Server Security [SOLVED]

As part of my job, I run an Arch64 LAMP server for hosting a website. Currently, it has "ALL:ALL" specified in its /etc/hosts.allow and I am wondering...is that a security risk? Furthermore, what command-line firewall software (which I could operate via ssh) is out there which Arch users would recommend installing on servers?
Last edited by tony5429 (2008-04-28 14:44:54)

Ramses de Norre wrote:
tony5429 wrote:If I am not mistaken, I think I only need ports 80 and 22 open (for http and ssh)... How would I go about changing my hosts.allow and hosts.deny to fix that? Please forgive me; I am quite new to this stuff.
In hosts.allow:
sshd sshd2 httpd :ALL
If you're concerned about security, ensure your sshd config is more secure as well.
Doing simple things such as changing the deafult ssh port, forcing protocol version 2, and disabling root logins are strongly encouraged.
For a quick read on the subject:
http://www.foogazi.com/2006/11/29/modif … -security/
Last edited by Aaron (2008-04-27 01:07:08)

Similar Messages

  • Email server security settings for Thunderbird

    Hi - my first message to the Forum so hope I am in the right section. I'm on Windows 8. My email is working fine via an email client (Thunderbird). However, the server security settings suggested by BT instructions for T/Bird seem very weak to me............. - Connection security - none - Authentication method - password, transmitted insecurely. Can anyone using Thunderbird please advise me what they should be please. Help would be appreciated - thank you. John
    Solved!
    Go to Solution.

    Am I OK shifting the incoming to IMAP from POP3 please ?
    John
    Your choice, they are 2 completely different ways of operating e-mail. With IMAP, the mail is held on the server and can be accessed from multiple devices, POP3 downloads the mail to the client and is deleted from the server (unless specifically told to leave a copy on the server) BT don't advertise the fact but does in fact support secure POP3. the server mail.btinternet.com supports POP3 using SSL on port 995 and secure SMTP on port 465

  • Server security certificare expired

    My email program recently stopped connecting to my hotmail account. Following the errors, I learned that the server security certificate has expired. I really have no idea whatsoever what that means and what I would need to do to fix it. Could anyone help me out with this? Thank you!

    Hello Touchpad-User!
    Two things:
    1.  You are using a webOS TouchPad, and this is the Android section of the Forum.  I'm going to move this message to the proper area.
    2. Please view this thread over at webOSnation.com where the subject has been discussed extensively.
    WyreNut
    I am a Volunteer here, not employed by HP.
    You too can become an HP Expert! Details HERE!
    If my post has helped you, click the Kudos Thumbs up!
    If it solved your issue, Click the "Accept as Solution" button so others can benefit from the question you asked!

  • Error searching for from role provider Microsoft.Office.Server.Security.LdapProviderException: Unexpected exception occurred, please contact administrator to resolve this issue.

