How to secure an Ubuntu 12.04 LTS server - Part 2 The GUI installer script

Submitted by The Fan Club on

This guide is based on various community forum posts and webpages. Special thanks to all. All comments and improvements are very welcome as this is purely a personal experimental project at this point and must be considered a work in progress. 

The Ubuntu Server Secure script:

  • The Ubuntu Server Secure script is set of GUI security administration tools to harden and audit the security on an Ubuntu 12.04 LTS server by using a GUI shell script to install and configure various security features found in How to secure an Ubuntu 12.04 LTS server - Part 1 The Basics.
  • This script was done as an experiment in using Zenity to create a interactive Gnome Gtk+ GUI installer.
  • Zenity is a great tool for creating a simple yet powerful GUI user interface on top of bash like shell script very quickly.

Requirements:

  • Ubuntu 12.04 LTS server with a standard LAMP stack installed.
  • Unity or Gnome Desktop installed.
  • Zenity installed. (Zenity installed by default in Ubuntu 12.04 LTS Desktop)

1. Ubuntu Server Secure - Screenshots

2. Ubuntu Server Secure - The Shell Script Code

  • Below is the contents of the ubuntu-server-secure.sh file.

3. Ubuntu Server Secure - Log File

  • Complete log can be found at: /var/log/uss_YYYY-MM-DD.log (replace YYYY-MM-DD with current date)

4. Ubuntu Server Secure - Installation Instructions

  • Install zenity if not already installed by default on Ubuntu: sudo apt-get install zenity
  • Download the Ubuntu Server Secure script from the links at the bottom of this page
  • Change Directory to the downloaded file : cd /path/to/download
  • To extract, open a terminal window and enter :
sudo tar -zxvf ubuntu-server-secure.tar.gz
cd ubuntu-server-secure
sudo chmod +x ubuntu-server-secure.sh
  • To run enter :
gksudo sh ubuntu-server-secure.sh

Download: 

AttachmentSize
Binary Data ubuntu-server-secure.tar.gz8.81 KB

Tags: 

Comments

Hi

Submitted by cmdr (not verified) on

Hi It's a shame the this script require a GUI to work. Is there any version that can run only in console? Regards

Unfortunately there is no

Submitted by The Fan Club on

Unfortunately there is no command line version. Maybe in a future release.

I will begin following this

Submitted by Richard (not verified) on

I will begin following this page as I intend to set up an HP blade for an SAAS product I'm working on. This would really come in handy if start to finish worked automatically with just a progress bar and step info. I value any time you spend on this.

Thanks

Submitted by Musyanon (not verified) on

Hi, Thank you for this script ! I encountered some errors during installation. First, UFW is not activated automatically apparently. Then I had a problem with DNS Recursion, but it was because he was not installed on the machine. I think it would be good to do a check to see if Bind9 is installed, if it is not it installs. Finally PSAD does not install at all. It is stuck doing nothing... I also noticed that Fail2Ban was not present in the script, it is no longer necessary? Anyway still a big thank you for your work ! Since I use whatever you advise I have no problem with small jealous hackers :) Musyanon.

@ Musyanon

Submitted by The Fan Club on

Hi, the script is not up to date, and the best would be to follow the manual instructions in part 1 to make sure things are working correctly.