I am wanting my webserver to be accessed thru my external ip. It is running in vmware and is also behind a router. I have done the port forwarding, but I still can't get it to work.

I don't understand exactly what you mean. Can you please post some more information on why you feel it is not being accessible?

What do the logs say?


Sounds like you have a good setup, I would like to help.

Regars

What I mean is I have Debian Etch running in vmware. Debian is running Apache2 and PHP. I can access it with its local address i.e. 192.168.1.111.
But when I access my external ip, the one assigned by my ISP, it won't access it.

I have my router forwarding the port to the right ip and it still isn't working.

Is Apache accepting connections for all addresses? Is there an error produced in the browser or does the connection hang? What does the apache logs say? This will help rule out Apache as the culprit.

Have you tried packet sniffing to see what happens to the http requests? Do you have any other ports forwarded that are working?


Regards

Ok, I got it working. I feel like a tard. I had the router forwarding the same port to two ip addresses and it obviously didn't work

Glad you have it working!

Regards

I do have one more questions though, what are some things I can install so hackers can't get into my other computers? I am going to be installing an ftp server too, so I need that secure as well.

Thanks.

There really isn't anything to install, but many things to configure. The more ports you have open, the more chances that anyone trying to get into the systems will have.

The first thing to remember is make certain you understand what it is you are putting out in the wild on the internet.

Your logs really are your best friend. Be a good steward and look over them regularly.

Be sure all unnecessary services are turned off (including the X server); look over the iptables rules and put in an intrusion detection system like Tripwire. That in itself won't stop anyone, but it will alert you to anything that was compromised.

Make sure everything is patched. This is the beauty of open source. Patches come out quickly, but the downside is that if you don't patch a system you will be wide open for anyone to see.

If you do run an ftp server, make sure it is running in a chrooted environment.

By the way, does your VMware server run on Windows host? If so, I would suggest running it on a Linux host inside a dmz.

Regards

Ok, I am kinda a Linux newbie.

I usually can't find any log files! I don't know where to look.
I don't know how to turn off services either.
iptables?
Ill look into Tripwire
I can patch using the synaptic program right?
chrooted environment?
I really don't have a choice of OS. I have a Debian install on my external hd, but I can't run it most of the time because I run Windows while I play games. I can usually play games and run vmware at the same time.

Thanks for all your help.

bump does anyone know?

What I would suggest doing is to read up on your system and how to secure it before putting it out on the web. Going over all of the questions is kinda out of the scope for a forum. Linuxsecurity.org is a good place to begin. Or check out some books or CD's. You can also get some formal training as I have. It was a great experience for me and I include the site in my signature because of the positive results. I also got quite a bit of help over time at the MandrivaUsers.org site. Either way, I am thinking that you need to spend some quality time understanding Linux.

It's not the distribution that matters as much as what it is you want to do. I tend to stay clear of discussions over what distro is "best" because Linux is what YOU make it and what YOU configure it to do. A waste of time in my eyes to haggle over what flavor tastes better to someone. So it comes down to the admin and not what company rolled the distro. Linux is as good as the guy who administers it.

If you want a workstation, great. If you want a server, that's great also, but the two will not mix especially if you are looking for any credibility in the workplace. Linux can do anything you want it to do. Just keep the thought of not comparing it to Windows because these are two totally different platforms.


Your logs are located in the /var partition normally. I am feeling that before you get into all the things you want to do (and you will do them soon) get a good foundation on your machine. If you running X (I sure you are), hit Control-Alt-F1 to get to a Bash shell. You can hit Control-Alt-F7 to get back to KDE. Log into the shell and hunt around.

Want to know more about any command? Type "man name-of-command" and there is the manual. Hit the 'Q' key to get out.

Go into the /var partition and find the logs:

cd /var

ls -la

cd logs/

ls -la

less name-of-log-file-you-think-is-cool

(use the up and down arrows to navigate. You are root to read these, right?)

After you do this exercise, please write back here or my email and I will be more than happy to help out where ever I can. One thing that my instructor stressed was to be sure we all took time to offer help to others. Let's take the first step before you run.

Regards

Ok I knew about the ctrl-alt-f1 and stuff, but I press it in vmware, and it doesn't work. I do have a hd install on my external hd, but I hate restarting my computer each time just to go back and forth. Plus, my hd install is a bit buggy.