Originally posted by ekromps
I am currently setting up a RedHat Linux box for an intranet application. It's access to the outside world will be: 1) remote system administration by myself, 2) ftp'ing application programs to the intranet web server (again by myself), 3) testing the intranet application (myself), and 4) "getting/putting a couple of data files (using ftp) from a "safe" internet site every night. What kind of security am I looking at? Since I am not hosting a web site for external users, can I get away with less security and still not get hacked? I really don't wish to become a Linux/Internet security expert and spending hours administering security and hack threats. Any ideas? Thanks!
I'd _really_ re-eveluate using ftp. I trust there is some kind of firewall in your solution as well. A few hours (maybe more) with ipchains or even good canned scripts would be a wise investment. Not letting anything but the most crucial ports to the outside world would be a good starting point. ie: ssh and nothing else. That should buy you some extra time to get comfortable with your firewall ruleset bfore you have to open up http/https and (yikes) domain (named).
As already pointed out by unSpawn, thank you in adavnce for your valid concerns and honest questions. Now go ye forth and fortify. Then ask more questions. After that ask more questions. In short - lay low and let the other guy get rooted.
I wish I would have found this place a long time ago.
Again - submitting reply without previewing...