Re: Safely exposing a service to the internet

To: debian-user@lists.debian.org
Subject: Re: Safely exposing a service to the internet
From: William Ballard <nospam_50115@alltel.net>
Date: Sun, 23 Jan 2005 04:45:11 -0500
Message-id: <[🔎] 20050123094511.GA20170@alltel.net>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 20050123072008.GA16690@alltel.net>
References: <[🔎] 20050123072008.GA16690@alltel.net>

On Sun, Jan 23, 2005 at 02:20:08AM -0500, William Ballard wrote:
> Sid's apache?  Should I make some kind of jail and
> put something in a DMZ?

I'm going to do this:
ADSL: Port forward to OpenBSD running pf
OpenBSD: Port forward to a Woody Chroot

My machine will be running latest kernel and sid,
but Apache will be running in a Woody Chroot with
Debian security applied.

As long as (1) there are no kernel exploits,
(2) I do the pf part correctly, and (3) I don't
make any mistakes in any server code I run in
Apache, this publicly accessibly webserver
should be expected to be safe, correct?

Reply to:

References:
- Safely exposing a service to the internet
  - From: William Ballard <nospam_50115@alltel.net>

Prev by Date: Re: Spamassassin problems
Next by Date: Re: Setting up USB scanner
Previous by thread: Safely exposing a service to the internet
Next by thread: Setting up USB scanner
Index(es):
- Date
- Thread