[newbie] server security
I recently manage to get an Apache and imap server running on an old box of mine at home. The servers work, but I feel that I should make the effort to make them secure. I am behind a router/firewall and also have shorewall running on the computer. This is basically the same situation with my other home computers, but I was wondering if there's more I can do to prevent either server from being broken into from the Internet? >From within my LAN, I can't ping or ftp the computer, though I can mount samba shares, which requires a password. I'm not sure how I could test this from outside the LAN. If I do "telnet serverIP http" I get a response, but I don't know if this is a bad thing or not. Is there a way to thoroughly test the security of my servers? Or better yet, how would I go about hacking them so I can make sure nobody else can? Since big corporate servers manned by trained professionals get hacked, I'm concerned that mine may be sitting ducks right now, this being my first foray into the world of server administration. -- cervixcouch [EMAIL PROTECTED] -- http://www.fastmail.fm - I mean, what is it about a decent email service? Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com
[newbie] Server Security Levels
Hi, all - When we updated our our server to Mandrake 7.0, our FTP and Telnet stopped working. I set the security level to HIGH, but then turned on the things that had to run (i.e. DNEWS, HTTPD, and INETD). DNEWS and HTTPD work, but when you try to FTP to the site, you get the "connected" message, and then after a few seconds, you get the message "Connection closed by remote host." There is no opportunity to put in a name and password. We really need this to work. Can anybody tell me what has to be done in order to make this possible? Thanks. pete Pete Clapham Department of Biological, Geological, and Environmental Sciences Cleveland State University Cleveland, Ohio, 44115 Phone: [216] 687-4820 Fax: [216] 523-7175 EMail: [EMAIL PROTECTED]
