Back to Projects
Born2beroot
42 Abu Dhabi

Born2beroot

Secure Virtual Server Environment Setup

2 weeks
Individual Project
LinuxVirtualBoxSecuritySSHFirewallSystemD

A comprehensive system administration project focused on establishing a secure virtual server environment through meticulous configuration of security parameters, user management, and system hardening practices.

Source Code

Key Features

Security Configuration

Implemented comprehensive security measures including firewall rules, password policies, and user privilege management for enhanced system protection.

User Management

Configured user accounts, groups, and permissions with proper sudo access control and password aging policies.

Network Setup

Established secure network configuration with SSH access, port management, and network service restrictions.

System Services

Configured and managed essential system services, monitoring tools, and automated security scripts.

Development Journey

Phase 1

Virtual Environment Setup

Set up VirtualBox virtual machine with Debian OS, configured basic system settings, and established initial security parameters.

Phase 2

Security Hardening

Implemented comprehensive security measures including firewall configuration, password policies, and user privilege management.

Phase 3

Network & SSH Configuration

Configured SSH access with security best practices, set up network services, and implemented monitoring scripts.

Challenges & Solutions

Virtual Machine Configuration

Problem:

Solution:

Researched VirtualBox documentation and implemented NAT networking with port forwarding for SSH access.

Security Hardening

Problem:

Solution:

Followed security best practices and tested each configuration step to ensure system stability.

security_config.sh
bash
#!/bin/bash
# System security configuration script

# Configure UFW firewall
sudo ufw enable
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow 4242

# Password policy configuration
sudo sed -i 's/PASS_MAX_DAYS.*/PASS_MAX_DAYS 30/' /etc/login.defs
sudo sed -i 's/PASS_MIN_DAYS.*/PASS_MIN_DAYS 2/' /etc/login.defs

# Sudo configuration
echo "Defaults passwd_tries=3" >> /etc/sudoers.d/sudo_config
echo "Defaults badpass_message="Wrong password!"" >> /etc/sudoers.d/sudo_config

# Create monitoring script
cat > /root/monitoring.sh << 'EOF'
#!/bin/bash
# System monitoring script
wall "$(uname -a && df -h && free -h && who)"
EOF
PreviousNext