httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Grant <emailgrant1...@yahoo.com>
Subject Re: [users@httpd] Locking down my system for the first time
Date Thu, 01 Jul 2004 20:21:39 GMT
--- oliver@veryhip.com wrote:
> Well, it's probably a bit off topic to talk about
> security, but I'd get a port scanner and run it both
> locally and remotely until you have closed every
> port to
> the world that you can, so that they are only
> accessible
> locally if you don't need them globally.  Then, I'd
> setup
> some triggers in a program to monitor your logs that
> will
> email you in the event of an intrusion.  I'd look at
> getting a good hardware firewall or maybe even a
> whole
> computer with a Linux firewall and log all requests
> and
> setup triggers for that as well to email you in case
> something happens.  I just look at my logs and have
> learned what to parse from them to find the "bad
> people",
> but I don't take credit card numbers or anything
> like
> that... so it's tough if your taking CC#'s.  I'd
> defin.
> encrypt the #'s in a very weird and backwards way
> ;].
> 
> Best luck,
> Oliver

That all sounds like really good advice, but I was
thinking more along the lines of configurations and
settings.  It seems like there must be things I should
add to my configuration files or something like that.

- Grant

> 
> Grant said:
> 
> > --- Grant <emailgrant123b@yahoo.com> wrote:
> >> --- Grant <emailgrant123b@yahoo.com> wrote:
> >> > I'm setting up my first web server (been on
> shared
> >> > hosting until now) and all of the data on it is
> >> > currently test or system data.  I'm about to
> move
> >> > the
> >> > code for my online store over to it, but first
> I
> >> > want
> >> > to lock down the security aspects of the
> system.
> >> > Basically: What should I do?  I really don't
> have
> >> > any
> >> > idea where to start (short of a Google search)
> and
> >> I
> >> > wanted to see what you guys have to say to a
> >> > first-timer like me.
> >> >
> >> > - Grant
> >>
> >> I realized as soon as I sent this that I should
> have
> >> mentioned what I'm running.  It's:
> >>
> >> Gentoo Linux
> >> apache2
> >> perl
> >> mod_perl
> >> sendmail
> >> postgresql
> >> gnupg
> >>
> >> I think that's it.  Thanks!
> >>
> >> - Grant
> >
> > openssl
> >
> > I'm going to have to add these suckers as I
> remember
> > them.  I'm keeping a list now.
> >
> > - Grant



		
__________________________________
Do you Yahoo!?
Yahoo! Mail - 50x more storage than other providers!
http://promotions.yahoo.com/new_mail

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message