This is a detailed description about the steps to be taken to setup a Debian based server that offers all services needed by ISPs and hosters (web server (SSL-capable), mail server (with SMTP-AUTH and TLS!), DNS server, FTP server, MySQL server, POP3, Quota, Firewall, etc.).
The Perfect Setup – Debian
About The Author
Eugenia Loli
Ex-programmer, ex-editor in chief at OSNews.com, now a visual artist/filmmaker.
Follow me on Twitter @EugeniaLoli
Very nice, and timely, since I will be using Debian for my companies setup!
BTW, I LOVE these tutorials here on OSNews. Keep it up.
I want more illustrated tutorials in the linux world!
“setup a Debian based server that offers all services needed by ISPs and hosters”
If any ISP/webhost needs to read this guide to get their services up and running, I think I’d be better off taking my business elsewhere.
If his customers really need this howto, I’d be seriously questioning their competence to offer their services on a commercial basis anyway. This piece gives the distinct impression that those companies running the 42go ISP-Manager don’t have the faintest idea what they’re doing. Running 42go is now, in my mind, a badge of cluelessness.
Additionally, there’s already a whole host of documentation for each of the services he sets up which goes into much more detail than he does. Much of it is already packaged in Debian together with the software.
Some sections are just a waste of space, e.g.:
“DNS-Server
apt-get install bind9”
Wow – lucky I stumbed across this HOWTO, because otherwise I never would have guessed!
I don’t think this tutorial was intended for people wanting to setup an ISP. I think it was intened for people wanting to setup a server with ISP-like services.
Good article. I’ve been looking for something similar. I need to setup a mail server while using noip.com for dynamic dns…
Nice work but a few comments…
The following is probably a bit cryptic for newbies:
Then enter the main IP address of the system, its network mask, the gateway address and the domain of the system (here: example.com).
Why not give some examples of what would be used! What is a gateway address?
Will the following overwrite my Windows 2000 MBR thus making Win2k unbootable?
Select Install LILO in the MBR:
A brief descrition of what all the programs do would also be useful.
Is it easier to build this server with Debian or FreeBSD?
Its no good to mix firewalls with services and compilers.
firewalls should do nothing but firewalling, u know what im saying…
congratulations to the guy who wrote this awesome how-to
Saludos!
This brings up a good question: What is better? A linux/pc based firwall or a hardware device (ie Linksys cable router)? It always seemed a little Rube Goldberg-ish to set up a dedicated pc to do something a $40 unit could do.
http://developers.slashdot.org/article.pl?sid=03/12/01/2133249
It caused the Debian server compromise.
linksys is running linux (i think you knew that).
but
a small office of say 20 employees, with little discipine will crush that linksys like a cheap beer can.
now with Mandrake MNF running in a $100 pc with 2 nics will kick some serious booty.
transparent proxy, content filtering, blocking of inbound AND outbound ports, complex rules (no limit), dns cache, web cache, dhcp, the list goes on.
linksys is great for ones house.
but if you are worried about your kids surfing “www.bovineporn.net”
your linksys ain’t stopping jackshit.
The article seems really well done especially for someone new tot he debian system. Nice pics, nice resolution, no complains, hope this link doesn’t die soon.
hmms i wonder why he dont want to use md5 passwords
Ouch… Using Mandrake just to have a pretty interface to partition the hard drive ๐ At least recommend/suggest Knoppix.
Another got’cha is with setting up the cron job for/as root… we’re give the “if it doesn’t exist” example and not the more simple “if it does” example of crantab -e.
Apologies but this document is not ready for the 1.0 stamped on it… perhaps 0.75.
I want more illustrated tutorials in the linux world!
Yes, I think tutorials should always have screenshots, even if it’s of text (or curses-like) interfaces. However, if I may make a suggestion for any would-be tutorial maker: use a VMWare virtual machine within a desktop (Linux, preferably ๐ for your tutorial. That way you’ll be able to make decent screenshots wihtout having to use a digital camera.
df
Are you going to troll every comment section about the kernel or Debian with that link? You’re like on of those useless, annoying Usenet cross-poster…Yeah there was a Kernel exploit, it got caught and is already corrected, and the Debian code base is safe.
Such a local exploit is still a lot less dangerous than the numerous remote exploits for IE or OE.
“If any ISP/webhost needs to read this guide to get their services up and running, I think I’d be better off taking my business elsewhere.”
I am planning to do some colocation and want to use something like Debian stable, so this article came just in time ๐
I’ve posted it a total of twice. Don’t get your panties in a ruffle.
It won’t be posted as news here, so I just mentioned it in the kernel article and here in this Debian article, where it is relevant.
Does it anger you that I point it out?
It wasn’t a local exploit, it affects all kernels before 2.4.23, and it’s a bigger deal than some user-ran executable attachment that you label as an Outlook hole.
It was a big buffer overflow in the kernel. Face it.
Sorry to burst your bubble, but it is indeed a local exploit:
http://lists.debian.org/debian-security-announce/debian-security-an…
As such, it does not – like some of the OE executable attachement or IE security holes – enable a remote user to take control of the PC. What it does, if I understand it correctly, is give superuser privileges to a user program.
What that means is that, in order to gain root privilege, a remote hacker must first gain entry to the system through a user account (in this case, it was a sniffed password exploit), then use the local exploit to give root privilege to a process.
Even though it is a serious security breach, it is a lot less dangerous than giving administrative rights to a remote computer by visiting a web page or receiving an e-mail with a tainted attachement.
That said, I’m glad to hear that you won’t be cross-posting this all over the comments section. It was a bug, it was fixed.
if you want a mail server i suggest using redhat with the QVCS pop toaster guide, it bascially is a kick start installation for qmail, vmailmgr, courier-imap and squirrelmail.