mailing list archives
big security questions the deny access guy return
From: "Carlos Garcia" <carlosg () cabonet net mx>
Date: Fri, 3 Dec 2004 19:35:08 -0700
Well am a newbie in this area, but it seems that i have created a really
revolution in the list with my deny access question well as far as i could
see you are a great folks that really want to help well i have a lot of
question about security so i really need your help
first of all i want to change the services that run in our network i have
red hat running in 3 servers one server have the dns1 the other have the
dns2 webmail and mail the third one have squid for cache and proxy and an
iptables based firewall the last one have the webmail running with zeus on
irix so i really wan to make this servers with new services and as secure as
posible so first question
about dns what bind do you recomend and how can i protect it i would like to
install snort to see if somebody is trying to attack in my server so should
i use bind 8 or bind 9 and should i use a chrooted schema or not? what other
security risk do i have to address?
about mail i was thinking in using postfix in place of sendmail is this a
good idea? for gathering mail i was thinking in cyrus-imap and
authentication tools but what would recomend me?
should i use snor in every server or just one ?
iptables are good enough? and i have a lot more question but can we start
with this ones? oh a last one somebody of the list says that it is not a
good idea to use the router as firewall is this write? why?
Carlos A. Garcia G.
Tel (624) 14 30120
- big security questions the deny access guy return Carlos Garcia (Dec 07)