On Sat, 20 Dec 2003, Roman Drahtmueller wrote:
What I'd be interested in: What are the protection measures that you would put in place if you wanted to secure a SUSE system for internet use?
I'm sure we know some... :-) But maybe you have some ideas that will help us to make our job better.
I'd like to see a mimimal out-of-the-box secured Apache webserver installation option, available from YaST with all the security options you have in mind enabled, and as many other services excluded/disabled as is possible. AFAIR doing a minimal installation under SuSE 8.1 pro does not include Apache, at this moment in time. Regards - Keith Roberts PS my machine is sitting behind a firewall on an ADSL router. Port 80 is the only port open. The box is updated regularly as security announcements are made, or I still check with YOU or fou4s once a week if not... What exploits are there that I need to be aware of that could get into my box via port 80, apart from the obvious attacks against Apache?