Firewall Wizards mailing list archives
Re: About Port Forwarding, Apache and Firewall Rules
From: Servie Platon <servie_tech () yahoo com>
Date: Mon, 30 Aug 2004 12:16:20 -0700 (PDT)
Dear Sirs: With all due respect to everyone on this group whom I may have annoyed or have bothered on this issue, my sincerest apologies. I don't expect any sympathy from anyone here, but let me first explain why I made such a request. My primary intention is to host a family oriented web site exclusively for my family, in other words this is not a commercial site. This site will give information or updates about our big clan/family ranging from birthdays, weddings, christenings and/or Christmas or other family reunions showcas/gatherings showcasing pictures, or possibly even video footage of such events. Since I come from a relatively large family where it consists of 1st, 2nd, 3rd and even 4th generation of kin, with a closely knit relationship. I feel it necessary as a token of gratitude to my aunts and uncles and even my parents whose age range are in the 70's and 80's, not to mention the young ones (great grand kids of my uncles) who are very much into the internet to host a non commercial site for the exclusive use of our family/clan. I have pure and clean intentions here Sirs and as a matter of fact, I am consulting this prestigous group for some tips on how to go about my project. I have learned from school where linux is one subject that this is open source and a powerful O/S at that, and if configured incorrectly or compromised, it could be used to create havoc and confusion out there by making my host machine as a tool for DoS attacks and other forms of malicious intent to destruct other people. I am a law abiding citizen and I intend to follow the guidelines and norms bound by the TOS agreement of our cable provider. But before anyone react, anybody on my situation would probably do the same thing due to the following circumstances. First, I live in an area where we have limited ISP service due to the demographic location. As of this present time, we only have one cable ISP and no DSL providers. Now, this project of mine has been ongoing for months and as a matter of fact, I am looking into all the possibilities/avenues of hosting such site, this includes the breach of the TOS of my provider. Other problems that has been hampering this project is the cost of getting a static ip address, limited ISP in my area and budget to pay for additional service such as web hosting service. Speaking of TOS's, I work for a non profit organization or NGO/Foundation wherein I am the volunteer administrator of its small windows network. Unfortunately, this organization doesn't have T1 line or leased line for that matter. More so, the ISP we have there is also cable service. My boss asked me to setup a website for his foundation and since we are bound by the TOS of our cable provider, I suggested to him that we should go through a web service provider instead so as not to breach the TOS agreement, and so we did. Now, I am in the process of designing the web site which is hosted off site. The trade off is that the Foundation pays extra for the web hosting service which this organization can afford to pay. But I think we have done the right thing, abiding by TOS. I am not saying this to justify my requirement and as a matter of fact, I have contemplated of relocating the server intended for this purpose, to my cousins house where he has a DSL service and not bound by the limitations of TOS of some cable providers. But since, setting up one's website does not stop from there or does not happen overnight. I have done laborious task of installing or enabling only the necessary services for this bastion host. Compile the apache from source, download the security updates, install IDS or admin tools like snort, tripwire to fully bastionize this host among others, so that I limit the risk of being used to attack others. Amidst great power of Linux, lies great responsibility. Based from this statement, I am conferring this prestigious group where most of you are either firewall or linux gurus. I have fully understood the TOS agreement and intend to abide by it. And I intend to host this site at my cousin's house and probably SSH my way to it to do admin tasks since I live about 45 miles away. Before I hook up this machine using DSL provided service which allows inbound TCP connections on port 80. Let me again, ask this kind group if anyone is still interested in helping me out what firewall rules I should make on iptables to help my life less miserable and safe for others. I don't intend this machine I am setting up to be used for DoS and other bad stuff so that is why I am asking and posting this question to make it a little bit secure. I am no linux expert but have come to embrace the philosophy of open source system. I am no script kiddie or intend to be a cracker since doing damage and eavesdropping is not my cup of tea. All I want to do is make my family/clan happy by finally being able to host a web site, abiding by the terms and conditions of the TOS. Again, my apologies to everyone. I want to be responsible enough that my system is secure and linux hardened to be safe for everyone. So that everybody will be happy including cable ISPs. No harm in trying??? Thanks for your time. Sincerely, Servie _______________________________ Do you Yahoo!? Win 1 of 4,000 free domain names from Yahoo! Enter now. http://promotions.yahoo.com/goldrush _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- About Port Forwarding, Apache and Firewall Rules Servie Platon (Aug 28)
- Re: About Port Forwarding, Apache and Firewall Rules Jim Seymour (Aug 29)
- Re: About Port Forwarding, Apache and Firewall Rules Mark (Aug 30)
- Re: About Port Forwarding, Apache and Firewall Rules Jim Seymour (Aug 30)
- Re: About Port Forwarding, Apache and Firewall Rules Barney Wolff (Aug 30)
- Re: About Port Forwarding, Apache and Firewall Rules Jim Seymour (Aug 30)
- Re: About Port Forwarding, Apache and Firewall Rules Mark (Aug 30)
- Re: About Port Forwarding, Apache and Firewall Rules Paul D. Robertson (Aug 30)
- Re: About Port Forwarding, Apache and Firewall Rules Jim Seymour (Aug 29)
- Re: About Port Forwarding, Apache and Firewall Rules Jeremiah Cornelius (Aug 30)
- Re: About Port Forwarding, Apache and Firewall Rules Paul D. Robertson (Aug 30)
- Re: About Port Forwarding, Apache and Firewall Rules Servie Platon (Aug 30)
- Re: About Port Forwarding, Apache and Firewall Rules Jim Seymour (Aug 30)
- <Possible follow-ups>
- RE: About Port Forwarding, Apache and Firewall Rules Fetch, Brandon (Aug 30)
- About Port Forwarding, Apache and Firewall Rules - conclusion Servie Platon (Aug 30)