Advice sought on machine web-server safe
STYMA, ROBERT E (ROBERT)
stymar at lucent.com
Thu Nov 17 15:42:31 UTC 2005
> Well, that is more or less what I have done -
> so my question is, how secure will that be?
>
> I was reading some apache security documents,
> and they seemed frighteningly complicated.
>
> You have reassured me the issue may not be as difficult
> as I suspected.
>
If your home network connection has a dsl/cable router
with NAT attached to it, things can get a lot simpler.
You can tell the router to forward port 80 to your
machine running apache and that will be the only resource
visible from the outside. NAT (Network Address Translation)
can be a very effective firewall. If you don't explicitly
tell the router to forward an inbound connection, it is
just thrown away because the router does not know where
to send it. The IP tables and other firewall techniques
are still good, but you can simplify things alot with
NAT.
Bob Styma
More information about the fedora-list
mailing list