Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Hosting Red hat 5 enterprise inhouse newbie..

Posted on 2009-04-30
10
Medium Priority
?
260 Views
Last Modified: 2013-12-16
Looking to setup RH Enterprise 5, as in-house www & mail server.

We have a WatchGuard firewall in-place (Security).

What I am looking to do is host a website (purely) for learning purposes, along with hosting DNS etc..

Are there any specific ways to lockdown/secure RH Enterprise so no one attacks us? If so please provide some steps if you would..

Thanks!
0
Comment
Question by:nrizk07
  • 4
  • 3
  • 3
10 Comments
 
LVL 6

Expert Comment

by:jpquonce
ID: 24273619
If it is an inhouse server for learning you shouldn't have any issues since you have a firewall in place and won't need outside access.

Also you may want to look into Cent OS. Pretty much the Same as RedHat and is free:

http://www.centos.org/
0
 
LVL 2

Expert Comment

by:thursdasy
ID: 24273653
0
 

Author Comment

by:nrizk07
ID: 24273658
Sorry, I forgot to mention.

It will have outside access etc...
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 6

Expert Comment

by:jpquonce
ID: 24273691
also only allow ports 80 and 443 if you are doing secure website to be allowed through the firewall to you webserver.
0
 

Author Comment

by:nrizk07
ID: 24273701
So if I only have port 80 open. What are the chances of an attack?
0
 
LVL 6

Expert Comment

by:jpquonce
ID: 24273730
Well at that point you are relying on the web software you are using. Just make sure Apache is always up to date.
0
 
LVL 2

Expert Comment

by:thursdasy
ID: 24273736
Very likely HTTP(S) is a very large attack vector. There are many attacks that can be used on the server with HTTP. You need to secure  the web server you are running (link provided above). Which web server are you going to use? Apache, lighthttpd?
0
 

Author Comment

by:nrizk07
ID: 24273749
Apache
0
 
LVL 2

Accepted Solution

by:
thursdasy earned 2000 total points
ID: 24274371
You should look into mod_security by http://modsecurity.org

Also if you are just running PHP keep in mind PHP can be a big security risk if it isn't properly secured. You can review this guide to get some insight on what you can do to secure PHP: http://www.alberton.info/secure_php_installation.html

Security focus also has a great step by step guide on securing apache:

http://www.securityfocus.com/infocus/1786
0
 

Author Closing Comment

by:nrizk07
ID: 31576605
Thank you so much for the info and help :) really really appreciate it :)
0

Featured Post

Become an Android App Developer

Ready to kick start your career in 2018? Learn how to build an Android app in January’s Course of the Month and open the door to new opportunities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This month, Experts Exchange’s free Course of the Month is focused on CompTIA IT Fundamentals.
Unable to change the program that handles the scan event from a network attached Canon/Brother printer/scanner. This means you'll always have to choose which program handles this action, e.g. ControlCenter4 (in the case of a Brother).
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question