Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Distribution: Windows XP. I gave up with Linux & I left LQ.
Posts: 502
Rep:
SME Sever 6.5 RC1
I have successfully set up an http server with SME server 6.5 RC1. It works fine. The problem I am having is this. I have a D-Link router and I have it set up so the only thing that can be accessed on my server is port 80. The other computer I am running has a software firewall. Now with the SME Server I can't get it to work as a server and gateway. And from what I understand there is no software firewall on the SME Server if I have it only as a server and not a server and gateway.
So will my D-Link router firewall be enough? If not how do I go about setting up one with my SME Server.
Keep in mind that I am new to setting up servers. I have done some reading but I never got around to it until now.
The computer that I am using as a server is a Pionex PII (350MhZ) 524 RAM. It only has one ethernet card installed now but I have a couple extra and can easily throw one on.
Also I would like to post the url as a test url only, not an advertisment. That way I could get feedback on how well the server is working (Not the actual website content, lol.) It is NOT a commercial website and it is NOT an adult, illegal, warez, etc, website. Would this be ok with the administrators?
So will my D-Link router firewall be enough?
Depends on what you mean by "enough". If your D-Link router has built-in firewalling capability, then it should perform basic packet filtering and NAT. If you need something more than that, like a more flexible firewall or more robust logging, then probably not. If this is a production server then a standard SOHO router isn't enough and in fact you should really be using a dedicated firewall without any services running at all. If this is for hosting pictures of your trip to the Grand Canyon, then it probably is enough.
from what I understand there is no software firewall on the SME Server if I have it only as a server and not a server and gateway.
I believe you can toggle the configuration using the server console (should be an option to "Configure this server"). So if you need the added ability to revert to Server and Gateway, you can use that.
Also I would like to post the url as a test url only
That's probably a bad idea, especially considering that specifics of your firewall and its configuration may be posted at some point as well. So I would recommend that you don't. However I would recommend that you always perform an external audit of your firewall to make sure it's working properly. If you don't have an external machine to do that, then there are several sites that offer free scans (grc.com and sygate's SOS service are two I know offhand).
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.