A Secure Open Source Server


Recommended Posts

I'm looking at setting up a linux server with these basic features:

MySQL Server

SMTP/POP3 Server

anonymous FTP Server

Its going to be behind a Cisco router (w/ NAT), so the only ports passed through to the server will be the ones for each of those server packages.

Are most Linux distros (i'm thinking slackware right now, as I don't intend to put any XFree on it), secure out of the box? Or should I take some extra percautionary steps.

What are some good guides, how-tos?

thanks

-Nic

Link to comment
Share on other sites

You my friend want OpenBSD.

There policy is secure by default, audited code, and strong cryptography as a standard.

They have a proven track record of being secure, in commercial, military, and also according to 'entheusiasts'.

I've been running it on my servers for about 2-3 years consecutively and maybe 5 years "off and on" with no real issues.

The install guide on their website is pretty darn reliable and from there you can use any "how to configure apache/mysql/sendmail/procmail/ftp/whatever" tutorial to come up with safe and reliable server.

Link to comment
Share on other sites

cool. I think i'll go with that.

Should i have any problems running this w/ the list of server applications on a P2 450?

I'm probably going to get a new system anyway... still curious if it would run decent on that P2. I'm guessing the MySQL won't. Serving at most 10 connections at any given time.

Link to comment
Share on other sites

I'm using it on a 133 with 72mb of ram.

It can handle 3 or 4 interactive users + serving up a website for testing php and posgres so I'm sure your P2 will be more than adequate. I wouldn't run neowin off of it - nor any serious php scripts that do a lot of work with pictures (download, resize, convert format, etc) or video but just about everything else should be plenty fast on the kind of loads you describe.

If you want every possible ounce of performance then you'll want to build OpenBSD from source - the binary packages are compiled for i386, where your server would benefit from i686 instructions.

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.