secure game/web server?
Is there such a thing as running a secure game server? I'm going to be running Apache chrooted for the webserver, along with doing some lock-downs on the Linux install itself... I am using Kernel GRSecurity features to help tighten the chroot and other security on the system...
My question/problem is this: I would like to run the box not only as an Apache web server, but also as a game server... is there ANY way to lock down a game server? Apache has numerous tutorials out there for security as does Linux in general... but I can't seem to find anything about a game server.... the games I will be hosting require X running... can I create a virtual Linux environment and run X+game server from within there? That way if the game server is compromised, it's contained in a virtual server... is this even possible?? Does anyone have any suggestions? |
Greetings!
There are applications that let emulate a virtual machine in which you can install any OS. I only know about vmware, however it is a commercial one :(. You will have networking available so that sounds like a good solution to me. I remember running win95 in a virtual machine which I used to teardrop from my actual linux box whenever i got annoyed! :D Mind you however that security flaws do exist in game servers. For example one version of Q2 had a nasty buffer overflow bug that made it possible for an attacker to even gain root privileges. So it's a good idea to secure it as best as you can. About chrooting the server application, I found this somewhere on the net (unfortunately it was in German so I'll try to translate it (bear with me ;))): # Download source and compile: cd /usr/local/src wget http://www.gsyc.inf.uc3m.es/~assman/...ail_1.9.tar.gz tar xzf jail_1.9.tar.gz cd jail_1-9_stable/src make make install # create chroot environment: /usr/local/bin/mkjailenv /var/chroot /usr/local/bin/addjailsw /var/chroot # create a new user: /root/confixx/confixx_useradd.pl -h /var/chroot -p password (encrypted) -g users -s /usr/local/bin/jail chrootuser1 # add system user to the chroot environment: /usr/local/bin/addjailuser /var/chroot /home/chrootuser1 /bin/bash chrootuser1 # Add additional applications to the chroot environment: /usr/local/bin/addjailsw /var/chroot -P <programname> I didn't test this myself but it was in a thread called 'Chroot mini-HOWTO' in a game server specific forum, so I hope this will help you somehow. ;) Good luck! |
All times are GMT -5. The time now is 08:43 PM. |