LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 09-09-2003, 01:24 PM   #1
ixion
Member
 
Registered: Dec 2002
Location: USA
Distribution: SuSE, CentOS, Gentoo
Posts: 166

Rep: Reputation: 30
secure game/web server?


Is there such a thing as running a secure game server? I'm going to be running Apache chrooted for the webserver, along with doing some lock-downs on the Linux install itself... I am using Kernel GRSecurity features to help tighten the chroot and other security on the system...

My question/problem is this: I would like to run the box not only as an Apache web server, but also as a game server... is there ANY way to lock down a game server? Apache has numerous tutorials out there for security as does Linux in general... but I can't seem to find anything about a game server.... the games I will be hosting require X running... can I create a virtual Linux environment and run X+game server from within there? That way if the game server is compromised, it's contained in a virtual server... is this even possible?? Does anyone have any suggestions?
 
Old 09-09-2003, 05:06 PM   #2
gundelgauk
Member
 
Registered: Jul 2003
Distribution: Gentoo
Posts: 168

Rep: Reputation: 30
Greetings!


There are applications that let emulate a virtual machine in which you can install any OS. I only know about vmware, however it is a commercial one . You will have networking available so that sounds like a good solution to me. I remember running win95 in a virtual machine which I used to teardrop from my actual linux box whenever i got annoyed!

Mind you however that security flaws do exist in game servers. For example one version of Q2 had a nasty buffer overflow bug that made it possible for an attacker to even gain root privileges. So it's a good idea to secure it as best as you can.

About chrooting the server application, I found this somewhere on the net (unfortunately it was in German so I'll try to translate it (bear with me )):


# Download source and compile:
cd /usr/local/src
wget http://www.gsyc.inf.uc3m.es/~assman/...ail_1.9.tar.gz
tar xzf jail_1.9.tar.gz
cd jail_1-9_stable/src
make
make install

# create chroot environment:
/usr/local/bin/mkjailenv /var/chroot
/usr/local/bin/addjailsw /var/chroot

# create a new user:
/root/confixx/confixx_useradd.pl -h /var/chroot -p password (encrypted) -g users -s /usr/local/bin/jail chrootuser1

# add system user to the chroot environment:
/usr/local/bin/addjailuser /var/chroot /home/chrootuser1 /bin/bash chrootuser1

# Add additional applications to the chroot environment:
/usr/local/bin/addjailsw /var/chroot -P <programname>


I didn't test this myself but it was in a thread called 'Chroot mini-HOWTO' in a game server specific forum, so I hope this will help you somehow.


Good luck!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Apache Help (Secure Web Server) carlg Linux - Networking 1 10-19-2004 07:46 PM
Secure web server under RH9 Spydr Linux - Software 0 09-18-2003 11:31 PM
Secure web server sanjibgupta Linux - Newbie 1 08-27-2003 07:05 AM
best ver. of linux rd to use with rd secure web server 2.x simbad Linux - Newbie 1 01-15-2003 09:20 AM
Secure Web Server HowTo from SuSE mcleodnine Linux - Security 0 08-02-2001 09:41 PM


All times are GMT -5. The time now is 11:17 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration