by Keegan Al » Wed, 13 Nov 2002 01:02:11
I was hoping to share-out my htdocs folder via NFS to another system
on my network, but this server is a webserver and has unrestricted
access to the Internet. Is NFS secure enough to do this? If I open
it and specify only another system on my network -- 10. range - am I
opening up myself to attacks ?
Just checking. Thanks for the help.
Keegan.
by Tim Hayne » Wed, 13 Nov 2002 01:20:18
Have you considered WebDAV instead? Presumably if you've got an htdocs
foder then you've already got a web-server on the box for some reason,
so... :)
~Tim
--
Take death on wheels / Re-create the land |http://spodzone.org.uk/
by Jim Levi » Wed, 13 Nov 2002 09:01:52
> I was hoping to share-out my htdocs folder via NFS to another system on my
> network, but this server is a webserver and has unrestricted access to the
> Internet. Is NFS secure enough to do this? If I open it and specify only
> another system on my network -- 10. range - am I opening up myself to attacks
> ?
for security reasons, it would be a "good thing" to use an IPtables local
firewall on the web server to protect it from malicious Internet access.
Typically a web server only need to allow inbound HTTP/HTTPS and possibly FTP
connections.
--
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=
The instructions said to user Windows 98 or better, so I installed RedHat
by Nico Kadel-Garci » Wed, 13 Nov 2002 13:34:27
Keeping it internal is quite common: it relies on the firewall somewhat.Quote:> Hello,
> I was hoping to share-out my htdocs folder via NFS to another system
> on my network, but this server is a webserver and has unrestricted
> access to the Internet. Is NFS secure enough to do this? If I open
> it and specify only another system on my network -- 10. range - am I
> opening up myself to attacks ?
NFS is famous for all sorts of * security holes: as a minimum, I'd block
the NFS ports at your firewall and restrict the NFS access to read-only if
possible.
1. Apache 'web-tree' security issue -> Index of......
Hi there,
A dumb question, but I can't seem to find the answer..
I am using Apache 1.3x..
It works really fine, I was playing a little with mod_rewrite and
noticed that when a directory doesn't contain a index.html all files
in that directory are listed...
(Example: http://www.ikarus-modellbau.de/clips/ )
When I just installed the server this wasn't the case,
I know that I have changed some settings in httpd.conf the last few
weeks.
My question: I can't seem to find what parameter needs to be changed
to disable the above problem:
What I want is that when you enter the above URL you should get an
error, or message that the page cannot be found..
Thanks in advance for the help..
Bye Bye
David
3. Newbie: security on newly mail server, web server & mysql, ftp
5. manual, tutorial or howto about security on a linux web server mail server
7. Web Content via NFS, performance issues....
9. Tuning Web Server and NFS Server
10. mail server, web server, nfs file system questions...
12. Web Content via NFS, performance issues?
13. SGI Security Advisory 19970503-01-PX - runpriv Security Issue