I see we have another -top- poster. My reply where it belongs. -----Original Message----- From: "Sturgis, Grant" <Grant.Sturgis@arraybiopharma.com> To: <suse-security@suse.com> Date: Sat, 20 Dec 2003 09:46:52 -0700 Subject: RE: [suse-security] request for opinions: SuSE 9 secure as a web server?
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi folks,
I'm planning to serve web pages from my personal box (family pictures and the like), running SuSE 9 stock with all patches. The machine will be handed all port 80 (or whatever port I decide to use) requests from my linksys router/ firewall, therefore being completely exposed on that port. I'll also be letting ssh through.
So my question is: how dangerous is this? How secure is a SuSE 9 box (with no tweaks or anything, just configured everthing with yast). I'm asking your opinion as to whether SuSE is considered reasonably safe for what I have in mind or if I should look for other options. And perhaps if there are simple steps I can take to increase my chances of not being cracked.
Just some more info: in my internal network I'm running NFS, so can't use the suse firewall (since it blocks that service). I'm also running rsync.
It never hurts to be to careful. Since you have the linksys router blocking all ports but perhaps 80 (http) and 22 (ssh) you should be fairly safe. But keep a close watch on your log files and install a program like tripwire to watch any changes to files. This should alert you to any unrequested changes. Ken