I have a project and request community help. I'm only using Linux and almost exclusively Ubuntu for about a year now, so maybe not a noob, but no expert. Installing and getting server to work, EASY! Installing and getting email server to work, surprisingly EASY! Understanding security and implementing good security plan, NOT so easy!
So I request help, learn something along the way, maybe and hopefully help others too. Starting with fresh 14.04 (Trusty) server, no options selected, connected to network only for install, I would like to end with 99.999% (five nines) secure email server. What is the first step? In the end, I will like to make YouTube instructional video, and would be glad to credit all those who offer help. Thank you!
So here is some decisions I have already made. 1) Ubuntu 14.04 server. Why? Ubuntu has great support forums! 2) iRedMail v0.8.7. Why? First, because I have installed it and have it working on three servers, and it is EASY! Thousands have used it. I do still have concern that the developer of iRedMail could have back door access. So, part of this exercise will be to account for that possibility. Also, iRedMail includes firewall iptables, also fail2ban, and clamav & amavis. I can provide info from currently configured server if you can tell me what and how. 3) Will need secure SSH remote access to server, e-mail notification of all successful remote access connections, email notification of any application modifications.
At this point, is it safe to assume I have an uncompromised server? I'm thinking Ebury, and SSH trojan from 2003 (though I have not yet installed SSH server).
My first question then: Is it possible to be sure that there is no back door access available or rootkit with my fresh Trusty install? Perhaps after all installation and configuration is complete this is a moot point, as it will be evident if there is. Maybe strong root password is what prevents it?
I should think that the first step is:
1) # sudo apt-get update
followed by
2) # sudo apt-get upgrade
So assuming the above is good first step, and just taking this one step at a time. What next? md5 checksums? root password configuraton? user configuration? Your suggestions are requested. If you're on board, then I'll take the next step based on YOUR suggestions, and go from there! Thanks in advance.
Bookmarks