    Hi,
    I am trying to configure FBA with ADLDS on SharePoint 2013 Enterprise.
    I have edited, web.config files for Central Admin, Security Token Application and Claim aware WebApplication.
    <PeoplePickerWildcards>
    <clear />
    <add key="XXPROVIDERMP" value="%" />
    <add key="XXPROVIDERRM" value="%" />
    <add key="AspNetSqlMembershipProvider" value="%" />
    </PeoplePickerWildcards>
    <membership defaultProvider="i">
    <providers>
    <add name="i" type="Microsoft.SharePoint.Administration.Claims.SPClaimsAuthMembershipProvider, Microsoft.SharePoint, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" />
    <add name="XXPROVIDERMP" type="Microsoft.Office.Server.Security.LdapMembershipProvider, Microsoft.Office.Server, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71E9BCE111E9429C" server="CSERVER" port="389" useSSL="false" userDNAttribute="distinguishedName" userNameAttribute="userPrincipalName" userContainer="CN=Clients,CN=Extranet,DC=XXDCNAME,DC=dmz" userObjectClass="person" userFilter="(|(ObjectCategory=group)(ObjectClass=person))" scope="Subtree" otherRequiredUserAttributes="sn,givenname,cn" />
    </providers>
    </membership>
    <roleManager defaultProvider="c" enabled="true" cacheRolesInCookie="false">
    <providers>
    <add name="c" type="Microsoft.SharePoint.Administration.Claims.SPClaimsAuthRoleProvider, Microsoft.SharePoint, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" />
    <add name="XXPROVIDERRM" type="Microsoft.Office.Server.Security.LdapRoleProvider, Microsoft.Office.Server, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71E9BCE111E9429C" server="CSERVER" port="389" useSSL="false" groupContainer="CN=Clients,CN=Extranet,DC=XXDCNAME,DC=dmz" groupNameAttribute="cn" groupMemberAttribute="member" userNameAttribute="userPrincipalName" dnAttribute="distinguishedName" groupFilter="(ObjectClass=group)" scope="Subtree" />
    </providers>
    </roleManager>
    When I am trying to find user in People Picker, getting error
    Error searching for "XXUSER"from role provider "XXPROVIDERNAME" Microsoft.Office.Server.Security.LdapProviderException: Unexpected exception occurred, please contact administrator to resolve this issue.
    Has someone else faced this issue?

    Figured it ! 
    Account which was accessing FBA didn't had permission on it.

  • MS Forefront Server Security for Exchange Server 2007 SP1 - License Expired - Unable to update

    Hi
    1. My Windows SBS 2008 Server Console shows:
    Virus Protection for e-mail STATUS alert CRITICAL (Forefront Security for Exchange Server)
    Details: None of the engines enabled for updates have been updated in the last week.
    Forefront Security for Exchange Server SP 1
    2. Event Viewer
    Error GetEngineFiles
    Event ID 6012
    Generation: Microsoft Forefront Server Security encountered an error while performing a scan engine update.
    Scan Engine: vBuster (same for microsoft, Kespersky5, Wormlist, etc.)
    Error Code: 0x80004005
    Description: The product license has expired.
    Error Microsoft Forefront Security
    Event ID 7007
    General: None of the engines enabled for updates have been updated in the last week.
    3. About forefront
    Opened Forefront Server Security Administrator > Help > About Forefront
    Forefront Server:
    Version: 10.1.0746
    Service Pack: 1
    Product Id:
    Licensed Components:
    Component: Forefront, License Type: Evaluation, Expiration Date: 16 Dec 2013
    DO I HAVE TO BUY THIS PRODUCT or DO I HAVE TO INSTALL Forefront Security for Exchange Server SP2 or SP3?
    Can please someone advise in this regard,
    Thanks

    -->Component: Forefront, License Type: Evaluation, Expiration Date: 16 Dec 2013
    Evaluation version? didn't activate this product? You
    can convert an evaluation license to a subscription license by activating the product. Be sure to have the product key available when activating FPE. After the product is activated, you can also align when the product expires with your license agreement, and
    easily renew your license by entering a new expiration date.
    Best,
    Howtodo

  • BI Publisher Using BI Server Security

    I have setup BI Publisher to use BI Server security which works well, I can even see the Admin Tab ;-)
    My problem is that I can no longer access the Security>Roles and Permissions Tab. I get a HTTP 500 error.
    Has anyone else come across this problem?
    Thanks,
    Matt

    i managed to resolve with the help of this thread
    Re: BI publisher security mged by OBIEE can't access role (500 internal err
    Basically the SA System is the key.

  • BI Publisher configured with BI Server Security not working for the admins.

