25-10-02
initial UB 24 install

# cd /etc/ssh
# vim sshd_config
# systemctl restart sshd
# vim /root/.ssh/authorized_keys
# ssh-keygen

# hostnamectl hostname web04.phas.ubc.ca

# apt list --installed | grep falcon
falcon-sensor/now 7.28.0-18108 amd64 [installed,local]

# apt install postfix
The following additional packages will be installed:
  libnsl2 ssl-cert
Suggested packages:
  mail-reader postfix-cdb postfix-doc postfix-ldap postfix-lmdb postfix-mta-sts-resolver postfix-mysql postfix-pcre postfix-pgsql
  postfix-sqlite procmail sasl2-bin | dovecot-common
The following NEW packages will be installed:
  libnsl2 postfix ssl-cert
0 upgraded, 3 newly installed, 0 to remove and 12 not upgraded.

# systemctl start postfix
# systemctl enable postfix
Synchronizing state of postfix.service with SysV service script with /usr/lib/systemd/systemd-sysv-install.
Executing: /usr/lib/systemd/systemd-sysv-install enable postfix

# apt install mailutils
The following additional packages will be installed:
  gsasl-common guile-3.0-libs libfribidi0 libgc1 libgsasl18 libgssglue1 libidn12 libltdl7 libmailutils9t64 libmysqlclient21
  libncurses6 libntlm0 libpq5 mailutils-common mysql-common
Suggested packages:
  mailutils-mh mailutils-doc
The following NEW packages will be installed:
  gsasl-common guile-3.0-libs libfribidi0 libgc1 libgsasl18 libgssglue1 libidn12 libltdl7 libmailutils9t64 libmysqlclient21
  libncurses6 libntlm0 libpq5 mailutils mailutils-common mysql-common

# apt install fail2ban
Reading state information... Done
The following additional packages will be installed:
  python3-pyasyncore python3-pyinotify python3-setuptools python3-systemd whois
Suggested packages:
  system-log-daemon monit sqlite3 python-pyinotify-doc python-setuptools-doc
The following NEW packages will be installed:
  fail2ban python3-pyasyncore python3-pyinotify python3-setuptools python3-systemd whois

# fail2ban-client status
Status
|- Number of jail:	1
`- Jail list:	sshd

# fail2ban-client status sshd
Status for the jail: sshd
|- Filter
|  |- Currently failed:	0
|  |- Total failed:	0
|  `- Journal matches:	_SYSTEMD_UNIT=sshd.service + _COMM=sshd
`- Actions
   |- Currently banned:	0
   |- Total banned:	0
   `- Banned IP list:	

# apt install cron
The following additional packages will be installed:
  cron-daemon-common
Suggested packages:
  anacron logrotate checksecurity supercat
The following NEW packages will be installed:
  cron cron-daemon-common

# apt install rsync
The following NEW packages will be installed:
  rsync

# systemctl enable rsync
Synchronizing state of rsync.service with SysV service script with /usr/lib/systemd/systemd-sysv-install.
Executing: /usr/lib/systemd/systemd-sysv-install enable rsync
# vim /etc/rsyncd.conf

# cat /etc/rsyncd.conf 
# /etc/rsyncd: configuration file for rsync daemon mode

# See rsyncd.conf man page for more options.

# configuration example:

# uid = nobody
# gid = nobody
# use chroot = yes
# max connections = 4
# pid file = /var/run/rsyncd.pid
# exclude = lost+found/
# transfer logging = yes
# timeout = 900
# ignore nonreadable = yes
# dont compress   = *.gz *.tgz *.zip *.z *.Z *.rpm *.deb *.bz2

# [ftp]
#        path = /home/ftp
#        comment = ftp export area
# /etc/rsyncd: configuration file for rsync daemon mode
uid = root
max connections = 5
syslog facility = local5
pid file = /var/run/rsyncd.pid

[root]
        path=/
        read only = yes
        # allow       azul         zbox          borg           ctl
        hosts allow = 142.103.51.4 142.103.236.6 142.103.236.30 142.103.51.25


# systemctl start rsync
# systemctl status rsync
● rsync.service - fast remote file copy program daemon
     Loaded: loaded (/usr/lib/systemd/system/rsync.service; enabled; preset: enabled)
     Active: active (running) since Thu 2025-10-02 09:33:20 PDT; 3s ago
       Docs: man:rsync(1)
             man:rsyncd.conf(5)
   Main PID: 18262 (rsync)
      Tasks: 1 (limit: 2209)
     Memory: 828.0K (peak: 1.0M)
        CPU: 13ms
     CGroup: /system.slice/rsync.service
             └─18262 /usr/bin/rsync --daemon --no-detach

Oct 02 09:33:20 web04.phas.ubc.ca systemd[1]: Started rsync.service - fast remote file copy program daemon.
Oct 02 09:33:20 web04.phas.ubc.ca rsyncd[18262]: rsyncd version 3.2.7 starting, listening on port 873

# ufw allow from 142.103.51.25 to any port 873
Rule added

# ufw status
Status: active

To                         Action      From
--                         ------      ----
22/tcp                     ALLOW       Anywhere                  
Anywhere                   DENY        127.0.0.0/8               
873                        ALLOW       142.103.51.25             
22/tcp (v6)                ALLOW       Anywhere (v6)             
Anywhere (v6)              DENY        ::1                       

# apt install update-notifier-common
The following additional packages will be installed:
  distro-info patch python3-debian ubuntu-pro-client ubuntu-pro-client-l10n update-manager-core
Suggested packages:
  shunit2 ed diffutils-doc policykit-1
The following NEW packages will be installed:
  distro-info patch python3-debian ubuntu-pro-client ubuntu-pro-client-l10n update-manager-core update-notifier-common

===========================================================================================
25-10-08
# apt install locate
# updatedb