Re: Secure host newbie

["Mitchell Rowton" <mrowton () bdo com>]

A good place to start
http://www.linuxsecurity.com/

Also read up on the specific apps
http://www.apache.org/

Also try SecurityDocs, check out the web security area, but there are
more specific areas to look into (apache, ssh, and ssl are separate
categories.)
http://www.securitydocs.com/

When you come up with specific questions let us know!


> > > <xilopublic1 () ca inter net> 03/29/04 03:04PM >>>
Hi there,
  I'm going to put a host on the internet in a day or two, it will be
closed to public
during the development stage.  We 
have a lot of services to setup and I was wondering about security
issues for each of
these services.  We will be 
running this on a Redhat 7.3 base system.

The services we will have are HTTP (Apache), private FTP, SSH access,
POP server for our
users, SMTP for users 
that would have to use ours, SSL for secure money transactions, might
have news server,
might have a MP3 stream 
server and will have home-made servers for home-made clients.

Now, before I ask you guys a whole lot of newbie questions, I would
like to read good
documents on these topics.  
Howtos, documentation, tutorials, books, all kinds of references are
appreciated,
especially if I can get them free! 
(Since our budget is extremely limited).

Thanks,
 
Simon



NOTICE:
The contents of this email and any attachments to it may contain privileged and confidential information from BDO 
Seidman, LLP.  This information is only for the viewing or use of the intended recipient.  If you are not the intended 
recipient, you are hereby notified that any disclosure, copying, distribution or use of, or the taking of any action in 
reliance upon, the information contained in this e-mail, or any of the attachments to this e-mail, is strictly 
prohibited and that this e-mail and all of the attachments to this e-mail, if any, must be immediately returned to BDO 
Seidman, LLP or destroyed and, in either case, this e-mail and all attachments to this e-mail must be immediately 
deleted from your computer without making any copies thereof.  If you have received this e-mail in error, please notify 
BDO Seidman, LLP by e-mail immediately.


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------