Firewall Wizards mailing list archives
About Port Forwarding, Apache and Firewall Rules - conclusion
From: Servie Platon <servie_tech () yahoo com>
Date: Mon, 30 Aug 2004 14:18:09 -0700 (PDT)
Dear Sirs: This, I think will be my last post on this thread. Again, I am so sorry if I may have irked someone with regards to TOS's. I know I may have asked the wrong question or may have the wrong intentions as per TOS agreements, I admit, my mistake and fault. My apologies to everyone. I thought that open source and user groups such as this, is aimed in helping those people who is interested and in need. I am not a linux expert nor a firewall guru like most of you guys, so that is why I have posted in here. For the peace of mind of everyone on this thread and with the one's who work for cable ISP's for that matter. Let me reiterate that I intend to setup this website via DSL service which does not have the TOS restrictions. The problem with TOS issue has been resolved, end of the story. But what I am asking here is, since I am doing the testing here at my house and I use my cable ISP. I wanted to make sure first what iptable rules is ideal for my apache box. Still, I need to do the testing first, like check if it could be accessed from the outside and so on? Again, let me point out that I am just testing out first the box before I let this loose in the open by connecting this through my cousin's house with a DSL service, I would just like to know from anyone who has a good samaritan nature. What's the best iptable rules to enforce on my box considering I connect this box to a DMZ port on my linksys router where my apache box listens to port, ie. 555? The questions raised before were: 1. If I assign a different port would it be a security threat or easier for someone to break in my box? Or port 80 and any other ports, doesn't matter at all. 2. I used port forwarding and a webhop service from dyndns.org which redirects connections from port 80 to my box. Having the linksys router do the port forwarding alongside my susbscription with dyndns.org to do webhop. I would like to know if there are additional configuration that I should do on my linksys for additional rules to implement. 3. This too goes with my apache box. What iptable rules should I use? As I have said before, restricting root access, applying security patch for my linux distro, compiling the kernel and/or compiling apache from source, enable SSH service, TCP Wrappers, installing IDS, tripwire along with snort among other tools to secure my host has been considered. On this regard, may I take the opportunity for those people who had been nice enough to reply to this thread and have showed interest in helping out. My sincerest and grateful thanks to all of you. And for the one's who brought up the issue on TOS's, thank you too because you have enlightened me on the basis of ethical standpoint and doing what is right.... Though most of you here, are all linux and firewall experts. I still am hoping that someone would give some kind of a help on this matter. It's really ironic, that what we have learned from school are all but mere theories, it's still up to us to apply into practice what we have learned. I need help and assistance here because I want to be responsible enough that the host box I let loose as a web server will be secure enough and not used by some unscrupulous indviduals for other purposes. I don't have money since I only do volunteer work and as such could not afford to pay for additional service. I only wanted to do this project for my family and my own personal fulfillment using linux and open source without any intent to harm other networks nor crack into other systems. Again, may I thank each and everyone of you on this group. More power and thanks a lot. Sincerely, Servie --- "Fetch, Brandon" <BFetch () texpac com> wrote:
Anyone in Com-crap's (Comcast) sphere of influence can only dream of having a static IP address - either home or SOHO/business class of service. Yet another reason to use DSL (Speakeasy) to get your static fix. Brandon Fetch 817-871-4036 -- carpe ductum -- "Grab the tape" "Btw: *Most* DSL and cable broadband providers do have SOHO/business packages that allow the running of services and give one static IP addresses. Many areas of the country have alternate (usually DSL) broadband providers that can supply business-class connectivity. Of course: These options all come at a price. Jim" This message is intended only for the person(s) to which it is addressed and may contain privileged, confidential and/or insider information. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Any disclosure, copying, distribution, or the taking of any action concerning the contents of this message and any attachment(s) by anyone other than the named recipient(s) is strictly prohibited. _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________ Do you Yahoo!? Win 1 of 4,000 free domain names from Yahoo! Enter now. http://promotions.yahoo.com/goldrush _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: About Port Forwarding, Apache and Firewall Rules, (continued)
- Re: About Port Forwarding, Apache and Firewall Rules Mark (Aug 30)
- Re: About Port Forwarding, Apache and Firewall Rules Jim Seymour (Aug 30)
- Re: About Port Forwarding, Apache and Firewall Rules Barney Wolff (Aug 30)
- Re: About Port Forwarding, Apache and Firewall Rules Jim Seymour (Aug 30)
- Re: About Port Forwarding, Apache and Firewall Rules Mark (Aug 30)
- Re: About Port Forwarding, Apache and Firewall Rules Paul D. Robertson (Aug 30)
- Re: About Port Forwarding, Apache and Firewall Rules Jeremiah Cornelius (Aug 30)
- Re: About Port Forwarding, Apache and Firewall Rules Paul D. Robertson (Aug 30)
- Re: About Port Forwarding, Apache and Firewall Rules Servie Platon (Aug 30)
- Re: About Port Forwarding, Apache and Firewall Rules Jim Seymour (Aug 30)
- About Port Forwarding, Apache and Firewall Rules - conclusion Servie Platon (Aug 30)