My First 10 Seconds On A Server

1078 Views

While doing security research it is not uncommon for me to build and destroy between 20 and 25 cloud servers a week on Digital Ocean.

While there are great guides like:

My First 10 Minutes On a Server – Primer for Securing Ubuntu

My First 5 Minutes On A Server; Or, Essential Security for Linux Servers

I do not have the time to manually follow these guides on a server I may shut down in an hour so I have slowly been building a shell script to do a lot of this for me.

Now the first thing I do when I log into a box is:

curl -sSL https://raw.githubusercontent.com/jgamblin/quickinstall/master/quickinstall.sh | sh

The script does the following:

Enables UFW and denies all inbound traffic except for SSH.

Sets the timezone to Universal Coordinated Time

Installs Python, Ruby, nodejs, Docker.io, Fail2Ban and unattended-upgrades

Launches a PCAP docker container to capture all server traffic in a PCAPs.

While it is not pretty it does what I need:

# #Install and configure firewall # echo -e "

Installing and configuring firewall

" apt-get install ufw -y ufw default deny incoming ufw default allow outgoing ufw allow ssh cat /etc/ufw/ufw.conf | sed 's/ENABLED=no/ENABLED=yes/g' > ~/ufw.conf chmod 0644 ~/ufw.conf mv -f ~/ufw.conf /etc/ufw/ufw.conf # # set timezone to Universal Coordinated Time # sudo timedatectl set-timezone UTC # # Upgrade installed packages to latest # apt-get update && apt-get dist-upgrade -y # #Install stuff I use all the time # apt-get install -y build-essential checkinstall docker.io fail2ban git git-core libbz2-dev libc6-dev libgdbm-dev libncursesw5-dev libreadline-gplv2-dev libsqlite3-dev libssl-dev nikto nmap nodejs python-dev python-numpy python-scipy python-setuptools tk-dev unattended-upgrades # #Install Ruby # curl -L https://get.rvm.io | bash -s stable --ruby # #PCAP Everything # docker run -v ~/pcap:/pcap --net=host -d jgamblin/tcpdump

I will continue to build this out in this github repo .