Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am currently setting up a RedHat Linux box for an intranet application. It's access to the outside world will be: 1) remote system administration by myself, 2) ftp'ing application programs to the intranet web server (again by myself), 3) testing the intranet application (myself), and 4) "getting/putting a couple of data files (using ftp) from a "safe" internet site every night. What kind of security am I looking at? Since I am not hosting a web site for external users, can I get away with less security and still not get hacked? I really don't wish to become a Linux/Internet security expert and spending hours administering security and hack threats. Any ideas? Thanks!
okay, okay, i stand corrected. i was just wishfully thinking of a world where my system, not being a "public" web site and only providing access to a single known remote user (me) could avoid some of the security setup and maintenance. i need to have the host system available only via dialup access and only by me. i plan on using SSH-2 for remote administration and SCP for transferring files. i'll be using Apache/Tomcat for web/java serving. thus, i'll need to provide HTTP access as well in order to remotely test the intranet application. i have come across a ton of online material as to what i need to do in order to "defend" the system. i realize that once proving any outside access, you just gotta do the work and protect yourself. thanks for the reminder.
Originally posted by ekromps I am currently setting up a RedHat Linux box for an intranet application. It's access to the outside world will be: 1) remote system administration by myself, 2) ftp'ing application programs to the intranet web server (again by myself), 3) testing the intranet application (myself), and 4) "getting/putting a couple of data files (using ftp) from a "safe" internet site every night. What kind of security am I looking at? Since I am not hosting a web site for external users, can I get away with less security and still not get hacked? I really don't wish to become a Linux/Internet security expert and spending hours administering security and hack threats. Any ideas? Thanks!
I'd _really_ re-eveluate using ftp. I trust there is some kind of firewall in your solution as well. A few hours (maybe more) with ipchains or even good canned scripts would be a wise investment. Not letting anything but the most crucial ports to the outside world would be a good starting point. ie: ssh and nothing else. That should buy you some extra time to get comfortable with your firewall ruleset bfore you have to open up http/https and (yikes) domain (named).
As already pointed out by unSpawn, thank you in adavnce for your valid concerns and honest questions. Now go ye forth and fortify. Then ask more questions. After that ask more questions. In short - lay low and let the other guy get rooted.
I wish I would have found this place a long time ago.
Again - submitting reply without previewing...
mc9
Just to build on your comments Ekromps.
"Since I am not hosting a web site for external users, can I get away with less security and still not get hacked"
No, but you can get away with more security or by creating a PKI for your network.
As it sounds to me, your on the internet and you want to access your system over the internet but like an intranet website.
Simple:
You put up a statefull firewall and a VPN gateway to your computer. "which must also have a statefull firewall running.
Then you don't need to secure FTP or the HTTP as it's a virtual private network using the internet as a long cable.
Once it's up little or no maintenance is needed.
This is the model for most B2B implementations, who don't want to invest time and money into 24/7 security cover.
However I would like to point out that if your connect to the internet then nothing is 100% secure, but you can most definitely stop 99.999% of hackers getting in.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.