ITC333 Server Administration and Maintenance
Installing LAMP software on Ubuntu Server. LAMP is a standard bundle in the Ubuntu Server platform. Once complete set up this Server 2 to host a website using the Apache web server. The server should have a statically assigned address which matches that specified in the A record for host.
Test your Apache Server by using a web browser on another host and trying to browse the website Once you have set up the webserver and tested it, install an FTP server. The FTP server would allow users to upload/ download files to the webserver. Configure the server appropriately and then test from another host.
Next: in Ubuntu Server, your task is to configure the Apache web server for the DNS The server is implemented using the HTTP protocol listening on port 8282. Your challenge is to make the same site accessible using the HTTPS protocol.
To do this set up SSL with a self-signed certificate for the site. Once configured correctly you should be able to access on both HTTP/HTTPS ports. Naturally, you will need to make appropriate changes to your firewall rules. document all the steps and challenges while configuring the LAMP with a clear description of each step,
Task: Security and System-hardening (Configuring SELinux) (7.5 Marks)
Linux security is built on UNIX security. UNIX security consists of different solutions that were never developed with current IT security needs in mind. Most of the UNIX solutions focus on a part of the operating system only.
That means that you need to collect a lot of different security solutions to get a secure operating system, which may be very hard. SELinux was developed to provide a complete and mandatory security solution.
The basic principle is that if it is not specifically allowed it will be denied. That is what SELinux will do for you and that is what UNIX security won't bring you. As a result, all unknown services will always need additional configuration to enable them in an environment where SELinux is enabled.
Overall, SELinux makes your system more secure, because it is one overall security solution, where things are only allowed to happen if the system administrator really wanted to allow them.
In this task, you are required to: describes the difference between SELinux enforcing and permissive modes, enable and enforcing permissive SELinux on Server 2, Ensure that the ssh service is running on server 2,
Make sure that the ssh service runs on ports 22 and 2022, Once you have configured port numbers, use netstate -Ztulpen to check that port 2022 is being enforced by SELinux, if not, use set SELinux to enforce a permissive policy to fix the problem, use netstate -Ztulpen to check if the port 2022 is enforced by SELinux.