Find the answer to your Linux question:
Page 2 of 2 FirstFirst 1 2
Results 11 to 17 of 17
How do you mean "protect"? What kind of protection are you looking for?...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #11
    Linux Guru
    Join Date
    Oct 2001
    Location
    Täby, Sweden
    Posts
    7,578

    How do you mean "protect"? What kind of protection are you looking for?

  2. #12
    Just Joined!
    Join Date
    May 2003
    Posts
    40
    I mean protect as in:

    I don't want to get hacked
    AND
    I want to run apache on port 80

  3. #13
    Linux Guru
    Join Date
    Oct 2001
    Location
    Täby, Sweden
    Posts
    7,578
    If you want to run apache there, you have no other possibilty than to open it up, right? If anything, you can block strange requests and such things. There are special netfilter matchers for that. If you want to know all of the matchers and targets, the best place to look is the kernel configuration. They are all described there. Another thing you can do is to block IP addresses that you for one reason or another know to be malicious.

  4. $spacer_open
    $spacer_close
  5. #14
    Just Joined!
    Join Date
    May 2003
    Posts
    40
    OK, that's definitley one way....

    But I was thinking more along the lines of Apache.

    The way I see (tell me if I'm wrong) is that Apache is "in charge" of that port. Any activity involving that port is handled by Apache, thus...

    If I rely on the Apache security measures, would that be acceptable enough?

  6. #15
    Linux Guru
    Join Date
    Oct 2001
    Location
    Täby, Sweden
    Posts
    7,578
    Well, you should see to it to keep apache up to date, or you might very well find yourself cracked one day or the other. And of course you shouldn't allow more access than necessary in the apache config files.

  7. #16
    Just Joined!
    Join Date
    Mar 2005
    Location
    Ghana
    Posts
    35
    vous

    have tried using a TCP wrapper to handle apache request on prot 80 from notable malicious ip_addr it's a good option.

    like inside the /etc/hosts.allow add the ff in.httpd:ALL:severity emerg

    or may by safe the xinetd server request since apache runs on port 80 using httpd that is an xinetd service, in the long run could be check. for instance request made per host at a type, cpu time use and many more.

    refer MAN pages of xinetd.conf since it helps in understanding the configuration of the xinetd server using xinetd.conf file

    more grease to ur elbows, chaaaaaaaaaaaarge!

    urs in the PENGUIN

  8. #17
    Just Joined!
    Join Date
    Mar 2005
    Location
    Auckland, New Zealand
    Posts
    14
    What are the advantages / disadvantages in using xinetd? I know xinetd can help with server load so that only needed services are running when required, but what other advantages are there?

    I'm looking at getting a web server running over my ADSL connection but don't know which route to take with xinetd at this point, whether to use it or not.

    Gavin

Page 2 of 2 FirstFirst 1 2

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •