Security Basics mailing list archives
Re: Linux Web Server Hardening (LAMP + Wiki)
From: Michael Peppard <mpeppard () impole com>
Date: Tue, 29 Jan 2013 09:40:35 -0500
" I'd argue that this is merely because they, being lesser known, represent a smaller attack surface"
This is a fallacy. The most interesting servers usually use the more secure operating systems, therefore they tend to get the most attention. LAMP for instance runs a great percentage of web servers with shopping carts and database access. Very high value targets.
The openness of the code for review by anyone with an interest should make these operating systems open targets, yet somehow it hasn't. In fact the most paranoid government agencies use a linux offshoot, android with custom selinux, for their secure servers. Strange huh?
-Mike On 01/28/2013 01:48 PM, James Thomas wrote:
Dear Eric, Thank you for your note. On 28/01/2013 03:19, Eric Furman wrote:Don't use Linux. It is insecure. Use Windows or one of the BSDs. All are much more secure.I'd argue that none of these are secure, that perfect security is an illusion, and that technical solutions aren't everything. If there have been fewer exploits for the BSD's, I'd argue that this is merely because they, being lesser known, represent a smaller attack surface. I'd be more concerned about configuring systems properly than with choice of OS, and training all associates to resist spearphishing, etc. Security should be seen as a series of layers, any of which might be breached, and the layer closest to one's skin should be an awareness of techniques that may be employed by an attacker, and how to mitigate them. Mitnick's books are a good start for this. That said, I have no useful answers for Jeffrey's actual question offhand. James ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Re: Linux Web Server Hardening (LAMP + Wiki), (continued)
- Re: Linux Web Server Hardening (LAMP + Wiki) Joerg Stephan (Jan 28)
- Re: Linux Web Server Hardening (LAMP + Wiki) DragonSlay3r (Jan 28)
- Re: Linux Web Server Hardening (LAMP + Wiki) gremlin (Jan 31)
- RE: Linux Web Server Hardening (LAMP + Wiki) Emre Tugriceri (Jan 28)
- Re: Linux Web Server Hardening (LAMP + Wiki) Michael Zoet (Jan 28)
- Re: Linux Web Server Hardening (LAMP + Wiki) Ansgar Wiechers (Jan 28)
- Re: Linux Web Server Hardening (LAMP + Wiki) Eric Furman (Jan 31)
- Re: Linux Web Server Hardening (LAMP + Wiki) Ansgar Wiechers (Jan 31)
- Re: Linux Web Server Hardening (LAMP + Wiki) Jason M (Jan 28)
- Re: Linux Web Server Hardening (LAMP + Wiki) James Thomas (Jan 28)
- Re: Linux Web Server Hardening (LAMP + Wiki) Michael Peppard (Jan 29)
- RE: Linux Web Server Hardening (LAMP + Wiki) Ulm, Matt (Jan 28)
- Re: Linux Web Server Hardening (LAMP + Wiki) Littlefield, Tyler (Jan 28)
- Re: Linux Web Server Hardening (LAMP + Wiki) Henri Salo (Jan 28)
- RE: Linux Web Server Hardening (LAMP + Wiki) Balakrishnan Nadar (Jan 28)
- Re:Linux Web Server Hardening (LAMP + Wiki) forgaoqiang (Jan 28)
- Re: Linux Web Server Hardening (LAMP + Wiki) gremlin (Jan 31)
- Re: Linux Web Server Hardening (LAMP + Wiki) Michael Peppard (Jan 28)
- Re: Linux Web Server Hardening (LAMP + Wiki) Tracy Reed (Jan 29)
- Re: Linux Web Server Hardening (LAMP + Wiki) Jeffrey Walton (Jan 28)
- RE: Linux Web Server Hardening (LAMP + Wiki) Tommy Thomas (Jan 29)