Results 1 to 5 of 5
  1. #1

    Firewalls and other means of protection

    Greetings,

    I just wanted your opinions on what can we do to make our servers safer for us and our clients and the costs involved.

    If it's possible, please give a link or a referral of where we can get more info about a specific mean of doing so (ie. installing firewalls).

    Thanks a lot!

    Best regards,
    Boris

  2. #2
    Join Date
    May 2001
    Location
    Dayton, Ohio
    Posts
    4,962
    Backups..
    Backups..
    Backups

    Do regular security audits, keep stuff up-to-date...

    Change your root pass freqently.

    Limit root login's to certain users only from certain locations...

    Alot of stuff is just common sense..
    -Mat Sumpter
    Director, Product Engagement
    Penton Media

  3. #3
    Join Date
    Sep 2002
    Posts
    30
    Originally posted by The Prohacker
    Backups..
    Backups..
    Backups

    Limit root login's to certain users only from certain locations...

    Alot of stuff is just common sense..
    Any idea...whats the besst way to backup? ..do u back up on the same machine?? or?? how???

    and also how can u limit root logins to---from certain locations----

    Thanks in advance.

  4. #4
    Join Date
    Apr 2001
    Location
    Depok, Indonesia
    Posts
    988
    Unfortunately if you are doing web hosting, a firewall is not the end of increasing security. Otherwise your clients will not be able to manage their sites.

  5. #5
    As others have mentioned, there's not a lot of point to a firewall, when you can't predetermine who will log in from where. However, firewalls on certain services for only certain IP's or using TCP wrappers to protect certain users from logging in only from certain IP's is a good idea. It can't hurt.

    Firewalls won't do much, but it's one small thing to add to a lot of things to have better protection, and in a web server environment is usually one of the most trivial.

    However, at the same time firewalls can drop certain packets, you can tear the datagrams apart with certain methods (not to be confused with this only, to be clear), and you can limit things like ICMP to only specific IP classes or a specific IP, etc. So they do still have some uses, but not like they would on a VPN or something.
    Robert McGregor
    URL: http://www.2host.com
    Email: robertm@(nospam)2host.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •