Re: Securing Fedora Core 4

From: AragonX (aragonx_at_dcsnow.com)
Date: 09/23/05

  • Next message: Charles Heselton: "RE: Securing Fedora Core 4" 
    Date: Fri, 23 Sep 2005 08:46:17 -0400 (EDT)
To: kjusupov@yahoo.com

    <quote who="K. Jusupov">
    >
    > Nice (impressive) list...
    >
    > But wouldnt it be better first to classify the servers
    > that you are going to secure?
    >
    > DB server might not neet spamassasin installed or mail
    > server would not require for php related things and so
    > on...
    >
    > And it would be easier later to maintain all these
    > extra packages (updates would be required not only OS
    > related, but these packages as well...)

    Well, the offices that I will be setting up are rather small and I can't
    convince them to separate the services to multiple machines.

    So basically, the servers will have to do everything. Email, web,
    firewall, gateway, file & print. Those are the tasks it will have to
    perform.

    There won't be any confidential information on the server so data
    protection is not a big priority.

    Email and web are the services that will be available to the Internet. I
    guess I'm more worried about the web services. They need remote email and
    I was planning on using Squirrelmail for that. They will probably want
    reports something that Awstats can perform.

    That opens 3 big holes. Php, Perl and CGI. I'll use Apache to password
    protect the directories that these applications will live in. That should
    stop the worms.

  • Next message: Charles Heselton: "RE: Securing Fedora Core 4"

    Relevant Pages

    • Re: IIS 6 features
      ... of your web *server*. ... In the case where a web application pool is failing ... You can configure how and when Rapid Fail Protection kicks in. ... interested in getting to know IIS 6, then I suggest reading the IIS Res Kit: ...
      (Focus-Microsoft)
    • Re: Anti Virus: Improving the defense strategy through proactiveness...
      ... virus protection, and then client level virus protection and then user level ... same way so that server level AV is updated as well. ... Goner before it even left the server on it's way to the client and before I ... Lastly, stay on top of security patched especially from MS. IE, OE and O2K ...
      (comp.security.misc)
    • Re: Anti Virus: Improving the defense strategy through proactiveness...
      ... virus protection, and then client level virus protection and then user level ... same way so that server level AV is updated as well. ... Goner before it even left the server on it's way to the client and before I ... Lastly, stay on top of security patched especially from MS. IE, OE and O2K ...
      (comp.security.unix)
    • Re: VOLKER--Re: Kids bypassing firewall via web proxy sites
      ... address like "president@xxxxxxxxxxxxxx" and sending a spam to ... fellow clueless friend "Volker" to setup an email server which is wide ... Learn how to setup your email server properly before whining like this. ... properly setup server with proper protection. ...
      (comp.security.firewalls)
    • Re: Trend too expensive - what is a good replacement?
      ... I still think I might consider going to GFI for the mail protection. ... > I'm curious about the $2300 price tag for 50 users. ... >> want to be everything to everyone and the client is loaded down with too ... >> server on the LAN. ...
      (microsoft.public.backoffice.smallbiz2000)