Comments and suggestions conceming this page should be mailed to gmourani@videotron.ca Linux Secure Optimized Server New ve sion of this document. PPublic Key for Gerhard Mourani llation instructions assume. and Booting Disk Setup mponents to nsta How to use RPM Commands Sarting and stopping nstallation of the serve e that must b ed after installation of the Server. Put some n yo or the 2. General system security. Linux Security. Overview. XM) General system optimization Linux Optimiz Recompiling the kemel 41 Linux Kerel These installation instructions assume gan emergency boot floppy. ncrease the Tasks Making a ne rescue floppy 49 Jpdate your XVI Install more than one Ethernet Card per Machine g I Ne ing manually with the command line inux DNS and BIND Server Taeealaiontnsnecionsasume of the tc/named. ng B Runnir 8 Further documentation Administrative Tools 63 Network Architecture Comments and suggestions concerning this page should be mailed to gmourani@videotron.ca © Copyright 1999 Open Network Architecture ® 2 Linux Secure & Optimized Server..................................................................................................................................6 New version of this document........................................................................................................................................6 Copyright Information......................................................................................................................................................7 PGP Public Key for Gerhard Mourani...........................................................................................................................7 Overview............................................................................................................................................................................8 These installation instructions assume.........................................................................................................................8 Know your Hardware!......................................................................................................................................................8 I) Creating the Boot Disk and Booting..........................................................................................9 II) Installation Class and Method ....................................................................................................9 III) Disk Setup.....................................................................................................................................9 Warning .............................................................................................................................................................................9 IV) Components to Install ...............................................................................................................12 Individual Packages Selection.....................................................................................................................................13 V) How to use RPM Commands ...................................................................................................15 VI) Starting and stopping daemon services.................................................................................15 VII) Software that must be uninstalled after installation of the Server.....................................16 VIII) Software that must be installed after installation of the Server........................................17 IX) Installed programs on your Server..........................................................................................18 X) Put some colors on your terminal ............................................................................................20 XI) Update of the lasted software’s ...............................................................................................21 XII) For the maniacs ........................................................................................................................21 XIII) General system security.........................................................................................................22 Linux Security..................................................................................................................................................................22 Overview..........................................................................................................................................................................22 XIV) General system optimization.................................................................................................35 Linux Optimization .........................................................................................................................................................35 XV) Recompiling the Kernel...........................................................................................................41 Linux Kernel....................................................................................................................................................................41 Overview:.........................................................................................................................................................................41 These installation instructions assume.......................................................................................................................41 Packages .........................................................................................................................................................................41 Making an emergency boot floppy...............................................................................................................................42 Optimization....................................................................................................................................................................42 Increase the Tasks .........................................................................................................................................................42 Compilation .....................................................................................................................................................................43 Making a new rescue floppy.........................................................................................................................................49 Update your /dev entries...............................................................................................................................................49 XVI) Install more than one Ethernet Card per Machine ............................................................49 XVII) Configuring TCP/IP Networking manually with the command line................................50 XVIII) Install software’s ...................................................................................................................53 Linux DNS and BIND Server........................................................................................................................................53 Overview..........................................................................................................................................................................53 These installation instructions assume.......................................................................................................................53 Packages .........................................................................................................................................................................53 Tarballs ............................................................................................................................................................................53 Compilation .....................................................................................................................................................................53 Configure and Optimize.................................................................................................................................................54 Compile and Optimize ...................................................................................................................................................54 Cleanup after work.........................................................................................................................................................54 Configurations .................................................................................................................................................................55 Configuration of the /etc/named.conf file....................................................................................................................55 Configuration of the /var/named/db.127.0.0 file........................................................................................................56 Configuration of the /var/named/primary/db.192.168.1 file.....................................................................................56 Configuration of the /var/named/primary/db.openarch ............................................................................................56 Configuration of the /etc/rc.d/init.d/named script file ................................................................................................57 Securing BIND/DNS ......................................................................................................................................................58 Running BIND in a chroot jail.......................................................................................................................................58 Cleanup after work.........................................................................................................................................................62 Zone transfers .................................................................................................................................................................62 Further documentation..................................................................................................................................................63 DNS Administrative Tools.............................................................................................................................................63 dig.....................................................................................................................................................................................63