VPS – Setting up

I've logged in to my VPS and started setting it up.

Basically, the VPS has the following specs:

• BuyVM-256MB
• 256MB RAM (Burstable to 512MB)
• 2 Core CPU
• 30GB of HDD
• 1000GB of data transfer
• 1 US based IP

The VPS was first setup with BuyVM’s Centos 6 template (selected during the VPS ordering page). However, the memory usage  seems to be a little bit on the high side, roughly 30mb idling after I cleaned up the unnecessary services and unused packages. No good… Still too much memory for running nothing…

So the next thing I tried was to reinstall to their “centos-5-i386-minimal”. After reinstalling, I can’t even ssh or console into the VPS… Resintalled again, still the same… Seems like that template is broken… No go.

Reinstalled to “CentOS 5 32bit”, the idling memory shows ~14mb.
Sweet! We are good to go!

The first thing I did, was to gather some baseline info from the VPS, to record down the state of the VPS basically. The commands I ran were:

uname -a
cat /etc/*release*
cat /etc/hosts
ifconfig -a
ps fauxwww
netstat -tulpn

The first 4 command are pretty self explanatory.
The forth one, “ps fauxwww”, list down the various processes in a tree form and shows the memory usage of each process. Very useful to determine what process is hogging memory.
The last one, “netstat -tulpn”, list down the ports that the server is currently listening on and the process that is binding to the port. A useful tool to help secure your box.

[root@server ~]# ps fauxwww
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.1 2156 664 ? Ss Sep09 0:00 init [3]
root 1249 0.0 0.1 2260 556 ? S<s Sep09 0:00 /sbin/udevd -d
root 1895 0.0 0.1 1812 572 ? Ss Sep09 0:00 syslogd -m 0
root 1932 0.0 0.1 2832 852 ? Ss Sep09 0:00 xinetd -stayalive -pidfile /var/run/xinetd.pid
root 1976 0.0 0.2 4492 1100 ? Ss Sep09 0:00 crond
root 1984 0.0 0.1 5680 700 ? Ss Sep09 0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2
root 1985 0.0 0.0 5680 440 ? S Sep09 0:00 _ /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2
root 3483 0.0 0.2 7200 1060 ? Ss Sep09 0:00 /usr/sbin/sshd
root 3863 0.1 0.5 10036 2836 ? Ss 08:02 0:00 _ sshd: keewee [priv]
keewee 3865 0.0 0.3 10036 1672 ? S 08:03 0:00 _ sshd: keewee@pts/0
keewee 3866 0.0 0.2 3712 1500 pts/0 Ss 08:03 0:00 _ -bash
root 3883 0.0 0.2 4092 1316 pts/0 S 08:03 0:00 _ su -
root 3884 0.1 0.2 3712 1488 pts/0 S 08:03 0:00 _ -bash
root 3903 0.0 0.1 2528 848 pts/0 R+ 08:03 0:00 _ ps fauxwww

[root@server ~]# netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1949/sendmail: acce
tcp 0 0 :::80 :::* LISTEN 1967/httpd
tcp 0 0 :::22 :::* LISTEN 1923/sshd

Combined, these two command can also help you determine what services to disable and what packages to uninstall.

After gathering the information, I started setting up the server.
I started off with some basic server security, creating a non-root user for logging in and securing SSH.

#Create Nonroot User
[root@server ~]# groupadd keewee
[root@server ~]# useradd -d /home/keewee -s /bin/bash -g keewee -m keewee

#Secure SSH
[root@server ~]# vi /etc/ssh/sshd_config
#Uncomment the following
LoginGraceTime 5m
PermitRootLogin no
StrictModes yes
MaxAuthTries 6
UsePrivilegeSeparation yes

[root@server ~]# service sshd restart

The next thing was to remove all the unnecessary packages, packages that I didn’t need or don’t use and is not essential to the operation of the box.
For this, I referred to to the “ps fauxwww” and “netstat -tulpn” output. I didn’t need sendmail and apache (httpd), so I chucked those.
I also went through the list of installed package by issuing “yum list installed” and picking out the packages I don’t want.
I ended up with the following packages to remove:

• bind
• fetchmail
• finger-server
• httpd
• lynx
• portmap
• procmail
• samba
• sendmail
• talk-server