feisty ubuntu server tutorial

Adnan posted about a Rootprompt post pointing to this Ubuntu server installation tutorial on Feisty Fawn. The tutorial is aimed at installing services that an ISP would need: SSH, BIND, MySQL, SMTP-AUTH/TLS, Courier-IMAP/POP3, Apache/PHP5, ProFTPD, ISPConfig. Not necessarily stuff I all need, but some I do like to read up on how other people do these.

I like this tutorial and I don’t like this tutorial. For starters, the tutorial is one of those things that says, “To install XYZ, run this command and move on.” It really offers little ability to deeply understand what you’re doing and what nuances your particular needs or security posture might dictate. When you install the SSH server, did you disallow remote root login? When you’re done with this tutorial, do you set su/sudo behavior back to the default? Does MySQL or Apache run on its own account and can those accounts be logged into via SSH? The tutorial is great as an example of how easy it can be to install these services, but does nothing to warn users about the level of care and attention might be needed to make sure it is running securely and efficiently. Did you follow this tut and leave your balls out on the Internet to be tickled and kicked or did you slip a cup on when no one was looking?

However, I do like tuts like this where sometimes the service you want to install seems daunting for no real reason other than fear of the unknown. I’ve worked with BIND in the past and can edit my own zone files, but for some reason I have never actually stood up a BIND DNS server myself. Tuts like this can blitz you through the unknown and get you going. You can’t learn to whitewater raft by watching from the bluffs. Get the hell in the water, capsize yourself, and get wet!