LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 05-09-2008, 11:11 PM   #1
nxfs
LQ Newbie
 
Registered: Apr 2008
Posts: 4

Rep: Reputation: 0
Question is SSL necessary for ubuntu 8.04 desktop if one just use firestarter?


Hello,
I can't for the love of God setup SSL for self-signed certificate, now I don't even know if it is necessary. I want to setup a webserver using LAMP, will the firestarter (iptables) be enough to secure my apache server?

thanks
 
Old 05-10-2008, 01:41 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984
ssl isn't about securing a server, it's about securing the data to and from it. this is wholly complementary to iptables, as they do totally separate things with just about zero functional overlap.
 
Old 05-12-2008, 03:41 PM   #3
nxfs
LQ Newbie
 
Registered: Apr 2008
Posts: 4

Original Poster
Rep: Reputation: 0
thanks for clarifying

Quote:
Originally Posted by acid_kewpie View Post
ssl isn't about securing a server, it's about securing the data to and from it. this is wholly complementary to iptables, as they do totally separate things with just about zero functional overlap.

but the server can be compromised if that data is hijacked when one doesn't use ssl?
 
Old 05-12-2008, 04:07 PM   #4
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984
Only if the server is very poorly built and maintained. SSL isn't a mechanism to secure a server, it's to secure the personal data passing through it. Obviously if you are hard coding direct SQL statements into the HTTP traffic then sure it'll reduce the chances of those exploits being known, but that's not the point of it.
 
Old 05-14-2008, 02:21 AM   #5
nxfs
LQ Newbie
 
Registered: Apr 2008
Posts: 4

Original Poster
Rep: Reputation: 0
Smile using apache and mysql, remote access

Quote:
Originally Posted by acid_kewpie View Post
Only if the server is very poorly built and maintained. SSL isn't a mechanism to secure a server, it's to secure the personal data passing through it. Obviously if you are hard coding direct SQL statements into the HTTP traffic then sure it'll reduce the chances of those exploits being known, but that's not the point of it.
so whats the best way to securely remote access a mysql database/on apache server?


thanks
 
Old 05-14-2008, 03:09 AM   #6
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984
well apache to mysql is not user to apache, so the logic of what I've been saying doesn't apply. Obviously you should locate the db and the web server very close to each other within a trusted environment, but you can use ssl between those to secure the data whilst in transit:
http://dev.mysql.com/doc/refman/5.0/...nnections.html
 
  


Reply

Tags
apache, firestarter, ssl, ubuntu


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
SSL setup on 8.04 desktop version , error message nxfs Linux - Security 0 05-08-2008 01:40 PM
Firestarter for Ubuntu 7.04 is lost SidewalkCynic Linux - Newbie 16 03-27-2008 10:16 AM
Firestarter + Ubuntu + DHCP Help mightymidget Linux - Security 1 09-19-2006 06:10 AM
firestarter at startup- Ubuntu aquaboot Linux - Software 0 03-25-2006 04:23 PM
Firestarter on Ubuntu 5.10 fdahl_009 Linux - Software 1 01-22-2006 09:17 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 12:38 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration