LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 02-27-2005, 10:25 AM   #1
Cool_Hand_Luke
Member
 
Registered: Feb 2005
Posts: 40

Rep: Reputation: 15
Ahh.. first install complete!


Wow! I suceeded. I got everything installed this morning and it went well.

My Cpu is an AMD 500, 96 MB ram and 27 Gig Drive.. my too to learn...

Mandrake 9.1 is up and running!! Seeing as my main goal is to use that Linux machine as a server for personal pages I am documenting my progress. Please be advised that this is a site in progress but input is always appreciated.

http://lukesplace.dyndns.org

So now what? LOL

I have know clue how to use this thing. I have a lot of reading and playing to do but here is some very important questions I have.

#1. Where and how do I control my server? It just works. All I did was make my site thus far and found a directory in var/www so I put my stuff in there. But I am confused as to where the controls for all this stuff are?

#2. That link above is it safe? I guess this is a wildly open question. But I mean in general?

#3. Now if I only knew how to install stuff or network to my windows XP machine..

LOL If you guys dont have time to answer any of these questions dont worry I will be doing some reading over the next week.

But...

If anyone could give some input I'd appreciate it. I will continue to work on my Linux Learning Experience site later on... I am just taking a break. The Questions link is really the only link that contains additional information at this point.

Cheers,

COol Hand...
 
Old 02-27-2005, 10:53 AM   #2
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,803
Blog Entries: 1

Rep: Reputation: 422Reputation: 422Reputation: 422Reputation: 422Reputation: 422
#1 - Most of the controls for Apache are in the httpd.conf file. That is where you create virtual hosts, control basic operations, etc. You are going to want to spend some time having a look at the Apache documentation site since there is a LOT you can do wiht Apache. If you have some specific ideas, post 'em and maybe we can point you in a specific direction

#2 You are going to want to give some thought to this, but move quickly. If you look at your apache logs, you'll see a lot of people taking a rip at your site. Most of the stuff is Windows trojans/virii that you are immune to, but not everything. Learn how to patch your machine and do it regularly. Install an intrusion detection system like SNORT. Install a file monitoring system like Tripwire or Aide. And above all, make sure that Apache is not running as root. Most distros don't run it as root by default, but make sure. Oh, yeah, be sure you've got a firewall in place.

#3 Installing stuff is easy. With mandrake, you are on an RPM based distro, so have a read through the rpm man page (man rpm in a console window). If you need to install from source code, the commands tend to be ./configure, make and make install.

For networking with Windows, check into using Samba. It is installed on most distros by default and lets your Linux box appear to be a Windows share.

Congrats and welcome to Linux!
 
Old 02-27-2005, 11:04 AM   #3
Cool_Hand_Luke
Member
 
Registered: Feb 2005
Posts: 40

Original Poster
Rep: Reputation: 15
Thanks for the prompt reply. If I don't have time to figure out all the security issues today I will just turn the CPU off until I do


Cheers,

Cool Hand...
 
Old 02-27-2005, 11:08 AM   #4
JoelK04
LQ Newbie
 
Registered: Feb 2005
Posts: 11

Rep: Reputation: 0
My friend runs multiple servers and I consulted him about security, the file monitors etc are great to have, the firewall is debatable. I'm running behind a router with a firewall so he said I should be safe.
 
Old 02-27-2005, 01:45 PM   #5
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,803
Blog Entries: 1

Rep: Reputation: 422Reputation: 422Reputation: 422Reputation: 422Reputation: 422
Quote:
I'm running behind a router with a firewall so he said I should be safe.
Well, you're not naked, but "safe" is a matter of opinion. I'm behind a router, but I've put firewalls on all my computers. Anything that stays on 24/7 is running Linux and is being monitored with Snort and Aide. I update regularly and I check my logs on a daily basis. And I have serious doubts as to whether I'm being paranoid enough.


The bottom line is that no matter how many lines of defense you put up, it is possible for someone to get through. And given how easy firewalls are in linux (if you don't want to learn iptables, just use a gui like Firestarter) I frankly don't see any excuse not to have one. And given the number of infected servers that show up in my logs every day, there are a LOT of people out there who are clueless or careless about their security.
 
Old 02-27-2005, 03:27 PM   #6
JoelK04
LQ Newbie
 
Registered: Feb 2005
Posts: 11

Rep: Reputation: 0
Is the Linux firewall enough though? And how would you then go about configuring it so taht it works properly to be: an HTTP server, SQL server, Samba server.
 
Old 02-27-2005, 04:23 PM   #7
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,803
Blog Entries: 1

Rep: Reputation: 422Reputation: 422Reputation: 422Reputation: 422Reputation: 422
Quote:
Is the Linux firewall enough though?
Like I said, it is a matter of opinion. Personally, I think the linux firewall is very good and I use it on all my linux boxes. I've got my box serving all three of the programs you're looking at and iptables works nicely. Of course I am also running Snort and Aide. If it is any help, this is what my firewall looks like:

Code:
#!/bin/bash
iptables -F INPUT
iptables -F OUTPUT
iptables -F FORWARD

iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP

#Drop bad packets
#Testing the perl
iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP #Drop NEW not SYN
iptables -A INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP #Drop SYN-FIN scans
iptables -A INPUT -p tcp --tcp-flags SYN,RST SYN,RST -j DROP #Drop SYN-RST scans
iptables -A INPUT -p tcp --tcp-flags ALL FIN,URG,PSH -j DROP #Drop X-mas scans
iptables -A INPUT -p tcp --tcp-flags ALL FIN -j DROP #Drop nmap FIN scans
iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP #Drop null scans
iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP #Drop ALL/ALL scans

#Log and Drop almost all reserved (I use 192.168.1.0/0 and bogons
#iptables -A INPUT -i eth0 -s 0.0.0.0/8 -m limit --limit 5/m -j LOG --log-prefix "WARN: Invalid IP "
iptables -A INPUT -i eth0 -s 0.0.0.0/8 -j DROP
#iptables -A INPUT -i eth0 -s 127.0.0.0/8 -m limit --limit 5/m -j LOG --log-prefix "WARN: Invalid IP "
iptables -A INPUT -i eth0 -s 127.0.0.0/8 -j DROP
#iptables -A INPUT -i eth0 -s 10.0.0.0/8 -m limit --limit 5/m -j LOG --log-prefix "WARN: Invalid IP "
iptables -A INPUT -i eth0 -s 10.0.0.0/8 -j DROP
#iptables -A INPUT -i eth0 -s 172.16.0.0/12 -m limit --limit 5/m -j LOG --log-prefix "WARN: Invalid IP "
iptables -A INPUT -i eth0 -s 172.16.0.0/12 -j DROP

iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT

#Drop anything heading for sendmail
iptables -A INPUT -i eth0 -p tcp --dport 25 -j DROP
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

#Allow SSH
#iptables -A INPUT -i eth0 -s 192.168.1.0/24 -p tcp --dport 22 -j ACCEPT

iptables -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT

#Allow FTP
#iptables -A INPUT -i eth0 -s 192.168.1.0/24 -p tcp --dport 21 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 20 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 21 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 50000:51000 -j ACCEPT

#Allow HTTP and HTTPS Connections
#iptables -A INPUT -i eth0 -s 192.168.1.0/24 -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 443 -j ACCEPT

#Allow MySQL from internal network only
iptables -A INPUT -i eth0 -s 192.168.1.0/24 -p tcp --dport 3306 -j ACCEPT

#Allow Webmin from internal network only
iptables -A INPUT -i eth0 -s 192.168.1.0/24 -p tcp --dport 10000 -j ACCEPT

#Allow SAMBA from internal network only
iptables -A INPUT -i eth0 -s 192.168.1.0/24 -p tcp --dport netbios-ssn -j ACCEPT
iptables -A INPUT -i eth0 -s 192.168.1.0/24 -p tcp --dport microsoft-ds -j ACCEPT
iptables -A INPUT -i eth0 -s 192.168.1.0/24 -p udp --dport netbios-ns -j ACCEPT

#Explicitly allow printer IP address
iptables -A OUTPUT -p tcp -d 192.168.1.99 -j ACCEPT
iptables -A OUTPUT -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT

#Allow NFS from internal network only
iptables -A INPUT -i eth0 -s 192.168.1.0/24 -p tcp --dport 111 -j ACCEPT #portmapper
iptables -A INPUT -i eth0 -s 192.168.1.0/24 -p udp --dport 111 -j ACCEPT
iptables -A INPUT -i eth0 -s 192.168.1.0/24 -p tcp --dport 32765:32768 -j ACCEPT #NFS servers
iptables -A INPUT -i eth0 -s 192.168.1.0/24 -p udp --dport 32765:32768 -j ACCEPT
iptables -A INPUT -i eth0 -s 192.168.1.0/24 -p tcp --dport 2049 -j ACCEPT #nfsd
iptables -A INPUT -i eth0 -s 192.168.1.0/24 -p udp --dport 2049 -j ACCEPT

#Allow Bittorrent
iptables -A INPUT -i eth0 -p tcp --dport 6881 -j ACCEPT
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Gentoo: Can't complete the install! Robert G. Hays Linux - General 10 04-22-2005 06:36 PM
Can't complete install no screen austerity Linux - Newbie 3 12-12-2004 08:56 AM
Complete Install of Mandrake 9.2 or 10.0 (all packages) chongman99 Mandriva 1 07-26-2004 07:09 AM
Mandrake 9.2 wont complete install buttmunch Linux - Newbie 6 02-07-2004 03:29 PM
help with Mandrake 7.2 complete install cbridgerg00 Linux - Newbie 2 11-26-2002 03:57 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 05:09 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration