Unsure about security requirements for workstation/server
Hi,
I have a requirement for a machine that will double-up as a server and a
workstation for me, and I'm not sure what to install on it.
I currently use a laptop. It's a dual-boot system, with Debian Testing
(I plan to upgrade to Unstable soon) and Windows XP. Most of the time I
work on Debian, but occasionally I switch to Windows.
I'd like to be able to run Windows & Debian at the same time and my plan
is to run WinXP on my laptop and Debian on another machine which I
haven't bought yet (I'll be running an X-server on my laptop under WinXP
in order to run my X apps).
I'd also like to make my Debian machine accessible from the Internet as
a server. I'd like my clients (I'm a web/software developer) to be able
to see work in progress for testing etc., so I'll be opening up
Apache/PHP/MySQL/Tomcat to the Internet. I'd also like to give a few
chosen people SSH/FTP/CVS access via the Internet.
NOTE: High availability is not that important - if I have to reboot or I
get a powercut it's no big deal. I'm not expecting constant hits on the
server (if I did I wouldn't host at home).
I realize that I'm trying to do two things with one machine. I'm trying
to create a publically visible server (it won't be used that much as a
server, but it does need to be secure) and a personal workstation.
Ideally I should buy two machines, but I'd like to save space/money and
only have one machine acting as a server and a workstation.
I know that for production servers only the Stable distribution is
recommended and as little software as possible should be installed. But
as a workstation, I'd like to install Unstable and a lot more software
on it than I would on a pure server (e.g. Gnome/KDE, GIMP and loads of
other stuff that I like to play around with).
What should I do? Is it possible to run Unstable in a secure fashion? I
know the security team focuses on releasing security updates to Stable
first, but doesn't Unstable get the updates soon after?
Any advice/thoughts on this would be greatly appreciated.
Thanks,
Yasir
Reply to: