Any tips on securing a server?
Christoph Georgi
christoph.georgi at web.de
Wed Jan 19 01:10:41 UTC 2005
There are books written about securing Linux servers.. So there's a lot
of stuff you should/can do to secure your server.
Regarding your particular issue you could use a seperate partition where
people are allowed to upload files and mount it with the option "noexec"
so that nobody can execute scripts on that partion (please correct me if
I'm mistaken) - check out the other options you have for mounting
partitions. Another thing that can be done is denying people wx
(write,execute) permissions on the folder they are allowed to upload
stuff. Everything that's uploaded is hence not accessible for them. You
would have to check that stuff and then copy it into a folder where
people can access it.
Regarding your server I would recommend starting with the following:
http://www.seifried.org/lasg/
http://www.netfilter.org/documentation/
http://www.tldp.org/HOWTO/Security-HOWTO/
http://www.debian.org/doc/user-manuals#securing
And there is much more out there!
christoph
Ben Hodgson wrote:
> Hi,
>
> I have set up an internet server running qpopper, exim, webmin, apache
> and ProFTPd and have finished configuring the servers themselves. Now
> i'm trying to move onto security and protecting the machine from
> potential attacks.
>
> Does anyone have any tips on doing this (in particular I am trying to
> protect againt people uploading and executing scripts to temp using a
> file upload form on a php powered website - ive had that done to me
> before!)?
>
> Thanks,
>
>
> Ben Hodgson
>
> ------------------------------------------------------------------------
> I am using the free version of SPAMfighter for private users.
> It has removed 6794 spam emails to date.8
> Paying users do not have this message in their emails.
> Try SPAMfighter <http://www.spamfighter.com/Product_Info.asp?> for free now!
>
More information about the ubuntu-users
mailing list