Install Ubuntu (12.04LTS Desktop)
Set proxy if needed
add canonical partners to software repositories
apt-get install nedit
apt-get install joe
apt-get install vim
apt-get install xrdp
apt-get install gnome-session-fallback
in your homedir via terminal: echo “gnome-session –session=gnome-fallback” > .xsession
apt-get install bridge-utils
apt-get install shorewall shorewall-doc
edit /etc/network/interfaces to contain:
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
iface lo inet loopback
# To skip network manager
iface eth0 inet manual
iface eth1 inet manual
iface br0 inet dhcp
bridge_ports eth0 eth1
copy the presetup shorewall configs to /etc/shorewall/
sudo shorewall check
sudo shorewall start
If you wish to have remote access, DO NOT edit /etc/default/shorewall and set startup=1
- Shorewall configuration directory.
- Specifies the network interfaces that Shorewall uses. Once Shorewall is setup and configured, this file should remain static.
- Specifies and names the zones that Shorewall uses. Once Shorewall is setup and configured, this file should remain static.
- High-level policy for connections between the zones defined in the zones file. In our case, the default policy is to drop a packet unless a rule is specified in the rules file to allow it to cross.
- This file specifies what traffic will be allowed to cross the firewall. This will be the most actively edited file during testing.
- This is where Shorewall messages are logged.
For logfile analysys, check out logwatch: http://sourceforge.net/projects/logwatch/
For hardening of an Ubuntu system (specifically 12.04LTS) see: http://www.thefanclub.co.za/how-to/how-secure-ubuntu-1204-lts-server-part-1-basics
[this post to be update/finalized soon]