Security Basics mailing list archives
Re: Secure host newbie
From: Niek <niek () packetstorm nu remove com>
Date: Wed, 31 Mar 2004 10:54:53 +0200
Xilo Musimene wrote:
Have a look at www.linux-sec.net, but you should pay an expert tohelp you. Look for someone who will know how to work close to your budget,there are guys out there who doesn't know how to work without a big budget. There are a lot of ways to improve security with low budget, but hire someone to help you.I'll give that website a thorough shot!I'm not going to try becoming an expert in just a few days... But I expect I can become fairly expert in specific topics. Such as firewalls; I beleive this topic is fairly small and could be covered completely within a few days. Then apache, again I beleive just a few days should be enough to read through the entire documentation and searching on the net/mailing lists for possible problems...I'm going to read as much as possible everyday and slowly I'll put my system up piece by piece as soon as I can consider myself educated enough to set it up securely.Thanks, Simon
Hi Simon, Don't expect to be an expert on specific topics such as iptables/apache/ect. The linux 2.4 firewalling, and the apache daemon are both complex entities. Even tho you can read a lot about them in a few days, I find you need to grow accustomed to them. Both have a whole lot op options, security settings, and of course best practices to follow. Furthermore, I would _NOT_ recommend using any non-commercial Redhat version on a production machine. As mentioned before, Redhat stopped (will stop) support for the non-commercial Redhat. Vanilla Redhat 7.3 is exploitable in many ways. I personally like Slackware, but any distro that has an eye for security/support/ect will do. Kind regards, Niek Baakman ---------------------------------------------------------------------------Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
Current thread:
- Secure host newbie xilopublic1 (Mar 30)
- Re: Secure host newbie Matt Taylor (Mar 30)
- Re: Secure host newbie Simon Lemieux (Mar 30)
- Re: Secure host newbie Tiago Quadra (Mar 30)
- Re: Secure host newbie Xilo Musimene (Mar 30)
- Re: Secure host newbie Niek (Mar 31)
- Re: Secure host newbie Xilo Musimene (Mar 31)
- Re: Secure host newbie Xilo Musimene (Mar 30)
- Re: Secure host newbie Matt Taylor (Mar 30)
- Re: Secure host newbie Vincent (Mar 31)
- <Possible follow-ups>
- Re: Secure host newbie Mitchell Rowton (Mar 30)
- Re: Secure host newbie Justin_Andrusk (Mar 30)
- Re: Secure host newbie Simon Lemieux (Mar 30)
- Re: Secure host newbie Simon Lemieux (Mar 30)
- RE: Secure host newbie Shawn Jackson (Mar 31)
- Re: Secure host newbie Simon Lemieux (Mar 31)
- RE: Secure host newbie Shawn Jackson (Mar 31)
- RE: Secure host newbie Shawn Jackson (Mar 31)