Hi, basically, enabling smtp and pop3 services on a firewall or a host with firewall functionality is not a very safe setup. Mailservers have to accept certain commandos from other servers in order to process/deliver mails. An improperly set up mail system can be considered as a serious threat to your network security; if this all-in-one hosts gets cracked, there's no second-in-line defense perimeter left to keep the bad guys (and grrlzz) out... A good approach towards learning the do's and dont's of linux and linux security would be to get a small, currently not used PC where you can safely install linux and play around with it before you put anything in a production environment. Steps to a reasonably secure system would include: a) read the whole documentation of your linux distro and try a few things, specially the security apps, patches and tools that come with it (section "sec" in suse), but also the basic administrative tasks b) subscribe yourself to certain mailing lists covering distro news and security announces/discussion (bugtraq, CERT...) c) get yourself some literature, for example Linux in a Nutshell, Unix - Ein praktischer Einstieg, TCP/IP-Netzwerkadministration and Einrichten von Internet Firewalls (all from O'Reilly, www.oreilly.de) d) look for possible security threats on www.securityfocus.com, www.securityportal.com, www.whitehats.com... e) verify your system security via online services like www.hackerwhacker.com f) read, read, read and read again, then go and try, and return to reading... Good luck, Boris <bolo@lupa.de> --- On 30-Nov-00 C.Richartz@wzl.rwth-aachen.de wrote:
Hi, my name is Chris and I just started using LINUX. Now my problem I have to install a very save server. The server should work as a file-server which is also WWW-router, firewall and Mailserver for a network of 25 workstations with Windows NT. 5 Days ago I started working in LINUX but my employer wants me to create a server that is saver than a very save NT-system. I'm not able to create such a system by myself!! Please Help me
Greetings Chris