At 08:16 AM 3/23/2001 -0500, you wrote:
>Dave Aiello wrote:
> >
> > The April issue of LinuxJournal has an article called "Battening down the
> > Hatches with Bastille". Has any discussion taken place on what would be
> > required to get Slash running on a Bastille-hardened server?
> >
>
>Not to my knowledge. The only real issue would be that all the ports
>that you run your db and webserver are open.
>I have a mandrake box that I have locked down Big Time (TM) with
>ipchains, trimmed down scant inetd.conf, and other security tweaks, and
>it runs fine. Another security issue is to run mysql or whatever db you
>run as a non-privileged user.
>
>
> > I have looked around Slashcode.com and done some Google searches to try
> to find
> > this information without bothering the whole list. Sorry if this is an old
> > issue....
> >
> > Dave Aiello
> > CTDATA
Apachetoday.com's got an article about trimming down a webserver box. While
it doesn't talk about specifically locking it down (nor Big Time (TM), heh)
it is along similar lines:
Is your web server running unnecessary software?
Feb 20, 2001, 20 :45 UTC (7 Talkback[s]) (7832 reads) (Other stories by
Jeremy C. Reed)
<URL: http://apachetoday.com/news_story.php3?ltsn=2001-02-20-003-06-PS-LF-AD >
Dave, I saw that article too. I'm hoping to try it on a redhat box asap.
Shane
|
