Secure Server
Tim
ignored_mailbox at yahoo.com.au
Thu Aug 6 09:56:03 UTC 2009
On Wed, 2009-08-05 at 09:06 -0700, Alejandro Rodriguez Luna wrote:
> I just wanted ask about the security of services like
> ssh, dns, etc, what is the best way to secure this services?, perhaps
> /etc/hosts.allow and /etc/hosts.deny?, or perhaps with a superserver
> inetd or xined?,
If some of those services don't need to be publicly accessible, such as
a SSH server that will only be used between computers within a LAN, then
configure the server to only listen to the appropriate interfaces or
addresses.
Secure a service directly, rather than hope that putting a firewall
between them and something else will do the trick. If someone can get
past the firewall, that sort of security (configuring a service
properly), they still can't compromise your server.
--
[tim at localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686
Don't send private replies to my address, the mailbox is ignored. I
read messages from the public lists.
More information about the users
mailing list