RE: Gibraltar, apache and samba at the same machine

To: "'Debian'" <debian-user@lists.debian.org>
Subject: RE: Gibraltar, apache and samba at the same machine
From: "Willem-Jan Meijer" <meyer3@chello.nl>
Date: Sat, 22 Feb 2003 19:45:50 +0100
Message-id: <[🔎] 00b501c2daa2$9eb7d4c0$0c00a8c0@willemjan>
In-reply-to: <[🔎] 20030221215438.GC23527@incanus.net>

Let me explaint the situation here:

I've got:
1 server running debian
2 P3 machines dualbooted with Windoze XP and Debian

on a network, that's why I'm using NAT.
On the server I'm running Apache, samba, squid and proftp. Squid and samba
are for internal use only. I'm logging in by SSH from everywhere it's
possible, so that's why the SSH port is open. I've got some customers who
use webspache, that's why I'm using apache and proftp.

Hope this is enough information

HTH,

Willem-Jan Meijer

<-- Alle inkomende en uitgaande e-mail worden gescand op virussen  -->
<-- All incoming and outgoing e-mail is scanned for virusses -->

-----Oorspronkelijk bericht-----
Van: Nathan E Norman [mailto:nnorman@incanus.net] 
Verzonden: vrijdag 21 februari 2003 22:55
Aan: Debian
Onderwerp: Re: Gibraltar, apache and samba at the same machine

On Fri, Feb 21, 2003 at 02:21:10AM -0800, Paul Johnson wrote:
> On Thu, Feb 20, 2003 at 11:45:33AM -0600, Nathan E Norman wrote:
> > gibraltar is not what you want.  Install the "ipmasq" package.
> 
> Well, if we're talking only a single computer altogether, then making
> sure you don't have any services that aren't being used installed, and
> make sure the ones that are being used are both properly configured
> and patched in an intelligent manner should really cover your bases.
> If it's a home box with no services to the outside world, you can
> pretty much remove all services but the MTA, reconfigure the MTA to
> not listen outside of localhost and learn a little iptables to close
> everything off that isn't originating from the box or related to an
> existing connection.

Agreed.  However, the script this guy posted indicated he was doing
NAT (though it's still not clear to me that it's needed :-) which is
why I mentioned the ipmasq package.  It's not perfect  but IMO it's a
good starting point for newbies.

-- 
Nathan Norman - Incanus Networking mailto:nnorman@incanus.net
  People demand freedom of speech to make up for the freedom of
  thought which they avoid.
          -- Soren Aabye Kierkegaard

Reply to:

Follow-Ups:
- Re: Gibraltar, apache and samba at the same machine
  - From: Paul Johnson <baloo@ursine.dyndns.org>

References:
- Re: Gibraltar, apache and samba at the same machine
  - From: Nathan E Norman <nnorman@incanus.net>

Prev by Date: Re: Compilation of a single kernel module.
Next by Date: lots (ok, a few) of packages with -woody and -sarge versions
Previous by thread: Re: Gibraltar, apache and samba at the same machine
Next by thread: Re: Gibraltar, apache and samba at the same machine
Index(es):
- Date
- Thread