Backup, Automation, Email and the Internet

COIT20266 Systems Security Administration
Week 05 [1]
COIT20266 – Systems Security Administration
Week 05 – Backup, Automation, Email and the Internet
This week we learn the basics of backing up our system and
automating processes. We will investigate the various logs our
system generates and identify the information that they contain.
We will get email working from our system, which will allow system
generated alerts to be emailed directly to us.
Finally we will install and test a basic Web Server.
Summary
Software we need to install
* exim (www.exim.org, help.ubuntu.com/community/Exim4) – “Exim is
a message transfer agent (MTA) developed at the University of
Cambridge for use on Unix systems connected to the Internet.”
* lighttpd (
www.lighttpd.net) – high performance, low memory
footprint web server.
Chapters we need to read
* 09 – Periodic Processes
* 10 – Backups
* 11 – Syslog and Log Files
* 20 – Electronic Mail
* 23 – Web Hosting
Tasks
Readings
COIT20266 Systems Security Administration
Week 05 [2]
Read all of the recommended chapters before installing the
software or attempting the assessment items. The readings will
give us some background information that should help in
understanding: how processes/jobs can be configured to run at
scheduled times, the ins and outs of backing up our system, where
system logs are kept and what they contain, how Electronic Mail
works at the server level and how to setup and configure a basic
Web Server.
Read through the assessment items before making any changes.
Assessment
1. Create a table that lists all of the files that crontab
runs/parses, their main purpose/use, and the frequency that they
are run if the frequency is not specified in the file itself.
[Don’t forget user crontab files – where are they stored?]
2. Write a shell script using the *tar* command to do a level 0
backup of the /home directory and all significant system
configuration files (all those we have made changes to – discuss
on the course forum if unsure). Make crontab entries to trigger
the backup script to run daily, weekly and monthly with suitable
names for the output files (e.g. daily01.tgz – daily07.tgz,
weekly01.tgz – weekly05.tgz and monthly01.tgz – monthly12.tgz).
Submit your backup script (homesysbackup.sh), crontab entries and
a sample backup file. [Create a directory /mnt/backup and use it
as the default backup location.]
3. Write a step by step guide for recovering files from your
backups. [Ensure the original timestamps and ownerships of the
files are maintained.]
4. Submit the following log files in a single logs.tgz file:
* /var/log/syslog
* /var/log/auth.log
* /var/log/apt/history.log
* /var/log/dpkg.log
* last.log after running “last > last.log”
* dmesg.log after running “dmesg > dmesg.log”

COIT20266 Systems Security Administration
Week 05 [3]
5. Install Exim as outlined in the provided “
Installing Email
document. We are only interested in sending email, not receiving
it – this removes a significant security issue from our server.
Once you have Exim installed and working, send an email to your
campus lecturer from the command line (use the mail command) with
the Subject: “SYSADM:StudentNo”, where “StudentNo” is your student
number and include a brief statement of how easy or difficult you
are finding the course in the message body. Distance students
should send their email to the course coordinator.
You will need a gmail account for this installation. Alternate
SMTP servers can be used if you feel confident in using them. You
can use your student CQUMail account. If you use an alternate
SMTP server, include basic details of the server in your email.
The email address is available from the course website or ask your
lecturer.
Distance students: your campus lecturer is the course coordinator.
6. Install lighttpd as outlined in the provided “
Installing a Web
Server
” document. Submit a screenshot of your desktop browser
displaying the output of the test php web server page (index.php).
How to submit:
Include all guides, answers etc. in a single Word document. Your
homesysbackup.sh script, backup.tgz and logs.tgz files and the
Word document should be zipped up as
week05.zip. Don’t submit it
yet – it’s not due till Week 6.
Weeks 2,3,4 and 5 need to be submitted together and all are due in
Week-6. At that time you should zip up your weeks 2,3,4 and 5 zip
files as
Week2345.zip and submit it.