A dual-homed linux firewall with strong firewall rules should be
adequate, as long as the firewall box is locked down and is running the
minimal services (make sure those daemons are the latest versions). I
run a 10-PC home network with an old p200 linux machine acting as my
router/firewall/NAT system. As for securing the web server, the latest
versions of Apache seem decently secure from the get-go, as long as any
scripts arent vulnerable. If youre running one of those "other" web
servers, you will have to check out the vendor documentation for
securing the server and assigning permissions. If you plan on running
IIS on an NT server then you simply have a problem waiting to happen.
If you need help setting any of these things up, or would like me to run
a quick security check on your firewall/web server configuration, just
let me know in a private email. Goodluck.
HD Moore aka Spinux
http://nlog.ings.com (Like Nmap? Try Nlog!)
http://www.phunc.com (Its da Phunc)
http://ww.trinux.org (Single Floppy Linux Security Toolkit)
http://ww.opensec.net (For your open source security needs)
Bernd Hofmann wrote:
>
> what do you suggest as a good way to protect a very small (2-5 computers) network
>(linux und windows 98) from hacking? it shouldn�t cost the world but be sufficient.
>
> another question: what do i have to do to protect a web-site of being hacked?
>
> thanks for any suggestions!
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
