tunafish Posted February 14, 2008 Share Posted February 14, 2008 I run a Linux Debian Lenny server (even though it's in testing it was stable for me). Anyway i have decided i want to nuke it and redo the whole os install etc, as my servers full of usless crap that needs a cleanout etc. Well anyway i was thinking of going right back to debian. unless someone can convince me otherwise. The server is my home file server, home web testing server etc, and it's open to the web. Things i do run on it are: Apache, mysql5, php5, pureftp, samba, webmin, gnump3d, fireflymediaserver, ssh with no direct root login. Anyway i am looking for something that will be secure and stable. I am looking for a nice secure firewall maybe thats easy to understand, ability to support raid etc. I just need an overall secure kernel as well. Link to comment Share on other sites More sharing options...
kyro Posted February 14, 2008 Share Posted February 14, 2008 well, why not go for Centos5 ? I would recommend that. and regarding raid, its software raid? or hardware raid? what card. Link to comment Share on other sites More sharing options...
tunafish Posted February 14, 2008 Author Share Posted February 14, 2008 i would presume its going to have to be software raid as i dont have a raid card in server Link to comment Share on other sites More sharing options...
kyro Posted February 14, 2008 Share Posted February 14, 2008 okay, software raid, wont be problem. Link to comment Share on other sites More sharing options...
tunafish Posted February 14, 2008 Author Share Posted February 14, 2008 whats a good security program and settings to use etc? Link to comment Share on other sites More sharing options...
kyro Posted February 14, 2008 Share Posted February 14, 2008 whatever you do is never enough and its advisable to take security measures in steps. I would suggest you the following. 1) http://www.rfxnetworks.com/apf.php http://www.rfxnetworks.com/sim.php http://www.rfxnetworks.com/proj.php 2) recompile your kernel with http://www.grsecurity.net/ ( V .Advance) 3) remove all unwanted services,packages,tools, make sure your folders/files ownership are secure (cant really guide here, its vast) 4) feeling adventurous ,enable SE-Linux . and I got guide here , old one when i was learning to be admin , its got nice tips too https://www.neowin.net/forum/index.php?showtopic=271716 Link to comment Share on other sites More sharing options...
tunafish Posted February 20, 2008 Author Share Posted February 20, 2008 Thanks for that I may end up going back to debian lenny However what about fedora or centos? Link to comment Share on other sites More sharing options...
tunafish Posted February 20, 2008 Author Share Posted February 20, 2008 well as i could not edit my post im going to have to double post I am going to try ubuntu 7.10 server edition. Now is it worth using 64bit version? i only have 1gb ram. Also does the server edition have GUI support Link to comment Share on other sites More sharing options...
Vinno Posted February 21, 2008 Share Posted February 21, 2008 64bit version is fine, you shouldnt run into any problems. Link to comment Share on other sites More sharing options...
pdog Posted February 25, 2008 Share Posted February 25, 2008 You shouldn't be running a GUI of any sort on a server, it increases the attack vector and makes it less secure. If you want secure, you can always look at OpenBSD, which has only had 2 remote security holes in it's default install in 10 YEARS! PF is also a very nice firewall/queuing/forwarding/packet filtering system. You might also check out FreeBSD, that is a little easier to get used to than OpenBSD. Debain Etch is my distro that I use for my servers, it's pretty secure out of the box, and is also really easy to use. Link to comment Share on other sites More sharing options...
Recommended Posts