On Wed, December 7, 2005 12:20 pm, Chris 'Xenon' Hanson said: > Anthony Oteri wrote: >> It also just occured to me, that you could simply use a virtual host in >> your apache configuration instead of running another instance of the >> web server. Simply set up a virt host on a high port, include the >> redirect in pf, and have the virtual host serve from a different >> directory > > This seems like a good opportunity, but remember, you're seeking to DENY > a hostile aggressor access to your webserver software. Netcat'ing > something to them is a much more bulletproof option. If you find a remote > exploit in netcat, I'll give you a prize.
If you want to run an actual HTTP sever, you might take a look at thttpd. It's designed for minimal footprint and security. It can do some basic HTTP stuff, plus chrooting and throttling. (Both of which may be nice for this type of application.) Daniel T. Staal --------------------------------------------------------------- This email copyright the author. Unless otherwise noted, you are expressly allowed to retransmit, quote, or otherwise use the contents for non-commercial purposes. This copyright will expire 5 years after the author's death, or in 30 years, whichever is longer, unless such a period is in excess of local copyright law. ---------------------------------------------------------------
