Results 11 to 17 of 17
How do you mean "protect"? What kind of protection are you looking for?...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 05-20-2003 #11Linux Guru
- Join Date
- Oct 2001
- Location
- Täby, Sweden
- Posts
- 7,578
How do you mean "protect"? What kind of protection are you looking for?
- 05-20-2003 #12Just Joined!
- Join Date
- May 2003
- Posts
- 40
I mean protect as in:
I don't want to get hacked
AND
I want to run apache on port 80
- 05-20-2003 #13Linux Guru
- Join Date
- Oct 2001
- Location
- Täby, Sweden
- Posts
- 7,578
If you want to run apache there, you have no other possibilty than to open it up, right? If anything, you can block strange requests and such things. There are special netfilter matchers for that. If you want to know all of the matchers and targets, the best place to look is the kernel configuration. They are all described there. Another thing you can do is to block IP addresses that you for one reason or another know to be malicious.
- 05-20-2003 #14Just Joined!
- Join Date
- May 2003
- Posts
- 40
OK, that's definitley one way....
But I was thinking more along the lines of Apache.
The way I see (tell me if I'm wrong) is that Apache is "in charge" of that port. Any activity involving that port is handled by Apache, thus...
If I rely on the Apache security measures, would that be acceptable enough?
- 05-20-2003 #15Linux Guru
- Join Date
- Oct 2001
- Location
- Täby, Sweden
- Posts
- 7,578
Well, you should see to it to keep apache up to date, or you might very well find yourself cracked one day or the other. And of course you shouldn't allow more access than necessary in the apache config files.
- 04-08-2005 #16Just Joined!
- Join Date
- Mar 2005
- Location
- Ghana
- Posts
- 35
vous
have tried using a TCP wrapper to handle apache request on prot 80 from notable malicious ip_addr it's a good option.
like inside the /etc/hosts.allow add the ff in.httpd:ALL:severity emerg
or may by safe the xinetd server request since apache runs on port 80 using httpd that is an xinetd service, in the long run could be check. for instance request made per host at a type, cpu time use and many more.
refer MAN pages of xinetd.conf since it helps in understanding the configuration of the xinetd server using xinetd.conf file
more grease to ur elbows, chaaaaaaaaaaaarge!
urs in the PENGUIN
- 04-10-2005 #17Just Joined!
- Join Date
- Mar 2005
- Location
- Auckland, New Zealand
- Posts
- 14
What are the advantages / disadvantages in using xinetd? I know xinetd can help with server load so that only needed services are running when required, but what other advantages are there?
I'm looking at getting a web server running over my ADSL connection but don't know which route to take with xinetd at this point, whether to use it or not.
Gavin
Reply With Quote 
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
