Home page logo
/

basics logo Security Basics mailing list archives

Public Web server Help
From: "Shawn Jackson" <sjackson () horizonusa com>
Date: Fri, 26 Mar 2004 10:34:43 -0800


   I have a question for the Linux/UNIX guru's out there. Currently I
host a few people (projects I helped out with at one time or another) on
my servers at home. They get Email, Web, FTP, etc. The hosting was done
on one Win 2K box. In a effort to secure myself better I'm migrating
them to a Red Hat Linux 8 server, for Web/FTP and MySQL, Email and
others to be done latter, on different servers.

My plan is to setup a htdocs or public_html directory in their home
folder, under that will be each domain that the server hosts for them,
(some of them have multiple domains). Using FTP I can easily lock them
in their home directories but I also want to allow SSH access to the
server so they can get work done easier.

Does anyone know of any of have any document on how to lock users in
their home directories using SSH? In the UNIX/Telnet world there was a
way, I just don't know if it migrated to the Linux world.

Does anyone know of any or have any documents on how to properly setup
Apache (HTTPD) for this environment. I've setup normal websites using
Apache, Virtual Hosts, Aliases, etc but this seams to be a different
beast altogether. 

Does anyone know of any or have any documents on how to setup MySQL for
this environment? My first theory was to setup a single DB, then create
databases on demand, but is there a way to let each user setup their own
'instance' in their home directory? 

Security is a concern, keeping all the files under their home directory
(DB, Logs, htdocs) and trying to keep the user from wondering around the
system. I'm blocking everything inbound but 80, 22, and 21/20. DB access
is limited to local system only. The basic configuration stuff is done,
it more down to trying to lock it down so it's usable and secure.

Anyone dealt with this situation, any help or nudges/kicks in the right
direction is appreciated. Thanks!

Shawn Jackson
Systems Administrator
Horizon USA
1190 Trademark Dr #107
Reno NV 89521

www.horizonusa.com
Email: sjackson () horizonusa com
Phone: (775) 858-2338
             (800) 325-1199 x338


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]