Network Security: Detailed info on Re: Securing Fedora Core 4

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Focus-Linux

[Top] [All Lists]

Re: Securing Fedora Core 4

from [Glynn Clements] Network Security

[Permanent Link]

Subject:	Re: Securing Fedora Core 4
Date:	Sun, 25 Sep 2005 01:44:16 +0100


AragonX wrote:

Well, the offices that I will be setting up are rather small and I can't
convince them to separate the services to multiple machines.

So basically, the servers will have to do everything.  Email, web,
firewall, gateway, file & print.  Those are the tasks it will have to
perform.

Email and web are the services that will be available to the Internet.


The public web server should definitely be a separate box, especially
if it has any kind of CGI or scripting capability (i.e. mod_cgi,
mod_perl, mod_php etc), and it shouldn't be given any trust (i.e. any
firewall rules or access lists which distinguish between "internal"
and "external" systems should treat the web server as external).

Rule #1 of running a web server: assume that it is going to get
compromised occasionally. Obviously, you try to prevent that, but
don't assume that you will be entirely successful.

-- 
Glynn Clements <glynn@gclements.plus.com>

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
RE: Securing Fedora Core 4, (continued) RE: Securing Fedora Core 4, Charles Heselton Message not available RE: Securing Fedora Core 4, Will Yonker Re: Securing Fedora Core 4, Syn Ack Re: Securing Fedora Core 4, AragonX Re: Securing Fedora Core 4, Syn Ack Re: Securing Fedora Core 4, Iraj Hedayati Re: Securing Fedora Core 4, lars Re: Securing Fedora Core 4, K. Jusupov Re: Securing Fedora Core 4, AragonX Re: Securing Fedora Core 4, Fco. Jose Garrido Matamoros Re: Securing Fedora Core 4, Glynn Clements <= Re: Securing Fedora Core 4, Martijn Feleus Re: Securing Fedora Core 4, Cocobu Re: Securing Fedora Core 4, AragonX Re: Securing Fedora Core 4, Cocobu Re: Securing Fedora Core 4, Joachim Schipper Re: Securing Fedora Core 4, Ryan Cummings Re[2]: Securing Fedora Core 4, barti Re: Securing Fedora Core 4, Andrea Pasquinucci RE: Securing Fedora Core 4, Shay Wilson

Previous by Date:	Re: Securing Fedora Core 4, Joachim Schipper
Next by Date:	Re: Securing Fedora Core 4, Andrea Pasquinucci
Previous by Thread:	Re: Securing Fedora Core 4, Fco. Jose Garrido Matamoros
Next by Thread:	Re: Securing Fedora Core 4, Martijn Feleus
Indexes:	[Date] [Thread] [Top] [All Lists]