Hi All,

Ive finally decided to venture and let people see my machine permanently
connected to the net. This machine is of course running debian. It is
running testing as of a couple of months or so. I plan to let it go into
woody and stay there (upgraded to woody so many months ago primarily for
iptables)

The machine is 200Mhz with 96Mb RAM. It already takes care of my
personal as well as some work mail(including this list) and apache for
the webmail stuff and PHPgroupware, so its under a bit of
load(Masquerade, Exim, IMAP, Procmail, Spamassasin, Apache, PHP etc.)

Im about to buy a domain name and host that on this server. Im a little
paranoid about letting people access this machine from the world. Due to
this, I would like to know what the most secure services that I can run
on this server. I want it to handle dns for this domain as well as the
web and mail.

I am on ADSL and so have a static ip address and intend to use this ip
for hosting this domain. Maybe even try some virtual hosting.

What would you guys recommend for this setup. I am using bind just now
which I hear is a pita for security. Doing a apt-cache search with
secure dns brings up maradns.

I haven't noticed much security issues with exim on the net. Where would
the best place be to find information about stopping the server from
relaying mail for anyone else as well.

Also, how secure is Apache / PHP. I would guess that there wouldn't be
many issues considering that around 60% of all web servers around the
world are running Apache last time I checked(albeit a few years ago)

Im really not expecting many hits on this size (dozen a day or so) and
the email from this site wouldn't be that much either.

I am however, considering upgrading this into a PII with 450MHz and
128Mb to 256Mb Memory.

I would really appreciate any advice on this. I dont have a DMZ just now
and can't really afford one.

Thanks for your time,



Shri



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to