Recently after researching the modern needs of most businesses, I decided that it was time to include a simple tutorial for building a reasonably powerful security distro for your business. Familiarity with Linux is a prerequisite for this tutorial but beyond that I have you covered. You will need the following however:
- Internet connection
- Virtualbox software or other vm software (or hardware if you really trust your first build)
- USB if you are installing to harware
- Rufus or Unetbootin – if you are installing to hardware
- About 2 hours
Head over to suse studios and create an account. Once you are signed in select +create new appliance. The KDE environment in the top area is ideal for this tutorial, and at the bottom of the screen set a name for the build i.e. “Crazy Bill’s House Of Firewalls” or something equally useful to your business.
Add the packages you know you’ll need like:
aespipe, alpine, apache2, apache2-example-pages, apache2-icons-oxygen, apache2-mod_dnssd, arp-scan, arptables, arpwatch, audit-visualize, autossh, branding-openSUSE, compiz, compiz-kde4, conky, conky-doc, conntrack-tools, dhcp-server, dnsmasq, docker, docker-bash-completion, docker-compose, docker-distribution-registry, docker-test, docker-zsh-completion, e2fsprogs, etherape, ethtool, fail2ban, ftp, geany, geany-plugins, gfxboot-branding-openSUSE, git, git-core, glibc, glibc-locale, grub, grub2, grub2-branding-openSUSE, gsettings-backend-dconf, httrack, ipsec-tools, iputils, kdebase4-openSUSE, kdebase4-runtime-branding-upstream, kdebase4-session, kdebase4-workspace-branding-upstream, kdepasswd, kernel-default, kismet, konsole, ktorrent, kwin, leechcraft-networkmonitor, less, libreoffice-kde4, libsss_sudo, libyui-qt-pkg7, links, mariadb, mariadb-bench, mariadb-client, mariadb-errormessages, mariadb-test, mariadb-tools, mono-nat, mono-nat-devel, MozillaFirefox, MozillaFirefox-branding-upstream, mozilla-kde4-integration, MozillaThunderbird, nano, nano-plugin-conky, ncat, netcat-openbsd, net-snmp, NetworkManager-openvpn, ninja, ninja-ide, nmap, ntp, openCryptoki, openCryptoki-64bit, openCryptoki-devel, openldap2, openssh-askpass, openvpn, patterns-openSUSE-base, patterns-openSUSE-kde, patterns-openSUSE-minimal_base, phpMyAdmin, plymouth, postfix-doc, postfix-mysql, privoxy, python-cryptography, python-docker-py, python-kde4, python-kdebase4, racket-webserver, samba, sax3, sddm, seamonkey, snmp-mibs, soprano-backend-virtuoso, spamassassin, sudo, sudo-devel, SuSEfirewall2, syslog-ng, talk-server, tcpdump, tcptraceroute, telnet, telnet-server, timezone, traceroute, tracker, tracker-gui, uget, vim, vim-plugin-conky, w3m, wget, whois, wireshark, x11-tools, xorg-x11, xorg-x11-driver-input, xorg-x11-driver-video, xorg-x11-fonts, yast2-control-center-qt, yast2-docker, yast2-firstboot, yast2-sudo, yast2-x11, zenmap, zypper
Just to name a few…
(Don’t forget to add sudo – because it’s sudo)
In the next tabs there are options for configuring login info, startup scripts, and even adding branding. You can create some images for logos and wallpapers offline if you like. Go ahead and add them prior to the build – even add an eula of your own if you like. (Make sure to acknowledge the gnu licensing if it applies to your purposes.)
Then just as simply you are presented with a drop down list of options for the build. I like to change the default to live cd/dvd and start the build – generally about an hour and a half later I’m presented with the option to share the build – I generally do – but you certainly don’t have to. You can simply download the iso image and use unetbootin or rufus to build the installer for hardware – or use the iso in virtualbox.
But beyond the installation*
Start searching for the tools you couldn’t find on suse – the ones in github repositories – some of them will work and some of them wont – perhaps if you need some assistance you can set aside some paypal cash and contact a developer.
It’s a straight forward process – or you need a developer.