Security Basics mailing list archives
Re: Setting up secure HTTP server
From: Charley Hamilton <chamilto () uci edu>
Date: Mon, 06 Oct 2003 11:55:46 -0700
Steve, My use of "secure" was to indicate that I didn't want the server to be a convenient pathway into our network. Data integrity *is* also important, and I'm already looking into the IDS issue. I found a more limited dataset on IDS best practices, so that I am reviewing. Also, I'm more intersted in IDS than setting up web servers.... I don't have a strong preference for OS, although since this seems to be mostly a win32 shop, I guess IIS is the likely means. I'm still researching the option of university-hosted servers. We're weighing the trouble of maintaining our own server against the trouble of trying to keep the site up-to-date. Most of my experience in "hardening" boxes has been with making them as stealth as I can, since I've never really needed to offer services I couldn't restrict by IP before. Now, with a web server, I'm a bit more limited as to how blanket paranoid I can go. Thanks to everyone who has offered suggestions. I'm now on the prowl for more time to read. If anyone trips across a time machine, please let me know. ;-) Charley -- Charles Hamilton, PhD EIT Faculty Fellow Department of Civil and Phone: 949.824.3752 Environmental Engineering FAX: 949.824.2117 University of California, Irvine Email: chamilto () uci edu --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Setting up secure HTTP server Charley Hamilton (Oct 03)
- Re: Setting up secure HTTP server C. Josh Doll (Oct 06)
- RE: Setting up secure HTTP server Shota Gedenidze (Oct 06)
- Re: Setting up secure HTTP server Steve (Oct 06)
- Re: Setting up secure HTTP server Charley Hamilton (Oct 06)
- Re: Setting up secure HTTP server Steve (Oct 06)
- Re: Setting up secure HTTP server Andreas Schubert (Oct 06)
- RE: Setting up secure HTTP server Russell Morrison (Oct 07)
- RE: Setting up secure HTTP server dave kleiman (Oct 08)