    Hello Everyone,
    I have configured the BI publisher to work with the BI server security. Everything is working well with the exception that all users part of the BI Server "Administrators" group are unable to login and get the following error message (message displayed below). If a user is removed from the "Administrators" group then they are able to access the BI Publisher. As indicated everything else is working for exemple all users part of the 'XMLP_Admin' group all have access to the "ADMIN" tab in BI Publisher. The issue seems to be limited to the users part of the BI Server "Administrators" group.
    - Has anyone else ever had this issue?
    - Is this a normal behaviour of BI Publisher?
    - Or the security groups for the BI Server and BI Publisher conflicting?
    Thanks in advance for everyone's help.
    Best regards,
    FBELL
    *********************** Error Message ***************************************
    Oracle BI Publisher Enterprise
    Reporting Login: Login failed: Please contact administrator for your username/password.
    Error Details
    Error Codes:
    ***************************************************************************

    Thanks Madan for your help.
    The group XMLP_Admin was already created and working. The conflict was with security groups outside BI Publisher. What I ended up doing was recreating the principals.xml and security.xml files and rsetting the roles and permissions. Surprisingly that fixed my problem.
    Best regards,
    FBELL.

  • Where to find the doc for Oracle server security

    I am preparing for Oracle 9i upgrade OCP and looking for
    the document which talks about Oracle server security
    which includes Application context, Security Role and etc.
    Thanks

    hi,
    this is the portal content management forum. for your database question please use the database forums:
    http://forums.oracle.com/forums/index.jsp?cat=18
    thanks,
    christian

  • Visa server security tab not visible

    I want to enable the visa server for remote visa connections to the serial port, when I go into MAX to setup the visa server security the tab is not visible. I have a 2nd system and I can see the tab. Is some setting needed to enable the security?

    Hello Chris,
    I would expect that this is because of a version difference in your two machines. What OS are they? What version of VISA are they using? You can see the VISA version in MAX under the software folder. Also, to clarify, are you speaking about the "VISA Options" tab that appears when you select NI-VISA from the software folder, or something else?
    If you need to download a newer version of VISA, see here for all VISA versions:
    http://digital.ni.com/softlib.nsf/webcategories/85256410006C055586256BAC002C51FA?opendocument&node=132070_US
    Hope this helps.
    Scott B.
    Applications Engineer
    National Instruments

  • GPO for Print Server Security settings?

    Hi forum,
    I am setting up a specific OU for print servers and have a GPO assigned to this.
    As we need to apply certain roles to some AD groups we have a need to reflect this to the Print Server Security settings so it gets reflected to the print queues.
    Has anyone found a way to have a GPO to alter the Security settings under the Print Server porperties?
    Thanks,
    David

    Hi David,
    Based on your description, did you mean that want to configure permission of a Print Server via group policy?
    It seems that the target can’t be achieved via group policy. However, you may be able to add some security groups to print servers by using Windows PowerShell. For more details, please refer to following article and check if can help you.
    Weekend
    Scripter: Add Security Groups to Print Servers by Using PowerShell
    If anything I misunderstand or any update, please don’t hesitate to let me know.
    Hope this helps.
    Best regards,
    Justin Gu

  • FND Server Security (Authentication) enabled?

    Hi Guys,
    How to check the "FND Server Security (Authentication)" is enabled?
    Apps 11i
    DB: 10g
    OS: HP-UX
    Thanks,

    Please see the following docs.
    Secure Configuration Guide for Oracle E-Business Suite 11i (Doc ID 189367.1)
    11i: "APP-FND-01542" Error When Logging Directly Into Forms Via the f60cgi in 11.5.10 (Doc ID 293609.1)
    11.5.10 New Features : Managed SQL*Net Access from Hosts (Doc ID 291897.1)
    Thanks,
    Hussein

  • Windows 2012 server security checklist for corporate company standard/recommended check-list

    Hello All,
    Good Day.
    I am looking for Windows 2012 server security checklist (standard hardening
    settings), would you kindly assist me by providing Wintel 2012 standard/recommended check-list ASAP?
    Thanks in advance.

