Hi Andy,
I am also a Newbee Linux. I have now a webserver located at the isp which I
need to administer via ssh and confixx.
You are mentioning here to administer such a server via ssh and yast. Is it
possible to run yast over a SSH shell?
Also the support people of the ISP advised me, that a firewall for a server
is not indicated. What do you think about this? Intuitively I would not
consider a computer connected to the internet without any protection as
apropriate.
Grieetings
Johannes Stockburger
Pamellahs Best Price Travel
Johannes Stockburger
Hermann-Steinhäuser-Str.18
63065 Offenbach
Tel 069-82368993
Fax 069-82368992
stockburger@bestpricetravel.de
http://www.bestpricetravel.de
http://linienflug.bestpricetravel.de
http://www.visit-your-family.de
----- Original Message -----
From: "Andy Bennett"
Hi again.
My main question is if the Webmin is a good tool to do remote administration or are better tools ?
On Thursday 31 Jul 2003 16:35, Arndt Faulhaber wrote:
Hi Joao,
Does anyone knows if the Webmin permits to do a administration of the systems securely ?
Jup, you can setup webmin to use https.
Example if i connect from home to my company to administer my systems with webmin is there any secyrity flaws or if it is not advisable ?
Otherwise you can access it using ipsec... or restrict the IP address from which access is possible...
Cheers, Arndt
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug
I am also a Newbee Linux. I have now a webserver located at the isp which I need to administer via ssh and confixx. You are mentioning here to administer such a server via ssh and yast. Is it possible to run yast over a SSH shell?
Yes it is, if your Server is a suse linux box. A SSH shell is like sitting directly in front of the machine if you "su"ed to root.
Also the support people of the ISP advised me, that a firewall for a server is not indicated. What do you think about this? Intuitively I would not consider a computer connected to the internet without any protection as apropriate.
This will probably mean, that a firewall for your server is not configured yet. If a complete suse is installed, then you can setup a firewall on your own. Greetings Andreas Jaegermann
On Friday 01 August 2003 08:51, Johannes Stockburger wrote:
Also the support people of the ISP advised me, that a firewall for a server is not indicated.
Did they mean that in the Medical sense of Indicated (loosely: required, recommended, prescribed), or did they mean that in the sense of "we looked to see if you have one and could not find one" ? If the former, I have to ask what is your defintion of a Server? Are we talking about a file server for your network (in which case you bet your life you need a firewall), or are you talking about a web server (in which case mou may be able to do without one if you secure the system very well and shut down all uncessary services and close all un-needed ports)... -- _____________________________________ John Andersen
Hi,
They meant it is not required. This was the answer when I had asked them
about the IP-Adresses of the Names Servers to be included into the firewall
script, as well as the mode of the network connectivity(Subnet etc). I think
they just did not want to check for this answer, and the support person was
not really knowing what he was talking about. (E.G on this server in the
default configuration a ftp service is running, which I understand should
not at all run without a ALG module in a firewall.)
I listed the iptables rules and fond only 3 emty chains with default
accept.
This is a dedicated computer for which I have root access. I rented this
because I plan to use phplib, which they would not install on a virtual
server, and because at a certain point of time I want to use an own ssl
certificate.
For now I just blocket all traffic (set default drop on emty iptables
chains, if I want to enter, I just have to reset the server), until I have
checked and understood the network condiguration (Name Servers, DHCP or not)
and which services are running which I do not need.
Freundliche Grüße von
Pamellahs Best Price Travel
Johannes Stockburger
Hermann-Steinhäuser-Str.18
63065 Offenbach
Tel 069-82368993
Fax 069-82368992
stockburger@bestpricetravel.de
http://www.bestpricetravel.de
http://linienflug.bestpricetravel.de
http://www.visit-your-family.de
----- Original Message -----
From: "John Andersen"
On Friday 01 August 2003 08:51, Johannes Stockburger wrote:
Also the support people of the ISP advised me, that a firewall for a server is not indicated.
Did they mean that in the Medical sense of Indicated (loosely: required, recommended, prescribed), or did they mean that in the sense of "we looked to see if you have one and could not find one" ?
If the former, I have to ask what is your defintion of a Server? Are we talking about a file server for your network (in which case you bet your life you need a firewall), or are you talking about a web server (in which case mou may be able to do without one if you secure the system very well and shut down all uncessary services and close all un-needed ports)...
-- _____________________________________ John Andersen
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
participants (3)
-
Andreas Jägermann
-
Johannes Stockburger
-
John Andersen