Security Basics mailing list archives
Re: Linux Web Server Hardening (LAMP + Wiki)
From: Jason M <jmillette () datavalet com>
Date: Mon, 28 Jan 2013 11:19:46 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Eric, This is a ridiculous piece of FUD and certainly does not help the gentleman with his question. In the future please keep your baseless comments to yourself. This list is not the place for your to shill your preferred OS, but for facts concerning security. Whew, happy that is out of the way (and much more polite than I thought it would be) Having said that: Hi Jeff, I would start here: http://www.nsa.gov/ia/mitigation_guidance/security_configuration_guides/operating_systems.shtml This is way overkill for your average LAMP stack, but will give you a good idea as to how far you can go. For a more simplified checklist style that will get you most of the way have a look at: www.sans.org/score/checklists/linuxchecklist.pdf Good luck, and happy hardening :) On 01/28/2013 03:19 AM, Eric Furman wrote:
Don't use Linux. It is insecure. Use Windows or one of the BSDs. All are much more secure. On Fri, Jan 25, 2013, at 04:31 PM, Jeffrey Walton wrote:Hi All, Is anyone aware of a hardening guide for a Linux LAMP server with a Wiki component? I have an older Linux Server hardening book, but nothing recent. I have not seen a Wiki hardening document. Thanks in advance, Jeff ------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
- ------------------------------------------------------------------------
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
- ------------------------------------------------------------------------
- -- Jason Millette System Administrator \ Wireless Security Specialist Datavalet 5275 Queen Mary Montreal, Quebec H3W 1Y3 t: (866) 532-4448 x169 f: (514) 385-6660 Notice: This message is confidential and privileged. If you are not the addressee, please inform the sender by return e-mail immediately and delete this message and destroy all copies. Avis : Ce message est confidentiel et protégé par le secret professionnel. Si vous n’êtes pas le destinataire, veuillez informer l’expéditeur par courrier électronique immédiatement et effacer ce message et en détruire toute copie. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJRBqUiAAoJENXxxWMec3nNGAAH/jKU+goK/ZeMA2+8pQoeIO9R CpKbycyhzYrGpFgbUxpV5LKzH3z/+KKNRnACsYWoqcw/V6b/kiwvQ6OymrYDPbe1 3zKcsmRxjbI8AydNYhzPND3wupfIstWh0Pnia68Qu0/HmuBgqRLac/w4bX5L+2sj qLeVDyLroVhqR+oyb829YMezU+O85ht6MRKUvKiIxCN0fUXxR5+dJcoDMt6+pBi4 ax426LG7xtfOQScZiXj+IhCoMwAfs9JPA3TkgoINg+insMIZU+8tOGKkdm6/ayNx fdsc5idqGYrJRhjqMs4Y9ZzapgJJz0v2d8MlR4T/9VAAIv9ZUtyHQBzaa5oaz8w= =Hm4b -----END PGP SIGNATURE----- ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Re: Linux Web Server Hardening (LAMP + Wiki), (continued)
- Re: Linux Web Server Hardening (LAMP + Wiki) Eric Furman (Jan 28)
- RE: Linux Web Server Hardening (LAMP + Wiki) Arie Claassens (Jan 28)
- Re: Linux Web Server Hardening (LAMP + Wiki) Joerg Stephan (Jan 28)
- Re: Linux Web Server Hardening (LAMP + Wiki) DragonSlay3r (Jan 28)
- Re: Linux Web Server Hardening (LAMP + Wiki) gremlin (Jan 31)
- RE: Linux Web Server Hardening (LAMP + Wiki) Emre Tugriceri (Jan 28)
- Re: Linux Web Server Hardening (LAMP + Wiki) Michael Zoet (Jan 28)
- Re: Linux Web Server Hardening (LAMP + Wiki) Ansgar Wiechers (Jan 28)
- Re: Linux Web Server Hardening (LAMP + Wiki) Eric Furman (Jan 31)
- Re: Linux Web Server Hardening (LAMP + Wiki) Ansgar Wiechers (Jan 31)
- Re: Linux Web Server Hardening (LAMP + Wiki) Jason M (Jan 28)
- Re: Linux Web Server Hardening (LAMP + Wiki) James Thomas (Jan 28)
- Re: Linux Web Server Hardening (LAMP + Wiki) Michael Peppard (Jan 29)
- RE: Linux Web Server Hardening (LAMP + Wiki) Ulm, Matt (Jan 28)
- Re: Linux Web Server Hardening (LAMP + Wiki) Littlefield, Tyler (Jan 28)
- Re: Linux Web Server Hardening (LAMP + Wiki) Eric Furman (Jan 28)
- Re: Linux Web Server Hardening (LAMP + Wiki) Henri Salo (Jan 28)
- RE: Linux Web Server Hardening (LAMP + Wiki) Balakrishnan Nadar (Jan 28)
- Re:Linux Web Server Hardening (LAMP + Wiki) forgaoqiang (Jan 28)
- Re: Linux Web Server Hardening (LAMP + Wiki) gremlin (Jan 31)
- Re: Linux Web Server Hardening (LAMP + Wiki) Michael Peppard (Jan 28)
- Re: Linux Web Server Hardening (LAMP + Wiki) Tracy Reed (Jan 29)