For folks that never worked on building their own webserver, it does take some work but in the end you will stand to learn that a well planned setup that you build yourself can leave you with a rewarding experience. Personally I used to be completely happy with just simply installing packages or taking a 'ready made' setup and makeing one or two tweeks. But what I have found is that you may end up with little extra things that lurk below your normal attention but are still there that may either be simply undesirable or may even represent vulnerabilities that are just waiting to be exploited. It can really blow up on you if you happen to be unaware of it.
So I decided to take a basic Red Hat Linux version and install just the base components onto an old Dell Inspiron laptop I had laying around and load in all the nessesary pieces (ie. the Apache Webserver, the MySQL database) and setup a basic firewall to help protect it. As an extra challenge, I decided whenever possible, to compile as much as possible from source
code. So far I got as far as setting up the firewall and defining rules, and getting Apache 1.3.41 with SSL support compiled and running.Before I go on, I am going to subject it to a vulnerability assessment to see what aspects of it are open and in need of attention before further progress. This way I can see its attributes (both negative and positive of course) just as it is fresh 'out-of-the-box'.
I will write in later when the tests are done and I get MySQL installed (ah...a day without a SQL query is like a day without solar fusion.)
No comments:
Post a Comment