My First 10 Seconds On A Server

While doing security research it is not uncommon for me to build and destroy between 20 and 25 cloud servers a week on Digital Ocean.

While there are great guides like:
My First 10 Minutes On a Server – Primer for Securing Ubuntu
My First 5 Minutes On A Server; Or, Essential Security for Linux Servers

I do not have the time to manually follow these guides on a server I may shut down in an hour so I have slowly been building a shell script to do a lot of this for me.

Now the first thing I do when I log into a box is:
curl -sSL https://raw.githubusercontent.com/jgamblin/quickinstall/master/quickinstall.sh | sh

Screen Shot 2016-07-13 at 8.20.56 AMThe script does the following:
Enables UFW and denies all inbound traffic except for SSH.
Sets the timezone to Universal Coordinated Time
Installs  Python, Ruby, nodejs, Docker.io, Fail2Ban and unattended-upgrades
Launches a PCAP docker container to capture all server traffic in a PCAPs.

While it is not pretty it does what I need:

#
#Install and configure firewall
#
echo -e "\nInstalling and configuring firewall\n"
apt-get install ufw -y
ufw default deny incoming
ufw default allow outgoing
ufw allow ssh

cat /etc/ufw/ufw.conf | sed 's/ENABLED=no/ENABLED=yes/g' > ~/ufw.conf
chmod 0644 ~/ufw.conf
mv -f ~/ufw.conf /etc/ufw/ufw.conf

#
# set timezone to Universal Coordinated Time
#
sudo timedatectl set-timezone UTC

#
# Upgrade installed packages to latest
#
apt-get update && apt-get dist-upgrade -y

#
#Install stuff I use all the time
#
apt-get install -y build-essential checkinstall docker.io fail2ban git git-core libbz2-dev libc6-dev libgdbm-dev libncursesw5-dev libreadline-gplv2-dev libsqlite3-dev libssl-dev nikto nmap nodejs python-dev python-numpy python-scipy python-setuptools tk-dev unattended-upgrades 

#
#Install Ruby
#
curl -L https://get.rvm.io | bash -s stable --ruby

#
#PCAP Everything
#
docker run -v ~/pcap:/pcap --net=host -d jgamblin/tcpdump

I will continue to build this out in this github repo .

Site Footer