Q. I will be getting my own dedicated server soon and while I have a functional knowledge of the concepts of Linux, I don't know everything. Will my server be reasonably secure if I am sure to keep everything updated and patched (assume there are no PHP scripts vulnerable to SQL injection etc.)
A. Make sure you have strong passwords for everything. This includes your database. Use SSH to connect, scp or some other secure program to transfer files (not vanilla FTP, since it transmits passwords in the clear).
If your database doesn't need to talk to other hosts, configure it so it only listens on the loopback interface.
Be careful when configuring your mail server, so it isn't an open relay.
Get a cert for the web server, so you can use SSL to protect information that gets sent over the net.
The biggest potential source of vulnerabilities will be from whatever web apps you install. Subscribe to the announcement/security mailing list(s) for those apps (and for the Linux distro you use), so you don't get blindsided. Before you install something, you might want to check out a security site (like Secunia) and search to see what advisories have been issued for that software w/in the recent past. This will give you an idea about just how worried you should be about potential issues down the road (and what current issues there are that haven't been fixed, yet).
If you're rolling your own web apps, there are a whole bunch of things to watch out for, especially if you're doing things with user data (file uploads, SQL searches, form processing, etc).
If your database doesn't need to talk to other hosts, configure it so it only listens on the loopback interface.
Be careful when configuring your mail server, so it isn't an open relay.
Get a cert for the web server, so you can use SSL to protect information that gets sent over the net.
The biggest potential source of vulnerabilities will be from whatever web apps you install. Subscribe to the announcement/security mailing list(s) for those apps (and for the Linux distro you use), so you don't get blindsided. Before you install something, you might want to check out a security site (like Secunia) and search to see what advisories have been issued for that software w/in the recent past. This will give you an idea about just how worried you should be about potential issues down the road (and what current issues there are that haven't been fixed, yet).
If you're rolling your own web apps, there are a whole bunch of things to watch out for, especially if you're doing things with user data (file uploads, SQL searches, form processing, etc).
HOw to solve the access permission problem for any folders in ubuntu?
Q. HOw to solve the access permission problem for any folders in ubuntu??
I am currently trying to copy a folder from one ubuntu to another ubuntu machine using "scp" command.
scp -r foldername ipaddress_of_other_machine:directorypath
It shows like this:
scp: permission denied.
I am currently trying to copy a folder from one ubuntu to another ubuntu machine using "scp" command.
scp -r foldername ipaddress_of_other_machine:directorypath
It shows like this:
scp: permission denied.
A. Ubuntu, like all Unix and Linux-based systems, provides permissions based on your user id and your group memberships. In order to create files and folders in a directory you need write permission to that directory.
In general there are three ways of getting write permission for a particular directory
1. Copy the files into it as root - the superuser account (root always has write access)
2. Copy the files into the target directory using the same user id that owns the directory (mostly, the owner of a folder or file will have write permission to it)
3. Change the permissions on the target directory to give yourself permission to write to it
If you update your Question to provide the target directorypath, and the output of "ls -ld directorypath" as run on "ipaddress_of_other_machine", I can update my Answer to give you a specific commands to achieve #2 and #3.
(For others who read this reply and think, "Ah ha, what about ACLs, etc.", I say that this is way too much detail for this Answer. Don't run before you can walk.)
In general there are three ways of getting write permission for a particular directory
1. Copy the files into it as root - the superuser account (root always has write access)
2. Copy the files into the target directory using the same user id that owns the directory (mostly, the owner of a folder or file will have write permission to it)
3. Change the permissions on the target directory to give yourself permission to write to it
If you update your Question to provide the target directorypath, and the output of "ls -ld directorypath" as run on "ipaddress_of_other_machine", I can update my Answer to give you a specific commands to achieve #2 and #3.
(For others who read this reply and think, "Ah ha, what about ACLs, etc.", I say that this is way too much detail for this Answer. Don't run before you can walk.)
How to make a script in linux and ssh?
Q. Hi, i need to make a script to log in my server with ssh, but i need to made it in one line... how can i make it???
A. Host Server:
1. Create login account [user] with ssh access and test from client via ssh.
2. Create and/or chmod -R 700 /home/[user]/.ssh
Client Server:
1. Login as root.
2. Create and/or chmod -R 700 /root/.ssh
3. CD to .ssh and run "ssh-keygen -t rsa" (take defaults/no passphrase)
4. scp id_rsa.pub [user]@[host server]:/home/[user]/.ssh/authorized_keys2 (or copy over then cat >> if already exists)
5. ssh [user]@remotemachine.
It should not prompt you for a password, just drop to a prompt.
1. Create login account [user] with ssh access and test from client via ssh.
2. Create and/or chmod -R 700 /home/[user]/.ssh
Client Server:
1. Login as root.
2. Create and/or chmod -R 700 /root/.ssh
3. CD to .ssh and run "ssh-keygen -t rsa" (take defaults/no passphrase)
4. scp id_rsa.pub [user]@[host server]:/home/[user]/.ssh/authorized_keys2 (or copy over then cat >> if already exists)
5. ssh [user]@remotemachine.
It should not prompt you for a password, just drop to a prompt.
Nec Projector Review
Plastic Shed Reviews
Ati Graphic Reviews
Nurse Uniforms Reviews
Cabochons Reviews
Inflatable Water Slides Reviews
Barcode Scanner Reviews
No comments:
Post a Comment