This is already an update on my First Howto with debian. So far, I could atest that Debian has been very good to me, and lessen my daily admin tasks.

1. Install base system. I prefer a minimal install.

2. Setup Networking

2.1 Disable IPV6
vi /etc/modprobe.d/aliases
alias ipv6 off
alias net-pf-10 off
 
2.2 Setup IP
vi /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
 
# The loopback network interface
auto lo
iface lo inet loopback
 
# The primary network interface
allow-hotplug eth0
iface eth0 inet static
        address 192.168.1.211
        netmask 255.255.255.0
        network 192.168.1.0
        broadcast 192.168.1.255
        gateway 192.168.1.1

2.3 Modify Hosts

#vi /etc/hosts
127.0.0.1           localhost
127.0.1.1           rupert-debian
192.168.1.211     rupert-debian
222.73.255.64     mirrors.geekbone.org
61.132.102.124   debian.cn99.com
128.31.0.36       security.debian.org
 
# The following lines are desirable for IPv6 capable hosts
#::1     ip6-localhost ip6-loopback
#fe00::0 ip6-localnet
#ff00::0 ip6-mcastprefix
#ff02::1 ip6-allnodes
#ff02::2 ip6-allrouters
#ff02::3 ip6-allhosts

You can delete the commented (#) lines, if you don’t have ipv6 on your network…

2.4 Setup Basic Firewall
vi firewall.sh

iptables -F
iptables -N FIREWALL
iptables -F FIREWALL
iptables -A INPUT -j FIREWALL
iptables -A FORWARD -j FIREWALL
iptables -A FIREWALL -i lo -j ACCEPT
 
iptables -A FIREWALL -p icmp --icmp-type any -j ACCEPT
 
#iptables -A FIREWALL -p 50 -j ACCEPT
#iptables -A FIREWALL -p 51 -j ACCEPT
 
#iptables -A FIREWALL -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
#iptables -A FIREWALL -p udp -m udp --dport 631 -j ACCEPT
 
iptables -A FIREWALL -m state --state ESTABLISHED,RELATED -j ACCEPT
 
iptables -A FIREWALL -p tcp -m tcp --dport 22 --syn -j ACCEPT
iptables -A FIREWALL -p tcp -m tcp --sport 80 -j ACCEPT
iptables -A FIREWALL -p tcp -m tcp --sport 3306 -j ACCEPT
iptables -A FIREWALL -p tcp -m tcp --sport 5432 -j ACCEPT
iptables -A FIREWALL -p tcp -m tcp --syn -j REJECT
iptables -A FIREWALL -p udp -m udp -j REJECT
iptables-save > /etc/firewall-rules
iptables-restore < /etc/firewall-rules

sh -v firewall_setup.sh

To set it up on boot:
vi /etc/network/interfaces

iface lo inet loopback
pre-up iptables-restore < /etc/firewall-rules

I did catch a slight problem on this, for more details please read this post.

3. Specify the nearest source list 

<a href="/wordpress/?p=83">
vi /etc/apt/sources.list
#deb http://mirrors.geekbone.org/debian etch main
#deb-src http://mirrors.geekbone.org/debian etch main
 
deb http://mirrors.geekbone.org/debian etch main
deb-src http://mirrors.geekbone.org/debian etch main
</a>

4. Let’s get ssh up and running first.

<a href="/wordpress/?p=83">
apt-get update
apt-get install ssh
</a>

5. Once you have networking up and running, then I advise to upgrade to lenny (testing) as stated from the source list[3] above.

<a href="/wordpress/?p=83">
apt-get upgrade libc6
apt-get dist-upgrade
</a>

6. Reboot

7. Do you want this machine to be your desktop? If yes, let’s get gnome.

<a href="/wordpress/?p=83">
#aptitude install gnome
#aptitude install gnome-core
#aptitude install x-window-system
</a>

8. Reboot. You should see a graphical Gnome Login

9. Utilities

<a href="/wordpress/?p=83">
#apt-get install htop nmap unzip subversion build-essential cmake locate
#apt-get install libboost-graph*
</a>

10. Servers
#apt-get install apache2
#apt-get install postgresql-8.2
#apt-get install postgresql-8.2-postgis
#apt-get install postgresql-server-dev-8.2
#apt-get install mysql-server

11. Removing unwanted services
#update-rc.d -f portmap remove
#update-rc.d -f cupsys remove
#update-rc.d -f exim4 remove

12. Configuring vimrc with syntax highlighting

<a href="/wordpress/?p=83">
set nocompatible
set nu
set ts=4
syntax on
</a>