Stupid Internet questions

[edustind]

obviously I didn't read all the posts above fully as I saw you had stated it was on a DSL line.  

sorry

[Master of Reality]

quote:Originally posted by void main:


I can't imagine I would have ever said you were too paranoid. I don't believe you can be too paranoid about security. And I actually have 2 firewalls in a double layer of security, one of which also uses iptables. Some might consider that to be paranoid. Most Linux firewall configurations use iptables. It's how you configure it that counts.

[ January 10, 2003: Message edited by: void main ]

well... you said "why dont you just go with the webmin default firewall" or something among those lines.

[voidmain]

quote:Originally posted by The Master of Reality / Bob:
well... you said "why dont you just go with the webmin default firewall" or something among those lines.

I believe I said that Webmin is an excellent graphical way to configure your firewall but I don't believe it has a default (well maybe it does). It's a pretty detailed utility that can configure everything you probably need to configure and it's not going to be any less secure by configuring iptables through Webmin than via a script. I would especially recommend it for newer users but it is very useful for us old hats as well. I did it in a script for years but now use webmin. Having said that, you still need to know what you are doing and understand firewalls and rules before even the Webmin way will be of much use to you.

[ January 12, 2003: Message edited by: void main ]

[pkd_lives]

This thread is producing some very useful information. I am not moving that fast on this as of course it is as much a learning project for me, and it is to be fun in a learning kind of way. So bare with me if I respond very slowly to this thread - thanks.

However so that you can more understand my thoughts. I have inherited a PII 233 with 240+MB of Ram, and an 8GHz hard drive. Now it seems a waste to have this doing nothing (it was donated as a internet/e-mail machine however we are all set for this at the moment). I don't want it to go to waste, and as I need to add some strings to my bow career wise I though it would be a good idea to see if I could set up a website, with a webserver. Others have mindessly chatted about this to me, and there are several projects down the road that could come of this. More computers and more possible websites.

Essentially a local group (not really making money, just covering costs at this stage) could do with a web site, and I would like the challenge of setting it up. So that is what I want to do. Now I have DSL from Verizon so I should probably see what they can do for me as reqards the static IP (which is what Verizon give as far as I know) and allowing me to host a website. If the cost is little more then fine however if it is dramatically more than it may not happen. I want complete control, in as much as I can get it. So using other hosting services kind of negates the purpose, although a colo would maybe offer a solution I could live with, but it is the nteworking and server setup that I really really want to learn and understand, the website stuff is just useful tools.

Anyway thanks for that good stuff so far. I have a lot to do on this and will play with it as and when time is allowing.

[Master of Reality]

well, I set up my webserver without consulting with my ISP. I have a static IP on cable internet. My ISP blocks web traffic to port 80, so i am running my webserver on port 8000. The only thing it has cost me is the price of cable internet.

[rtgwbmsr]

quote:Originally posted by The Master of Reality / Bob:
well, I set up my webserver without consulting with my ISP. I have a static IP on cable internet. My ISP blocks web traffic to port 80, so i am running my webserver on port 8000. The only thing it has cost me is the price of cable internet.

Same here...I want to make my own browser that accesses 80 first, then tries 8000. It would be heaven for everyone like us.

[Master of Reality]

but not everyone runs their webserver on 8000 if they cant on port 80.

[xyle_one]

im sitting here at work, looking for a new host for our website, and it dawned on me. Our provider was kind enough to give us 5 static ip addresses. So why bother hosting on someone elses server when i can do it here. I have a machine to play with, would redHat8 be a decent direction? What exactly do i need? and where would i go to find a good source about setting up the security?? thanks.

[KernelPanic]

quote:Originally posted by Linux Frank:
However so that you can more understand my thoughts. I have inherited a PII 233 with 240+MB of Ram, and an 8GHz hard drive. Now it seems a waste to have this doing nothing (it was donated as a internet/e-mail machine however we are all set for this at the moment). I don't want it to go to waste, and as I need to add some strings to my bow career wise I though it would be a good idea to see if I could set up a website, with a webserver. Others have mindessly chatted about this to me, and there are several projects down the road that could come of this. More computers and more possible websites.

Shit man, an 8Ghz Hard Disk, is that some new technology?  
Ignore me, im just taking the piss.

[pkd_lives]

...it's the latest in compression techniques...

[Master of Reality]

quote:Originally posted by Xyle: iGeek...:
im sitting here at work, looking for a new host for our website, and it dawned on me. Our provider was kind enough to give us 5 static ip addresses. So why bother hosting on someone elses server when i can do it here. I have a machine to play with, would redHat8 be a decent direction? What exactly do i need? and where would i go to find a good source about setting up the security?? thanks.

I use slackware for my server.... i upgraded to slackware from redhat.
security.......hmmmm *digs through files*... i'm probably not supposed to host this file but i'll put it up for you ppl to dl anyway. Its an 855 page PDF about securing Linux... http://chatroom.fuckmicrosoft.com:8000/lard/securing_and_optimizing_linux.pdf

[ January 16, 2003: Message edited by: The Master of Reality / Bob ]

[xyle_one]

Thanks. id like to print it, but at 855 pages, its not going to happen. Looks like a good read though.
Thanks again

[pkd_lives]

Thank-you MoR.


Edit : Add these comments.

Those appendixes are very very interesting, I shall be reading this in detail, and I may shifty on over and buy a copy if this ever becomes a going concern for me.

[ January 16, 2003: Message edited by: Linux Frank ]

[Master of Reality]

you might also want to find a hacker(or cracker) guide somewhere... the best way to make sure your system is secure from hackers is to be a hacker/cracker to your own system and know what crackers will try to do. I will try to find a link to a good one (that i already have).

[Master of Reality]

rootwars.org which runs hacker wargames has some documentation on security. here are a few on tactics used