    Hi,
    The Microsoft Security Compliance Manager 3.0 tool is designed to provide you with an end-to-end solution to help you plan, deploy, and monitor security baselines for computers running Windows Server 2012 in your environment.
    For more detailed information, please refer to the articles below:
    Windows Server 2012 Security Baseline
    http://technet.microsoft.com/en-us/library/jj898542.aspx
    Security Hardening Tips and Recommendations
    http://social.technet.microsoft.com/wiki/contents/articles/18931.security-hardening-tips-and-recommendations.aspx
    Regards,
    Mandy
    We
    are trying to better understand customer views on social support experience, so your participation in this
    interview project would be greatly appreciated if you have time.
    Thanks for helping make community forums a great place.

  • Create the SSL (Server Security Layer)  Connection .

    Hello sir
    Here im using the client server connection using throuth TCP Connection .
    Now i need to establish the SSL (Server Security Layer)
    TCP Server and Client Working Properly .
    so any one can help me out.
    Thanking you.

    Now i need to establish the SSL (Server Security Layer) Take care to distinguish it from Secure Sockets Layer.

  • About SCCM 2012 Primary sites sql server security logins

    Hi, guys!
    I've got some issue or some misunderstanding....In primary site's sql security logins there were same accounts as on CAS sql.....(We've got about ten primary servers)....two days ago someone (i'm going to find out that guy....damned...) from branch administrators
    cleared up security list logins on one of primary server and left only two accounts....one of them it is primary site server installation account, second account - there is SCCM all hierarchy administrators group....
    Most of that....that somebody got lower site server installation account role from sysadmin to public....
    Am I right thinking in that way - all sql server security logins on all primary sites in one hierarchy must be identical....it explains by SQL replication.......?????
    How can i get back sql security logins list on that sccm server to normal way....became after installing primary site server....??? need help......  

    Hi,
    Primary sites do not always have the same security logins.
    You need to add NT... accounts, sa etc into security logins. These accounts were added during SQL installation.
    All site system computer accounts (such as MP, DP) and primary site computer account also need to be added.
    Best Regards,
    Joyce
    We
    are trying to better understand customer views on social support experience, so your participation in this
    interview project would be greatly appreciated if you have time.
    Thanks for helping make community forums a great place.

  • White Paper: End-to-End Client/Server Security with the Adobe Flash Platform

    Today we released a sorely needed white paper on end-to-end client/server security with the Adobe Flash Platform.  This information is directly applicable to the Adobe  LiveCycle family as well as Flash RIAs. 
    http://www.slinnbooks.com/books/enterprise/securityWhitePaper.shtml
    Thank you,
    Mike
    Michael Slinn
    http://micronauticsresearch.com
    http://slinnbooks.com

    Hai,
           Delete the certificate in the ABAP system and try importing the new certificate from the EP instance(ADS) and export into the ABAP and check...
    Thanks and Regards,

Maybe you are looking for

  • Windows 7 Installation Media Only Boots into Recovery

    Ever since I've updated to Windows 8, I have been really pleased. Everything works fine but when I was automatically updated to windows 8.1, I wasn't happy. I mostly use my PC for gaming and emulating my favourite classic game consoles. But windows 8

  • CASE Statement in IRR Compute(probable bug)

    In IRR i am not able to create Compute with CASE statement. It is giving me error "Invalid computation expression. THEN" It is simple Compute CASE WHEN A = 'SALES' THEN B + C ELSE B END Also when i noticed the available functions(in Compute screen) T

  • MS SQL2000 Driver for JAVA

    Does anyone use MSSQL2000 Driver for JAVA? I wrote a store procedure which returns multiple resultset. And I wrote a program to retrive all resultsets from it. It works fine with JDBC/ODBC Bridge Driver. But i got problem with MSSQL2000 Driver by usi

  • Empty cache...

    I have been exporting as an ePub and all well but certain elements seem to be slightly move and when I check nothing is moving but something gives...Is it possible to have something to do with the cache? Anyone with such experience? Thank you!

  • After iOS7 update while playing game iphone 5 overheat in just 2-3 mins. How to fix this problem?

    After iOS7 update while playing game iphone 5 overheat in just 2-3 mins. How to fix this problem? Before upgrade to iOS7 I used to play game for hours and never faced this problem. This is specially when I play HayDay. Please advise.