Can you help me understand how to approach a couple issues of server security. (1) I want to run things in 'silos', so that if someone from the web has hacked and has code level access to example.com/blog they can't query the db of example.com/app (2) If they do get access to a user database, how do I make it harder for them to figure out passwords (beyond just storing them as md5)? [more inside]
posted by the mad poster! on Nov 16, 2011 - 13 answers

Please help me configure and secure my Ubuntu-based combined home file server/public web server/VNC server! I am building a low-ish power home file server, which will likely run Ubuntu 11.04 or 11.10 (possibly server edition), and I should be able to set up a basic samba share easily enough. But I would also like to use the same computer to serve a few basic webpages, and I would like to provide ssh and ideally VNC or RDP-like access from outside the LAN. I can probably get the basic software set up, but I'm a n00b when it comes to NAT stuff, firewalls, and security issues generally. I would also appreciate help with setting up dynamic DNS. [more inside]
posted by dilettanti on Oct 7, 2011 - 6 answers

How can I get my Semantic MediaWiki to display and sort BibTeX data the way I'd like? [more inside]
posted by Marty Marx on Jan 18, 2011 - 1 answer

SSHFilter: I'm trying to disable authentication by password for SSH users accessing a server from a remote location. By everything I've read it seems like I've done exactly that, but I can still log in from a remote machine using a password only. Help me get that to stop. [more inside]
posted by scrutiny on Apr 22, 2010 - 2 answers

A question for IT and telecoms boffins: Help me understand voicemail. Specifically, what would need to go wrong with a mobile phone company's voicemail server for it to randomly connect customers to the mailboxes of complete strangers? Is it more likely to be an isolated technical glitch, a systemic network security problem, intentional foul play, or something else?
posted by embrangled on Jul 21, 2009 - 9 answers

I have a new EeePC 1000HE with Windows XP, which I want to use for both web development and casual web browsing. Are there security issues with installing Apache and PHP on a machine that is also used to access public wireless internet? If so, what steps can I take to make my netbook more secure?
posted by oulipian on Apr 5, 2009 - 5 answers

Hosting SQL Server and IIS on the same co-located server: Good idea, bad idea, or terrible idea? [more inside]
posted by JohnFredra on Mar 17, 2009 - 8 answers

Apache2 security theory; mod_php versus CGI php and the use of suExec: What is the non-theoretical problem with running Apache2 with mod_php and thus without using suexec on a dedicated system? [more inside]
posted by odinsdream on Jun 10, 2008 - 7 answers

Am I secure from hacking if I open the router port for remote desktop to our win 2003 server? I will have a good password and limit logon attempts.
posted by canoehead on Aug 14, 2007 - 11 answers

If you ran a Debian server and one day noticed that telnet and apt-get were segfaulting, how would you proceed? [more inside]
posted by jojopizza on Jan 2, 2006 - 20 answers

Help me better secure my server (and workstations). I sit behind a Firebox X700, with an Exchange server, active directory, etc. Today the external address became blacklisted on the CBL. A machines are on SP2 and everything is up to date patch wise. I'm currently running malware detection on all machines. I'd like an effective antivirus program... [more inside]
posted by geoff. on Nov 8, 2005 - 4 answers