Generic Linux server setup

From dtype.org
Revision as of 14:21, 23 April 2017 by Drew (talk | contribs) (major sections)

Things to do on all servers:

Log management

awslogs

  • /var/log/auth.log
  • /var/log/mail.log
  • /var/log/syslog

move cron off to its own log

  • /etc/rsyslog.d/50-default.conf
*.*;auth,authpriv.none,cron.none   -/var/log/syslog
cron.*                             /var/log/cron.log

get rid of cron in auth.log

  • /etc/pam.d/common-session-noninteractive, at end of file
# and here are more per-package modules (the "Additional" block)
session [success=1 default=ignore] pam_succeed_if.so service in cron quiet use_uid
session	required	pam_unix.so

Other

fail2ban

  • do