Can you help me understand how to approach a couple issues of server security. (1) I want to run things in 'silos', so that if someone from the web has hacked and has code level access to example.com/blog they can't query the db of example.com/app (2) If they do get access to a user database, how do I make it harder for them to figure out passwords (beyond just storing them as md5)? [more inside]
posted by the mad poster!
on Nov 16, 2011 -
Please help me configure and secure my Ubuntu-based combined home file server/public web server/VNC server! I am building a low-ish power home file server, which will likely run Ubuntu 11.04 or 11.10 (possibly server edition), and I should be able to set up a basic samba share easily enough. But I would also like to use the same computer to serve a few basic webpages, and I would like to provide ssh and ideally VNC or RDP-like access from outside the LAN. I can probably get the basic software set up, but I'm a n00b when it comes to NAT stuff, firewalls, and security issues generally. I would also appreciate help with setting up dynamic DNS. [more inside]
posted by dilettanti
on Oct 7, 2011 -
SSHFilter: I'm trying to disable authentication by password for SSH users accessing a server from a remote location. By everything I've read it seems like I've done exactly that, but I can still log in from a remote machine using a password only. Help me get that to stop. [more inside]
posted by scrutiny
on Apr 22, 2010 -
A question for IT and telecoms boffins: Help me understand voicemail. Specifically, what would need to go wrong with a mobile phone company's voicemail server for it to randomly connect customers to the mailboxes of complete strangers? Is it more likely to be an isolated technical glitch, a systemic network security problem, intentional foul play, or something else?
posted by embrangled
on Jul 21, 2009 -
I have a new EeePC 1000HE with Windows XP, which I want to use for both web development and casual web browsing. Are there security issues with installing Apache and PHP on a machine that is also used to access public wireless internet? If so, what steps can I take to make my netbook more secure?
posted by oulipian
on Apr 5, 2009 -
Hosting SQL Server and IIS on the same co-located server: Good idea, bad idea, or terrible idea? [more inside]
posted by JohnFredra
on Mar 17, 2009 -
Apache2 security theory; mod_php versus CGI php and the use of suExec: What is the non-theoretical problem with running Apache2 with mod_php and thus without using suexec on a dedicated system? [more inside]
posted by odinsdream
on Jun 10, 2008 -
Am I secure from hacking if I open the router port for remote desktop to our win 2003 server? I will have a good password and limit logon attempts.
posted by canoehead
on Aug 14, 2007 -
If you ran a Debian server and one day noticed that telnet and apt-get were segfaulting, how would you proceed? [more inside]
posted by jojopizza
on Jan 2, 2006 -
Help me better secure my server (and workstations). I sit behind a Firebox X700, with an Exchange server, active directory, etc. Today the external address became blacklisted on the CBL. A machines are on SP2 and everything is up to date patch wise. I'm currently running malware detection on all machines. I'd like an effective antivirus program... [more inside]
posted by geoff.
on Nov 8, 2005 -