LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 05-30-2010, 08:35 AM   #16
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,790
Blog Entries: 1

Rep: Reputation: 414Reputation: 414Reputation: 414Reputation: 414Reputation: 414

Quote:
So, how does that list look? I don't know if installing ALL of those is necessary or not... Samhain is one more thing I'll add to that list.
To be honest, I look it from more of a task perspective than a software collection. You've pretty much got three categories to worry about, prevention, detection and recovery. Obviously that is a gross oversimplification, but if you don't have all three of those covered, you'll be hurting if you get cracked.

I think recovery is probably the easiest to deal with. You need decent backups that work. My personal take is that virtual machines are a nice way to deal with this as well. Of course before you can recover you need to have an investigation plan so you're not just restoring a crackable machine. You should have the CERT checklist bookmarked as well as the Security forum here. If you're willing to follow some procedures, there are some experienced investigators who like to tackle those problems.

Detection is kind of a pain, but you need to worry about it. I like tools like Aide or Samhain, but I've also seen some experienced people voice concerns that those sorts of tools are among the first things good crackers would look for. Monitoring log files will also help.

I don't take any issue with the list you've created although there is probably some redundancy. Just out of curiosity, you don't have SELinux as option, did you exclude that? I don't know if any of the distros your considering have SELinux enabled (I know RHEL does, so maybe Fedora does as well). I know SELinux can be a bear to get configured, but it might be worth considering if you haven't.

Quote:
On a related note, trying to understand iptables is a royal pain in the ass. I've only glossed over it so far, but wow... I'm not sure I'd trust myself with making rule sets only to find out AFTER getting hacked that they didn't work @_@ manually editing looks to be a real pain, and firestarter/guarddog look to be able to handle some of it. Are firestarter/guarddog decent enough front-ends to work with iptables? Also, will those rules stick when switching to runlevel 3?
Actually, basic iptables is fairly straight-forward once you've done a little reading. While tools like firestarter and guarddog are fine, I personally like writing rules by hand because then I understand how my firewall is doing what it does. However, that is very much a personal preference and if you're more comfortable starting with a tool, then certainly do so. The firewall should start in runlevel 3, but a quick check never hurts.

Basically, it looks like you're taking a decent approach. Redundancy is the key.
 
Old 05-30-2010, 12:08 PM   #17
whitestar73
LQ Newbie
 
Registered: May 2010
Location: NJ
Distribution: Mandriva (for learning)
Posts: 13

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by Hangdog42 View Post
I don't take any issue with the list you've created although there is probably some redundancy. Just out of curiosity, you don't have SELinux as option, did you exclude that? I don't know if any of the distros your considering have SELinux enabled (I know RHEL does, so maybe Fedora does as well). I know SELinux can be a bear to get configured, but it might be worth considering if you haven't.
I sheepishly admit to leaving SELinux out of the picture due to my apprehension about its complexity. The general consensus is that it's a real pain to work with (probably why it's SO secure).

I've got a lot ahead of me.

I'm kind of amazed that in the beginning, I thought it was as simple as many suggest to setup a LAMP server, but I'm finding that that's not really the case since security seems to be the biggest hurtle. Sure one could setup a LAMP easily (as long as you don't mind getting hacked), but securely is another ballgame all together and requires that person almost to be a security expert. ARGH!

You know... beings that I'm a gun owner, think we could declare open season on all hackers? I'd love that *evil grin*
 
Old 05-30-2010, 02:26 PM   #18
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,455
Blog Entries: 54

Rep: Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897
Quote:
Originally Posted by whitestar73 View Post
The general consensus is that it's a real pain to work with
Half of the 'net is filled with deprecated HOWTOs, unmaintained documents, misinformation by developers and companies who never bothered to try things and opinions from people who say they know stuff, all trying to scare people away from even trying. The other half of the 'net basks in the light of progress: see the accounts of Real Life threats it stopped, see the web log of Dan Walsh, the improvements brought to Fedora and RHEL and the difference between using SELinux in RHEL3 versus how it works out-of-the-box right now.

If you've tried it on your staging host (don't want to mess up production, right?) and no solutions or workarounds we can provide you with help then you have earned the right to call it whatever you want.
 
Old 06-17-2010, 03:07 AM   #19
moorthyvsm
LQ Newbie
 
Registered: Jun 2008
Posts: 2

Rep: Reputation: 0
Check point H/W is awesome!
 
Old 06-17-2010, 03:41 AM   #20
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,455
Blog Entries: 54

Rep: Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897
Quote:
Originally Posted by moorthyvsm View Post
Check point H/W is awesome!
Is it? From which vantage point slash how does this help the OP?
 
Old 06-25-2010, 03:29 PM   #21
whitestar73
LQ Newbie
 
Registered: May 2010
Location: NJ
Distribution: Mandriva (for learning)
Posts: 13

Original Poster
Rep: Reputation: 0
Unhappy might just be too late

Well... at this point, the only help I need is not the kind this forum can give.

Yesterday I was finally able to get through to the unemployment office (lines have been jammed), and the word was "there's no money". Everyone across the board who is on the federal extension just ran out. On paper, the extensions are available, but there's no funding to back it up. Currently, it's being held up in the senate. I work part time for the place that laid me off. We're in the housing/construction sector - civil engineering firm to be exact. The workload is so light, the boss has no idea if it'll be enough to stay in business. Meanwhile, they're letting me get enough hours in to pay the bills... at least for now, but... I mean, last month posted the worst housing figures ever. Commercial construction is almost non-existent.

I was hoping to get something going in hopes that it would lead to something better, but right now, that just doesn't look possible, I can't even think straight, can't afford anything, and I may just lose my home soon.

Things are bad... REALLY bad right now. I don't know when it's going to turn around, but I'm praying real hard for it.

Whether or not you believe in a higher power or not, please muster up a prayer of some kind if you can. Do it for yourself and also for everyone else because we are ALL in very VERY SERIOUS trouble.
 
Old 06-26-2010, 07:04 AM   #22
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,790
Blog Entries: 1

Rep: Reputation: 414Reputation: 414Reputation: 414Reputation: 414Reputation: 414
That sounds like really tough times for you. I hope something goes your way soon.
 
  


Reply

Tags
distros, lamp, permissions, users


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Enterprise LAMP Summit & Big LAMP Camp LXer Syndicated Linux News 0 09-21-2009 01:51 AM
Nautilus/Root user questions & Mplayer skins install str8upnobs Linux - Newbie 4 03-20-2007 09:52 AM
user groups and permissions questions cuco76 Linux - Security 4 12-23-2006 12:22 PM
Can We Run Raw Sockets With User Permissions fpfernando Programming 2 10-27-2005 06:03 AM
LAMP & Qmail install on RedHat/Fedora 88guy Linux - Newbie 0 05-28-2004 12:17 PM


All times are GMT -5. The time now is 04:52 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration