1. Installation

  • Note: Enable DNS and HTTP services for the ethernet MAC address on the SMRU-EFW-MRM firewall.

  • Note: Set up a 192.168.26.2 fixed lease for the ethernet MAC address on the SMRU-SFW-MLA firewall.

  • Install Debian GNU/Linux 11 server with RAID 1 and LUKS 1 encryption.

    • Note: Use tbhf-anc-mla for the hostname and smru.shoklo-unit.com for the domain name.

    • Note: Select BIOS + RAID + LUKS.

    • Note: Only do the automatic installation, then continue with the configuration below.

2. Configuration

  • Start the computer.

  • Type the passphrase to unlock the computer.

  • Log in as delta on the tbhf-anc-mla server.

  • Enter the following commands at a Command Line.

    sudo su -                               # Get root privileges.
passwd                                  # Set root password to level 1.
passwd delta                            # Set delta password to level 2.

  • Enter the following commands at a Command Line with root privileges.

    ip a

delta config apt                        # Configure apt repositories.
delta config bash                       # Configure bash shell for each user.
delta config cron                       # Configure cron jobs.
delta config editor                     # Set default editor to vim.tiny for each user.
delta config kernel net.ifnames=0       # Disable consistent network device names.
delta config locale                     # Configure locale settings.

delta setup inventory                   # Install and configure inventory.
delta setup openssh                     # Install and configure openssh server.
delta setup sudo                        # Install and configure sudo for each user.
delta setup timezone                    # Install and configure time zone.

delta setup systemd-ethernet            # Install and configure dhcp ethernet network.

  • Restart the computer.

  • Log in as delta on the tbhf-anc-mla server using PuTTY.

  • Enter the following commands at a Command Line.

    ip a
ip link list
sudo systemctl --type service
ls -al /etc/resolv.conf
cat /etc/resolv.conf
    sudo apt-get update
sudo apt-get upgrade
sudo apt-get dist-upgrade
sudo apt-get autoremove
sudo apt-get autoclean

cat /etc/debian_version
df

sudo delta setup snmp-server 10.10.1.12 # Install and configure snmp server.
sudo delta setup vim                    # Install and configure vim editor for each user.

sudo grep -Ei --color=always "bad |brok|cann|crit|deni|err:|erro|fail|igno|insu|leak|lost|miss|not |such|unab|warn" /var/log/syslog
sudo zgrep -i 'systemd-networkd-wait-online' /var/log/syslog*
sudo zgrep -i 'lost carrier' /var/log/syslog*

3. CrowdStrike Sensor

3.1. Installation

  • Enter the following commands at a Command Line.

    scp -p delta@tbhf-anc-mla:/media/Windows/Software/CrowdStrike/falcon-sensor_6.28.0-12502_amd64.deb .
sudo apt-get install libnl-genl-3-200
sudo dpkg -i falcon-sensor_6.28.0-12502_amd64.deb
sudo /opt/CrowdStrike/falconctl -s --cid=<CID> --provisioning-token=<token> --tags="SMRU-Server"
sudo systemctl start falcon-sensor
ps -e | grep falcon-sensor
sudo systemctl status falcon-sensor

4. ANC Server

  • Enter the following commands at a Command Line.

    sudo delta setup apache                 # Install and configure apache http server.
sudo delta setup exim                   # Install and configure exim message transfer agent.
sudo delta setup php                    # Install and configure php.
sudo delta setup postgresql             # Install and configure postgresql database server.
sudo delta setup samba Other$           # Install and configure samba with Other$ share.