Prev-20 Home Next-20 5 msg DSA/DSS keys and DSA 1576-1/CVE-2008-0166. 2 msg openssl/openssh fixes for lenny (testing) 2 msg openssl / x509 certs 2 msg leakage of keys? 2 msg dowkd.pl - how the blacklist data is generated ? 8 msg Re: [SECURITY] [DSA 1576-1] New openssh package... 4 msg dowkd.pl via Package 1 msg CHAO BAN 32 msg Re: [SECURITY] [DSA 1571-1] New openssl package... 4 msg Broken link on Debian CVE Web page (Was: [SECUR... 10 msg Re: [SECURITY] [DSA 1571-1] New openssl package... 3 msg Re: [SECURITY] [DSA 1575-1] New Linux 2.6.18 pa... 1 msg Mystery of Lyle & Louise is Making Headlines 1 msg Herr Bühler Arbeite nicht mehr bei der V-ZUG AG 5 msg Re: [SECURITY] [DSA 1573-1] New php5 packages f... 4 msg Re: [SECURITY] [DSA 1572-1] New php5 packages f... 3 msg Question about Security securing server \ Jean-Paul Lacquement (7 May 2008) . \ Yves-Alexis Perez (7 May 2008) . . \ Jean-Paul Lacquement (7 May 2008) . . . \ Abdul Bijur Vallarkodath (7 May 2008) . . . . \ Steve (7 May 2008) . . . . . \ Arture Le Coiffeur (7 May 2008) . . . . . \ Abdul Bijur Vallarkodath (7 May 2008) . . . . . . \ Steve (7 May 2008) . . . . . . \ Harry Jackson (7 May 2008) . . . . . . \ Daniel Leidert (7 May 2008) . . . . . \ Bernd Eckenfels (7 May 2008) . . . . \ Oliver Antwerpen (7 May 2008) . . . . . \ Rich Healey (13 May 2008) . \ weakish (7 May 2008) . . \ martin f krafft (7 May 2008) . \ Bernd Eckenfels (7 May 2008) . . \ Jean-Paul Lacquement (7 May 2008) . . . \ Julien Gormotte (7 May 2008) . . . \ Maik Holtkamp (8 May 2008) . \ Brent Clark (7 May 2008) . \ Holger Wesser (7 May 2008) . \ Stephen Vaughan (7 May 2008) . \ Alex Mestiashvili (7 May 2008) . . \ Alex Mestiashvili (7 May 2008) . \ Ticlea Petru Alexandru (7 May 2008) . \ Simon Brandmair (7 May 2008) . . \ martin f krafft (7 May 2008) . \ Simon Valiquette (7 May 2008) . \ Onno Gabriel (7 May 2008) . \ P PRABHU (8 May 2008) . . \ Rich Healey (13 May 2008) . \ Bjørn Mork (8 May 2008) . \ phobot (9 May 2008) . . \ Noah Meyerhans (9 May 2008) . . . \ weakish (9 May 2008) . . \ Johannes Graumann (9 May 2008) . \ Simon Brandmair (9 May 2008) 1 msg Re: [SECURITY] [DSA 1570-1] New kazehakase pack... 2 msg Re: [SECURITY] [DSA 1569-1] New cacti packages ... Prev-20 Home Next-20

Prev-Msg Prev-Thread Debian-security May-2008 Next-Thread Next-Msg Subject: Re: securing server Group: Debian-security From: Simon Valiquette Date: 7 May 2008 Jean-Paul Lacquement un jour écrivit: > Hi, > > I plan to secure my Debian stable (or testing if you say it's better) server. > > The followings daemon are installed : > - proftpd > - apache2 > - ssh > If you need to offer a public ftp access, and that you don't need all the features of proftpd, I would suggest you to use vsftpd instead. vsftpd is probably the most secure ftp server currently available, It is extremely easy to configure and also happens to be one of the most efficient ftp server. If you need authenticated connexions, as previously mentionned, sftp is probably your best solution, as the FTP protocol is inherently insecure. For the rest, I think people have already pointed out the most important packages and documentation, except maybe selinux (but that involve more work, and is probably only relevant once the other suggestions have been taken care of). Simon Valiquette -- To UNSUBSCRIBE, email to debian-security-REQUEST with a subject of "unsubscribe". Trouble? Contact listmaster Prev-Msg Prev-Thread Debian-security May-2008 Next-Thread Next-Msg

© 2004-2008 readlist.com