Linux Newbie seeking advice on proper security for 7.3 web server...
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
Linux Newbie seeking advice on proper security for 7.3 web server...
OK...I've finally got my new RH 7.3 server installed and RIADed like I think I want. As I'm in the progress of making this my first self-hosted web server I'd like to know how best to configure security o this box? This server will serve as a web server, ftp server, mail server, gallery, and prolly an MP3 server. I plan on installing PostNuke and managing everything from there. This server sits on a DSL/w2k network but will not be accessed by any w2k boxes. I have a seperate laptop running RH 8.0 that I plan on using for file sharing and firewall access to this box and the network.
I'm rambling, but please follow me. I'm trying to be thorough.
So with that said what is the best method of linux security that I should implement on this box? Anyone have any steps or processes they follow for properly securing their hosted servers? Anyone care to recommend any good tools I should download and install before I start configuring apache? I've viewed the threads listed on the 3 pages in this forum, security, but I wanna ask this question anyway as I'm hopigng it'll spawn some new questions or thought processes.
Please bear in mind that I am new to linux, especially security, so any responses are greatly appreciated.
Distribution: Whatever I feel like at the time I install.
I am not totally sure exactly how you have this box networked.
Is it directly connecteed to the internet?
If so are you planning on using this machine to be your firewall/router for other machines (ie your laptop).
As for security I would suggest learning something about iptables and if you do a search on here you should find numerous firewall/router iptable scripts. I pulled a basic one from here and then formulated my own from that one. I have a similar setup however I have an old machine that is my dedicated router and then everything else sits on machines behind that. Therefore it makes life a little easier by allowing me to just forward packets through my router instead of having to accept them. However it isn't that hard to do what I believe you are doing too. Hope this helps some.
Anyone care to recommend any good tools I should download and install before I start configuring apache?
We had a thread started by Markus1982 aprox a month ago about server security practices and tools. If you haven't read it, plz do so first. Then load up the LQ Security references, especially post #1, the CERT and SANS stuff.
I've viewed the threads listed on the 3 pages in this forum, security, but I wanna ask this question anyway as I'm hopigng it'll spawn some new questions or thought processes.
If you follow the stuff above, you'll be able to ask for more specific stuff based on what you've read about there, what you know already and what you need. In the end that allows us to be more helpfull as well.
bbenz3: As for security I would suggest learning something about iptables and if you do a search on here you should find numerous firewall/router iptable scripts.
I can understand where this is coming from, but it's a general misconception that a firewall == security.
Security starts at the base, that's the O.S. itself, is an ongoing process, and is usually outlined by defining what a box is going to be used for (and the company's security policy, if any). When you chalk up the requirements, you'll have the outline for SW specs, user and network access needs.
Fastforwarding it you need to establish a log to record all admin changes, install (only!) essential stuff, backup your configs, record your HW/SW data, introduce a file system integrity checker, backup and upgrade plan, remote access (and remote logging if necessary) and then secure the base system to "seal it off".
When user, application and network restrictions are in place, audit your system using any of CIS scanner, env_audit, COPS, Tiger etc, etc all based on minimally the SANS Top 20 common vulnerabilities and the AUSCERT UNIX checklist. Then you're able to configure public network services based on the framework you made, and tweak the framework where necessary.
This web server sits at my home location on a w2k network that sits behind my linksys dsl router, which is acting as my router/firewall. My main intent is to ensure that this server is as secure as I can get it since it's the only Linux server/web server on my network. I don't know if installing a firewall on this box is necessary or required being that I'm using port forwarding on my dsl router, so I don't know how the additional firewall will react. This web server will be exposed or open to the Internet, but aside from outside users accessing the website that I plan on hosting and me accessing the server from a linux 8.0 laptop from time to time, there will be no other users are options open for internal access.
Let me also restate that I am new to linux and linux security, so I'm not that familiar with some of the tools that are being mentioned. If it's necessary that I install a firewall onto this box can someone provide a tool that's doesn't require a lot of customizing? I don't want to build a firewall from scratch. I simply want to get this initial process over of leaning linux, securing a web server, and going from there.
I'm going thru the LQ Security preferences. Haven't located that post by markus1982, but I'm looking for it.