I appreciate the comments and apologize. I feel I didn't explain as well as I should my current setup. I have a linksys router connecting my network and the router actually has a smaller version of linux installed on it. I am trying to familarize myself with the device and what I would have to do. From what some of you are saying is it would be better to route all traffice to one system? because currently I have two towers on a keyboard mouse monitor switch so I can easily switch between the two. I have comcast and I do believe I am not technically suppose to host a server and I do believe the IP address are dynamic so not sure if this creates problems with my DNS and pointing my domain to my server. I can currently locally access my server via web browser and php works fine with mysql. I havn't worked on my security much, but understand it is a major thing I will have to focus on. I suppose my major issue is configuring all of my IPs properly with my DNS and getting a good setup to avoid dangerous attacks. I will read the suggested material and if anyone has any insight on router server setups I would appreciate the feedback.
I have Debian on my other box. I want to figure out how to run the server properly then I will probably do a reinstall and try and work on security once it is setup properly. On Thu, Apr 30, 2009 at 10:38 AM, Jeremiah Bess <[email protected]> wrote: > That is not a true story. If a hacker uses ssh from a hacked machine to hack > other machines, logs are still kept on the hacked machine to show what the > hacker did. If you are worried about such things, set up PKI-only ssh. My > ssh server at home only accepts PKI keys as authentication, no passwords > allowed. It's really easy to set up, and the most secure set up you can use. > You might also want to set up an IPS/IDS. Even something simple like > tripwire, which monitors file changes can clue you in. > > But we are not talking about a commercial website. He is wanting to set up a > personal website. Hackers don't target personal websites. Script kiddies do, > only to set up a botnet or zombie host.. Make sure all patches are applied, > and avoid using SQL if possible, and PKI-only SSH will leave you quite > secure. > > Jeremiah E. Bess > Network Ninja, Penguin Geek, Father of four > > > On Thu, Apr 30, 2009 at 11:26, BluesRenegade <[email protected]> > wrote: >> >> If a hacker gets access to an account on the machine, then they can use >> SSH and the sys admin cannot see what they're doing because of the >> encryption used on all the data passing through the SSH connection, making >> the hacker's activities even harder to detect. >> >> Conrad Lawes wrote: >> >> The key reason for using ssh over ftp is security. By default, ssh >> traffic is all encrypted. FTP, by default, transmits in clear-text. >> Nowadays, you can perform many tasks without going to the command line >> especially if you're using a distro such as Ubuntu or Fedora. With tools >> such as phpmyadmin, webmin, gftp, and Joomla you can perform many tasks via >> GUI or Web browser. Of course, it doesn't hurt to learn the CLI. >> >> >> >> On Thu, Apr 30, 2009 at 3:34 AM, Chris Miller >> <[email protected]> wrote: >>> >>> On Wed, Apr 29, 2009 at 10:01 PM, VENOM GRIM <[email protected]> >>> wrote: >>> > I just started using Linux and wanted to enjoy it as much as possible >>> > so I decided to start a server to host my personal website. I was >>> > wondering what the first step would be to get this setup. >>> > >>> > So far I have install Debian newest version and Apache2 PHP5 and >>> > MYSQL.....I need to get my domain to point to my server and I also >>> > need to get FTP setup... >>> >>> As I *ahem* have some experience with Debian 5 and webservers... >>> >>> 1) Check with your ISP. Most ISPs do NOT allow you to host servers of >>> any kind (technically when I run a Nexuiz server I'm violating my >>> ISP's usage agreement - ain't that special?) so that kicks you off to >>> the mercy of a hosting provider. If you're still determined to learn >>> how to use a full-blown Linux setup for a server, then I'd suggest a >>> Virtual Private Server (VPS). They're real cheap, but give you all >>> administrative benefits of a real, root-access Linux server. They do >>> not have as much RAM, and the disk I/O sucks real bad as well. >>> >>> 2) Learn to use the command line. 99% of the work I do with Linux >>> nowadays (I moved to Mac OS X for all my desktop word-processing, >>> coding, etc.) is through the command line. When administering a >>> server, all the tutorials are for the command line. All the utilities >>> are for the command line. Do you see where I'm going with this? The >>> command line is the golden tool to get anything and everything done. >>> >>> 3) I don't use FTP. It's slow, and I just have a general dislike of >>> it. I prefer to use SSH (which is even slower, but it's a lot less >>> irritating to get working). If you're still hell-bent on FTP, I'd >>> suggest proftp (`apt-get install proftpd`). >>> >>> 4) Learn to read documentation. >>> * manpages >>> * google (just google - throw in the relevant keywords for whatever >>> you're doing, and a mess of tutorials and blogs will pop out of the >>> woodwork - honest!) >>> * the Apache documentation (http://httpd.apache.org/docs/2.2/) is >>> absolutely excellent and tells you almost everything you need to know >>> about how to make your website work. >>> >>> 5) Have fun! Every time you use Linux, you're sticking it to the man! >>> You're not paying the Microsoft tax, and that keeps showing them that >>> no, making inferior crap just doesn't cut it. >>> >>> -- >>> Registered Linux Addict #431495 >>> http://profile.xfire.com/mrstalinman | John 3:16! >>> http://www.fsdev.net/ | http://www.fsdev.net/~cmiller >>> Parents, Take Responsibility For Your Kids! http://www.whattheyplay.com/ >>> >>> >> >> >> >> -- >> Regards, >> Conrad Lawes >> >> >> >> >> >> > > > > > -- Ryein Bowling 503-608-4728 --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Linux Users Group. To post a message, send email to [email protected] To unsubscribe, send email to [email protected] For more options, visit our group at http://groups.google.com/group/linuxusersgroup -~----------~----~----~----~------~----~------~--~---
