Re: Securing Fedora Core 4

From: AragonX (aragonx_at_dcsnow.com)
Date: 09/23/05

  • Next message: Charles Heselton: "RE: Securing Fedora Core 4"
    Date: Fri, 23 Sep 2005 08:46:17 -0400 (EDT)
    To: kjusupov@yahoo.com
    
    

    <quote who="K. Jusupov">
    >
    > Nice (impressive) list...
    >
    > But wouldnt it be better first to classify the servers
    > that you are going to secure?
    >
    > DB server might not neet spamassasin installed or mail
    > server would not require for php related things and so
    > on...
    >
    > And it would be easier later to maintain all these
    > extra packages (updates would be required not only OS
    > related, but these packages as well...)

    Well, the offices that I will be setting up are rather small and I can't
    convince them to separate the services to multiple machines.

    So basically, the servers will have to do everything. Email, web,
    firewall, gateway, file & print. Those are the tasks it will have to
    perform.

    There won't be any confidential information on the server so data
    protection is not a big priority.

    Email and web are the services that will be available to the Internet. I
    guess I'm more worried about the web services. They need remote email and
    I was planning on using Squirrelmail for that. They will probably want
    reports something that Awstats can perform.

    That opens 3 big holes. Php, Perl and CGI. I'll use Apache to password
    protect the directories that these applications will live in. That should
    stop the worms.


  • Next message: Charles Heselton: "RE: Securing Fedora Core 4"