FreeBSD Servers
I recently discovered BSD and have since fallen in love with it. It is everything I hoped Linux would be... and wasn't.
In my adventures in BSD Land, I have attempted to configure a few servers for personal/public use, and here is my most recent concoction in an attempt to develop a "BASE" BSD server install. I started with FreeBSD 9.0 install cd and performed a text book install. (nothing special)
First I used portsnap to download the latest ports:
# portsnap fetch # portsnap extract # portsnap update
This also took a long time. When it is done is where the fun begins. We have to start with SVN (subversion), because we need the kernel source to do a few things and svn is one of the recommended ways to get the kernel source.
So I started with:
cd /usr/ports/devel/subversion make install clean
When that was done I downloaded the kernel source with this: (I spent a solid 2 hours to figure out how to get and install the source code for the FreeBSD Kernel, the handbook recomends using "sysinstall" but according to the forums "sysinstall" has not worked for a very long time but they have not yet updated the documentation. There are three ways to download the source I decided on this one.)
svn checkout svn://svn.freebsd.org/base/releng/9.0/ /usr/src
This took a while, it downloaded the entire source for the kernel (with its history I think..).
After the kernel was installed I went for security:
cd /usr/ports/security/rkhunter make install clean cd /usr/ports/security/clamav make install clean cd /usr/ports/security/mcrypt make install clean
Then I went for some basic utilities and tools I regularly use:
cd/usr/ports/graphics/ImageMagick-nox11 make install clean cd /usr/ports/editors/vim make install clean cd /usr/ports/lang/python make install clean cd /usr/ports/www/elinks make install clean
In that process a lot of other libraries are installed (as dependencies), including perl, wget, and a few other goodies.
Now this is not a fully configured server... but should be a good base for just about any server. This could easily become just about any type of server FTP, HTTP, SSH, etc... this should have the basic parts you need to get a good server going. No doubt you will need other software to get rolling but this should be a good plat form.
I don't know about you, but on my 3.6 GHz processor it took about 8 hours to download compile and configure this server.
You will want to configure your firewall, cron jobs for rkhunter and clamAV, as well as configuring SSHD to not allow root login (after you have created user accounts). I also strongly recommend disabling ssh passwords and going with a KEY only login. This "should" help prevent brute force attacks on ssh passwords. A long with any other specific security you are looking for for your server. I try to install as few applications as needed on a server that will be facing the public, the less there is there... the less that can be exploited. Remember there is more to know about security and setup than one can truly know in a life time, just make sure to do your home work and study up on what you want to install BEFORE you in stall it.
Written by Matthew Craig on Thursday 16th of February 2012 08:21:42 PM
Page Information:
- Tags: FreeBSD, Server, Config
- Description: Setting up my third FreeBSD server for public connection.
![[Valid RSS]](http://taggedzi.com/skin/images/valid-rss-rogers.png "Validate my RSS feed")
