Re: Port 37628....Is it just another port or out of the extra ordinary???

[Victor Williams <vbwilliams () neb rr com>]

I might also throw out there:

1.  If you almost always have physical access to the machine, 
realistically the only thing that should be running is the webserver on 
whatever port.
2.  If you MUST have remote access, SSH version 2 only.
3.  You don't need anything other than option 1 and/or 2 running.
4.  A firewall should be your last resort, not your first.  I would also 
suggest running the firewall ON the machine (IPTables) as additional 
security if your Linksys or whatever it is doesn't do it natively.
5.  A custom kernel is always a better idea vs blindly trusting what 
others have compiled or let leak into theirs.  I compile custom kernels 
for any Linux machine (serving internet content/services or not), 
regardless of the function.
6.  And as always, don't put anything you don't care about or don't care 
if anyone else sees on this machine.  I would hardly call a default 
build of Fedora Core whatever version a platform for a secure webserver. 
 It's a testbed, nothing more.

InHisGrip wrote:

> Hi Bruce,
>
> Thank you so much on your suggestions.
>
> Incidentally, I am also contemplating on compiling and
> building my own kernel this way, I could select which
> options and services that I would need? What do you
> think?
>
> All of you guys are just awesome! You have given me
> lots of ideas and I have learned a lot. Thanks again
> everyone in this group!
>
> InHisGrip,
> Servie

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards