bit-tech.net

Build your own server: Part 2

Using Webmin

Now that Webmin is installed, we should really get ourselves accustomed to it. Webmin is an enormous package, with lots of plug-in modules enabled by default.

The problem is, a lot of modules means a lot of overhead, a lot of potential vulnerabilities, and a lot of places for things to stop working. Though many services aren't supposed to easily impact one another, stranger things have happened! Since a lot of those modules aren't used on this server, we really should disable and remove them. Fortunately, this process is quite easy.

While an in depth guide about Webmin is certainly beyond the scope of this article, I'll try to explain some basic functions. For a more in depth read about Webmin, head over to the Webmin documentation page.

But enough of the chitchat, let's get started...

Build your own server: Part 2 Using Webmin Build your own server: Part 2 Using Webmin

We log in with our regular username and password, the one we set up in the beginning during the initial server install. Once we are logged on, we are greeted with a nice overview of our server. But Webmin isn't a monitoring tool, it's an administrative tool. Like I already noted, Webmin offers a lot of unused modules. First thing we'll do is strip them out. So, click on the “Webmin” tab and select “Webmin Configuration”. Modules are managed through “Webmin Modules”.

Build your own server: Part 2 Using Webmin Build your own server: Part 2 Using Webmin

You can manage all modules through this and because we want to delete some unneeded modules, click on the “delete” tab. Here we can select the modules we want to get rid of. Just press control and select the ones you want to remove. For your convenience, I dug through Webmin and made a list:
  • System: Disk quota, all LDAP modules, MON Service monitor, Security Sentries
  • Servers: BIND DNS Server, CVS, DHCP Server, Dovecot IMAP/POP3 Server, Fetchmail Mail Retrieval, Frox FTP Server, Jabber IM Server, Majordomo List Manager, OpenSLP Server, Postfix Configuration, PostgreSQL Database Server, Procmail Mail Filter, QMail Configuration, Sendmail Configuration, Spamassassin Mail Filter, Squid Analysis Report Generator, Squid Proxy Server, WU-FTP Server, Webalizer Logfile Analysis
  • Networking: ADSL Client, IPsec VPN Configuration, Kerberos5, NFS Exports, all PPP modules, all PPTP modules, SSL Tunnels, Shorewall Firewall, idmapd daemon
  • Hardware: Logical Volume Management , Printer Administration , SMART Drive Status , Voicemail Server
  • Cluster: all Cluster modules, Configuration Engine, Heartbeat monitor

Since there are quite a lot of options, it's safest to do them in steps. After you have selected the ones you want to remove, click “Delete Selected Modules”. Webmin asks for confirmation. Don't forget to tick the “Remove from users and reset access control settings?” checkbox before clicking “Delete”. Rinse and repeat until you've finished the whole lot.

Build your own server: Part 2 Using Webmin Build your own server: Part 2 Using Webmin

When you've ploughed through the pile, restart Webmin to apply the changes. Restarting is done by scrolling down in the “Webmin Configuration” page and clicking on the “Restart Webmin” button. You may have to refresh your browser for the changes to take effect. Now it's time to show what Webmin can do. Go to “Users and Groups” located under the “System” link. This gives a list of all users, including system users.

Build your own server: Part 2 Using Webmin

By just clicking on a username, you can easily alter everything about that user. Now you see why Webmin can pose a security threat. Feel free to look around and see what info is needed for a user. You can also easily change passwords through here.