Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Vulnerabilities of FTP, Apache and Mail server 1

Status
Not open for further replies.
molecul3

molecul3

Technical User
Apr 17, 2003
182
HK
Hey guys,

I have successfully configured an ftp server, apache and mail server on my Linux machine. I have also configured TCP wrapper along with that. What i would like to know is what are the main vulnerabilities of the ftp, apache and mail server on linux and how do i protect my machine against those vulnerabilities. Hope you guys could help me out as i am relatively new to Linux and its configurations.

Regards.
 
Sort by date Sort by votes
Don't run old versions of the products.

Do shut down other services that you don't need.

Configure FTP to require authentication and then force FTP to keep users confined to their home dirs (if that doesn't ruin your FTP usage model).

Test your CGIs

Make sure your email server isn't running as an open relay




D.E.R. Management - IT Project Management Consulting
 
Upvote 0 Downvote
Thanks for the hints thedaver,

Sorry if it sounds silly, but how do i test the CGIs?

Secondly, my mail server is configured to use an SMTP server on the network. What do I have to do next to secure the mail server?

Thank you once again for the info. Your help is much appreciated.

Regards
 
Upvote 0 Downvote
In addition to what thedaver posted, I would recommend this. I do not know how you setup FTP, Sendmail, and Apache but I would make sure they ARE NOT running as ROOT. Buffer overflows and stuff come out on a routine basis, so you can not make a sure proof solution. But if you at least have them not run as root, then if a vulnerability comes out someone will not get automatic root access.

CGI's are scripts are programs that run when you visit a web page. If you do not have any there is nothing to worry about, except delete the default ones that Apache might have copied. You would test them by running them and reviewing the code primarily. Permissions, who owns it, etc...

Turn off settings in the sendmail.cf (ie: relays, vrfy, expn, etc...). Change the welcome greeting from where it displays the version number to something else, SmtpGreetingMessage is the setting I think.

For FTP make sure anonymous access is disabled, there is usually a /etc/ftpusers file make sure all your system accounts are in there. cat /etc/passwd | egrep -v "youraccount|someotheraccount" | awk -F: '{print $1}' > /etc/ftpusers, should take care of that for you.

Check out bugtraq.com and cert.org, for any new vulnerabilities.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

MP2023
  • Locked
  • Question
mail Server
Replies
0
Views
271
MP2023
MP2023
MP2023
  • Locked
  • Question
Mail Server zimbra
Replies
0
Views
276
MP2023
MP2023
AbidingDude
  • Locked
  • Question
Newbie Apache Cache Question
Replies
5
Views
413
AbidingDude
AbidingDude
bk Patel
  • Locked
  • Question
Openscape 4000 Eco Server
Replies
3
Views
457
bk Patel
bk Patel
Phi_1.618
  • Locked
  • Question
Linux server
Replies
2
Views
327
SamBones
SamBones

Part and Inventory Search

Sponsor

Back
Top