Segra 1.6.0 changelog: Recording: Added HDR support. Grand Theft Auto: Added game integration for deaths (FiveM and RAGE MP supported). Highlights: Added customizable padding for highlights. Replay Buffer: Added a shockwave visual effect when a replay buffer clip is saved. Audio: Increased the maximum sound effects volume from 100% to 200%. Hotkeys: Fixed hotkeys not triggering while unrelated keys were held. Installer: Added code signing to verify publisher identity, branded the installer, and reduced OS security warnings. OBS: Updated the supported OBS version to 32.1.2. Download: Segra 1.6.0 | 74.4 MB (Open Source) View: Segra Homepage | Github | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware

  • Recent Achievements

    • One Month Later
      Clizby earned a badge
      One Month Later
    • One Month Later
      Timaximus earned a badge
      One Month Later
    • Week One Done
      Timaximus earned a badge
      Week One Done
    • Rookie
      FBSPL went up a rank
      Rookie
    • First Post
      davidbazooked earned a badge
      First Post

  • Popular Contributors

    1. 1
      +primortal
      509
    2. 2
      PsYcHoKiLLa
      175
    3. 3
      +Edouard
      163
    4. 4
      Steven P.
      86
    5. 5
      ATLien_0
      80
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!