View previous topic :: View next topic |
Author |
Message |
faemin n00b
Joined: 16 Oct 2012 Posts: 22
|
Posted: Sat Dec 01, 2012 6:11 am Post subject: Server firewall rules questions, ipv4, general sec |
|
|
...
Last edited by faemin on Sun Dec 02, 2012 9:43 pm; edited 2 times in total |
|
Back to top |
|
|
phajdan.jr Retired Dev
Joined: 23 Mar 2006 Posts: 1777 Location: Poland
|
Posted: Sun Dec 02, 2012 5:52 am Post subject: Re: Server Security, networking, ids--numerous question back |
|
|
faemin wrote: | There are numerous web applications. These are my highest security concern. we have wsgi and also php, and now another python server. I can't seem to get the wsgi app to run as another user--it seems that is only possible when apache is running as root?! |
Oh, man, these can get really bad. Try to isolate them as much as possible, from each other and from the underlying system. To change uids you need root privileges. As long as they are dropped before processing untrusted data, it's OK (note: I'm not an expert on particular example of apache; this is just a general idea).
faemin wrote: | Finally, I will likely begin to have untrusted users having shell access. |
Seriously consider grsecurity then (part of hardened-sources), including things like Trusted Path Execution and other hardening features there like PaX.
faemin wrote: | PPS What is the best console based log analyzer? I am using logcheck, and it never detects anything! |
A login failure should appear in logcheck. Unless it's perfectly tuned for your system and unusual things never happen on your server, you should see some messages. I happen to be maintaing logcheck in Gentoo. Have you followed the logcheck guide at http://www.gentoo.org/doc/en/logcheck.xml ? _________________ http://phajdan-jr.blogspot.com/ |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|