Hi,

I am setting up a server behind netgear wg614 router and using port-forwarding for web server and soon going to install postfix. I wonder if i still need things like iptables? I am installing clamav and probably amavis. Is there anything else i need to consider?

thx

Of course you will have security concerns. More than can be enumerated here. I would recommend getting a good book on security. I personally like "Real World Linux Security" by Bob Toxen.

hmm, i did an nmap scan and the rating is only 7xxx (worthy challenge). I thoguht behind NAT things are pretty safe ? My router has SPI Firewall which protects LAN against Denial of Service attacks. I have only port 3389 and 8080 open.

Can you name a few biggest threat on my linux server from network perspective? I just not sure which aspect i should read up from .

I would think that at a minimum you would want a program like Tripwire or Aide running, so that if you are compromised, you have an idea of what files were affected.

Security is largely a reflection of your personal level of paranoia. Certainly having the server behind a router is safer, but I don't know if I would call it safe. If you are just serving web pages, you'll need to bone up on Apache threats, but that isn't sufficient. Apache is probably much more secure than many of the applications it can serve up. Chrooting Apache would make it safer in case one of the applications was compromised.

Spend some time in the sticky threads at the top of the forum. unSpawn has collected a lot of good information and then decide what approaches make you feel safer.

thx again Hangdog42 & haertig . Now i have some general clue where to start tighten my linuxbox ^.^