With the fantastic help that I received from members so far and stuff that I have learnt on the way - I now have a windows box connected to the internet via the server.

Question is - how do I know if the linux box is secure?

Are there any things that I have to config now - I am slowly moving on to configuring the dns and dhcp server - but is there anything else I should have done?

Computer security, even on Linux, is a huge subject. There are many tutorials on the Internet on this subject. Also, security is derived in part from your mindset when you use computers. In my case I whenever I do anything I always try to imagine if I am about to provide an opportunity for a clever person to do me harm. You should analyze every part of your computer's configuration with that thought in mind.

Some people base their careers on enhancing security. We cannot provide a comprehensive list of actions that will guarantee to result in a completely secure computer. There is only one approach to guarantee security. Turn the computer off, disconnect it from the network, and keep it in a bank vault.

Oh no, I am not wanting that - it's just the fact that......2 months ago communications between myself and a client who I classed as a friend, who I was designing a website for, disintegrated due to a business differences. He thought it was wise and clever to try and retrieve from my windows box what I had been working on by employing a hacker. He failed, fortunately.

With my years of computer experience that only very slightly brushed unix and linux, I was fully aware that linux as a server would be the ideal way to keep most people out and would keep me relatively safe. So I set about purchasing a simple system capable of running a linux server distro, fitting it out with multiple nics and setting it up.

2 months later, here we are having purchased the Mike Petersen "Deploying SLES" book and the fantastic help of forums like these, google and friends at Maplin - I finally have my windows box back on the internet.

As I have very little experience and knowledge of linux and sles, I would like to know what I may have missed, what can I do to rectify it, and what else can I use the server for and how to do it?

Linux and UNIX default installations are generally safer than a default Windows installation.

I look at it this way. Every function on the computer is a doorway for attacks.

If you have a web server running on the computer then you have to study the ways to enhance the web server's security.

If you have an ftp server running on the machine then you have to study the ways to enhance the ftp server's security.

If you have remote log in available on the computer then you have to study ways to enhance the security of the remote log in.

Every function on the computer has potential security problems. Each has to be studied and addressed separately.

1 members found this post helpful.

Do yourself a favor and get a DD-WRT, OpenWRT or tomato firmware enabled hardware firewall/router between your Local Area Network (LAN) and your providers Modem. Cost for hardware ($60 - $200) Firmware, both DD-WRT and OpenWRT are open source. Tomato you purchase and they install it for you.

Added bonus: IPv6 enabled (has been for years) and real time bandwidth logging so you know what your provider is giving you both downstream and upstream (more important) 24X7.

Good luck, the more you learn and do, the more secure your network will be!

1 members found this post helpful.

Hi,

I understand that part.

There is no remote login allowed. The server is connected to the windows box via a crossover rj45 and to view the server distro is via a dvi to hdmi cable (my monitor has dvi and hdmi connections so I can switch between the linux distro and windows).

I think the next thing to do for me is to sit down with the Mike Petersen book I have a read it cover to cover. lol.

If your computer is directly connected to the modem to your ISP then cbemerine's advice is very good. Any NAT router adds some protection. A firewall/NAT router is even better. Then you can forward specific ports for specific services to your server.

Your idea to use a good security book is also an excellent idea.

Yes you can have all of those services on one machine.

The first thing I do after installing openSuSE is to create a group for my regular user, and make that my primary group. I don't know if SLES does the same thing. Second, I configure ssh for public key authentication and lock it down so only an authorized user is allowed to try to log in.

There are a few books on locking down Linux servers. One thing to do is removing packages and services you don't need. A server will have less installed than a workstation computer.

SuSE has a security document. Be sure to read it. Pay attention to the sections on Auditing, AppArmor and SuSE's seccheck packages. SuSE and Red Hat are the two distro's supported by IBM, and they probably have a number of security related documents as well.

Pay attention to the sections on Auditing, AppArmor and SuSE's seccheck packages.

Consider logging and backups as well.

Configuring a website and email server are subjects on their own, and may present the largest vulnerability. Having a firewall on a web server is a good idea, but relying on it for your main firewall may not be. The site itself is probably what gets cracked first.