Re: Server question
On Sat, 13 Sep 2003 05:38:17 -0700 Tom Condon <[EMAIL PROTECTED]> wrote: > > On Friday 12 September 2003 13:52, burns carved in granite: > > How do you plan on configuring security? > > Well, a firewall set up using ShoreWall to control iptables. > Don't ask me what settings, yet, except that the only open > ports will be for SCP, SSH and Apache. > > SSH & SCP will go through RSA encryption authentication. > i.e., unless I put the public key onto the server a user > isn't getting in. So far there is only one person who needs > access -- me. It will probably stay that way. > > I've probably overlooked something here, too, so suggestions > are welcome. > Perhaps an ntp daemon to keep your clock synchronized? -- Collins Richey - Denver Area if you fill your heart with regrets of yesterday and the worries of tomorrow, you have no today to be thankful for. ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc -> http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: Server question
On Friday 12 September 2003 13:52, burns carved in granite: > How do you plan on configuring security? Well, a firewall set up using ShoreWall to control iptables. Don't ask me what settings, yet, except that the only open ports will be for SCP, SSH and Apache. SSH & SCP will go through RSA encryption authentication. i.e., unless I put the public key onto the server a user isn't getting in. So far there is only one person who needs access -- me. It will probably stay that way. I've probably overlooked something here, too, so suggestions are welcome. In Harmony's Way and In A Chord, Tom ;-}) Tom. Condon Barbershop Bass Singer Registered Linux User #154358 Plain Text Emails Don't Spread Virii ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc -> http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: Server question
On Thu, 2003-09-11 at 21:28, Tom Condon wrote: > Thanks again, all. As a novice at servers I *knew* I'd left > several things out. How do you plan on configuring security? -- burns ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc -> http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: Server question
On Thursday 11 September 2003 17:56, Kurt Wall carved in granite: > > My current plans include only the following services on > > this server: Apache > > SSH > > iptables > > Shorewall > > > > Anyone care to suggest what I've left out? > > SSL? Mail? Backup? Log analysis tools (ModLogAn, > Webalizer)? > > Kurt SSL is in (I considered it, incorrectly, part of Apache). No mail on this server. Backup, ah, yes. Better do that. It has a CD burner, and the temptation is to use CD-RW for the sites. The size is small enough. Thanks. Log tools, ditto the thanks. Someone also mentioned DB. I'll check with the creator of the other site that it will host. None of the sites currently on it requre DB support. Thanks again, all. As a novice at servers I *knew* I'd left several things out. In Harmony's Way and In A Chord, Tom ;-}) Tom. Condon Barbershop Bass Singer Registered Linux User #154358 Plain Text Emails Don't Spread Virii ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc -> http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: Server question
Quoth Condon Thomas A KPWA: > > I'm moving a server to a remote location where it will have a dedicated IP > and higher bandwidth to serve several websites. > > My current plans include only the following services on this server: > Apache > SSH > iptables > Shorewall > > The firewall will be provided by iptables, with help administering from > Shorewall (I don't have time to learn iptables). > SSH will allow secure remote access for administration. > Apache will serve the web pages. > > Anyone care to suggest what I've left out? SSL? Mail? Backup? Log analysis tools (ModLogAn, Webalizer)? Kurt -- Begathon, n.: A multi-day event on public television, used to raise money so you won't have to watch commercials. ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc -> http://www.linux-sxs.org/mailman/listinfo/linux-users
RE: Server question
No email, bind or database applications? What are you doing for backup? Regards, Wil McGilvery Manager Lynch Digital Media Inc 416-744-7949 416-716-3964 (cell) 1-866-314-4678 416-744-0406 FAX www.LynchDigital.com -Original Message- From: Condon Thomas A KPWA [mailto:[EMAIL PROTECTED] Sent: Thursday, September 11, 2003 7:06 PM To: [EMAIL PROTECTED] Net Llama! wrote: > On 09/11/03 15:18, Condon Thomas A KPWA wrote: > >> I'm moving a server to a remote location where it will have a >> dedicated IP and higher bandwidth to serve several websites. >> >> My current plans include only the following services on this server: >> Apache SSH >> iptables >> Shorewall >> >> The firewall will be provided by iptables, with help administering >> from Shorewall (I don't have time to learn iptables). >> SSH will allow secure remote access for administration. >> Apache will serve the web pages. >> >> Anyone care to suggest what I've left out? > > Left our for what?? Ah. For software needed to operate as a secure web server. Tom :-}) Thomas A. Condon Plain Text Emails Don't Spread Virii! ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc -> http://www.linux-sxs.org/mailman/listinfo/linux-users ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc -> http://www.linux-sxs.org/mailman/listinfo/linux-users
RE: Server question
Net Llama! wrote: > On 09/11/03 15:18, Condon Thomas A KPWA wrote: > >> I'm moving a server to a remote location where it will have a >> dedicated IP and higher bandwidth to serve several websites. >> >> My current plans include only the following services on this server: >> Apache SSH >> iptables >> Shorewall >> >> The firewall will be provided by iptables, with help administering >> from Shorewall (I don't have time to learn iptables). >> SSH will allow secure remote access for administration. >> Apache will serve the web pages. >> >> Anyone care to suggest what I've left out? > > Left our for what?? Ah. For software needed to operate as a secure web server. Tom :-}) Thomas A. Condon Plain Text Emails Don't Spread Virii! ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc -> http://www.linux-sxs.org/mailman/listinfo/linux-users
Re: Server question
On 09/11/03 15:18, Condon Thomas A KPWA wrote: I'm moving a server to a remote location where it will have a dedicated IP and higher bandwidth to serve several websites. My current plans include only the following services on this server: Apache SSH iptables Shorewall The firewall will be provided by iptables, with help administering from Shorewall (I don't have time to learn iptables). SSH will allow secure remote access for administration. Apache will serve the web pages. Anyone care to suggest what I've left out? Left our for what?? -- ~ L. Friedman[EMAIL PROTECTED] Linux Step-by-step & TyGeMo:http://netllama.ipfox.com 4:00pm up 6 days, 2:53, 1 user, load average: 0.07, 0.11, 0.06 ___ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc -> http://www.linux-sxs.org/mailman/listinfo/linux-users