nrizk07
asked on
Hosting Red hat 5 enterprise inhouse newbie..
Looking to setup RH Enterprise 5, as in-house www & mail server.
We have a WatchGuard firewall in-place (Security).
What I am looking to do is host a website (purely) for learning purposes, along with hosting DNS etc..
Are there any specific ways to lockdown/secure RH Enterprise so no one attacks us? If so please provide some steps if you would..
Thanks!
We have a WatchGuard firewall in-place (Security).
What I am looking to do is host a website (purely) for learning purposes, along with hosting DNS etc..
Are there any specific ways to lockdown/secure RH Enterprise so no one attacks us? If so please provide some steps if you would..
Thanks!
Cannot get much more "offical" than this:
http://www.nsa.gov/ia/_files/os/redhat/rhel5-guide-i731.pdf
Also you should look into iptables:
http://www.redhat.com/docs/manuals/enterprise/RHEL-3-Manual/ref-guide/s1-iptables-init.html
And also you can look into:
http://www.modsecurity.org/
http://www.nsa.gov/ia/_files/os/redhat/rhel5-guide-i731.pdf
Also you should look into iptables:
http://www.redhat.com/docs/manuals/enterprise/RHEL-3-Manual/ref-guide/s1-iptables-init.html
And also you can look into:
http://www.modsecurity.org/
ASKER
Sorry, I forgot to mention.
It will have outside access etc...
It will have outside access etc...
also only allow ports 80 and 443 if you are doing secure website to be allowed through the firewall to you webserver.
ASKER
So if I only have port 80 open. What are the chances of an attack?
Well at that point you are relying on the web software you are using. Just make sure Apache is always up to date.
Very likely HTTP(S) is a very large attack vector. There are many attacks that can be used on the server with HTTP. You need to secure the web server you are running (link provided above). Which web server are you going to use? Apache, lighthttpd?
ASKER
Apache
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you so much for the info and help :) really really appreciate it :)
Also you may want to look into Cent OS. Pretty much the Same as RedHat and is free:
http://www.centos.org/