|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [suse-security] web server lockdown
From: Alex Hargrove (ahargrove
cgresd.net)
Date: Mon Feb 14 2005 - 09:34:33 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Cool, just what I was looking for!
Also, is it better to install Apache + MySQL from the included SUSE
RPMs, or download the respective tarballs and compile from source?
Thanks again!
>>> "Johannes B. Ullrich" <jullricheuclidian.com> 02/14 9:44 AM >>>
take a look at the CISecurity Linux and Apache benchmarks here:
http://www.cisecurity.org/
They are a bit centric, but include a lot of good ideas you can
transfer
to SuSe.
couple other related papers:
http://www.giac.org/practical/GCUX/Randal_Warner_GCUX.pdf
(RHAS 3, but its close enough to Suse... very much 'step by step'
style paper)
Alex Hargrove wrote:
> Hi all-
>
> I'm wondering if anyone can share a "best practices" for setting up
a
> dedicated webserver running Apache 2.0 on SUSE Pr0 9.2, like proper
> partitioning, lockdown, etc. I noticed an older doc referring to (I
> think) SUSE 6.2 or 7 that's floating around out there, but obviously
> that's kinda dated... I'm interested in what packages and services
> should be installed, and which shouldn't (but are by default) for
the
> sake of security... stuff like that.
>
> Thanks!
>
--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]