How to secure an Ubuntu 12.04 LTS server - Part 2 The GUI installer script

This guide is based on various community forum posts and webpages. Special thanks to all. All comments and improvements are very welcome as this is purely a personal experimental project at this point and must be considered a work in progress. 

The Ubuntu Server Secure script:

  • The Ubuntu Server Secure script is set of GUI security administration tools to harden and audit the security on an Ubuntu 12.04 LTS server by using a GUI shell script to install and configure various security features found in How to secure an Ubuntu 12.04 LTS server - Part 1 The Basics.
  • This script was done as an experiment in using Zenity to create a interactive Gnome Gtk+ GUI installer.
  • Zenity is a great tool for creating a simple yet powerful GUI user interface on top of bash like shell script very quickly.

Requirements:

  • Ubuntu 12.04 LTS server with a standard LAMP stack installed.
  • Unity or Gnome Desktop installed.
  • Zenity installed. (Zenity installed by default in Ubuntu 12.04 LTS Desktop)

1. Ubuntu Server Secure - Screenshots

2. Ubuntu Server Secure - The Shell Script Code

  • Below is the contents of the ubuntu-server-secure.sh file.

3. Ubuntu Server Secure - Log File

  • Complete log can be found at: /var/log/uss_YYYY-MM-DD.log (replace YYYY-MM-DD with current date)

4. Ubuntu Server Secure - Installation Instructions

  • Install zenity if not already installed by default on Ubuntu: sudo apt-get install zenity
  • Download the Ubuntu Server Secure script from the links at the bottom of this page
  • Change Directory to the downloaded file : cd /path/to/download
  • To extract, open a terminal window and enter :
sudo tar -zxvf ubuntu-server-secure.tar.gz
cd ubuntu-server-secure
sudo chmod +x ubuntu-server-secure.sh
  • To run enter :
gksudo sh ubuntu-server-secure.sh

Download: 

AttachmentSize
Binary Data ubuntu-server-secure.tar.gz8.81 KB

Tags: 

Comments

Hi

Hi It's a shame the this script require a GUI to work. Is there any version that can run only in console? Regards

Unfortunately there is no

Unfortunately there is no command line version. Maybe in a future release.

I will begin following this

I will begin following this page as I intend to set up an HP blade for an SAAS product I'm working on. This would really come in handy if start to finish worked automatically with just a progress bar and step info. I value any time you spend on this.

Thanks

Hi, Thank you for this script ! I encountered some errors during installation. First, UFW is not activated automatically apparently. Then I had a problem with DNS Recursion, but it was because he was not installed on the machine. I think it would be good to do a check to see if Bind9 is installed, if it is not it installs. Finally PSAD does not install at all. It is stuck doing nothing... I also noticed that Fail2Ban was not present in the script, it is no longer necessary? Anyway still a big thank you for your work ! Since I use whatever you advise I have no problem with small jealous hackers :) Musyanon.

@ Musyanon

Hi, the script is not up to date, and the best would be to follow the manual instructions in part 1 to make sure things are working correctly.