Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
Security IT

Ask Slashdot: Security Digests For the Home Network Admin? 123

New submitter halcyon1234 writes "I'm currently cutting the webhost cord, and setting up a simple webserver at home to host a couple hobby websites and a blog. The usual LAMP stuff. I have just enough knowledge to be dangerous; I know how to get everything set up and get it up to date, but not enough to be sure I'm not overlooking common, simple security configurations. And then there's the issue of new vulnerabilities being found that I'm not even aware of. The last thing I want is to contribute to someone's botnet or spam relay. What readings/subscriptions would you recommend for security discussions/heads up? Obviously I already read (too much) Slashdot daily, which I credit for hearing about some major security issues. Are there any RSS feeds or mailing lists you rely on for keeping up to date on security issues?"
This discussion has been archived. No new comments can be posted.

Ask Slashdot: Security Digests For the Home Network Admin?

Comments Filter:
  • by Idbar (1034346) on Friday June 15, 2012 @06:53PM (#40340421)
    When you're done with your setup. Post a story on Slashdot linking to your website, that's a fairly good stress test.

    Bonus points if you add something like "My awesomely new bulletproof website!". That should kick off the reliability test engines from /.
  • by GeneralTurgidson (2464452) on Friday June 15, 2012 @06:55PM (#40340451)
    Most ISPs do NOT allow this kind of stuff. While it might fly under the radar, there is always the possibility they will shut off your access. Besides, with a dynamic IP any change to it will take your website offline until DNS catches up. Hosting is cheap, I don't see why you'd want to cancel it unless it's hurting the bank.
  • by achlorophyl (2205676) on Friday June 15, 2012 @07:37PM (#40340601) Homepage
    if you wanna read about security, read Security Warrior. Hacking Exposed is good. Unix and Linux System Administration covers a lot. Masterminds of Programming has language guys talking about security.
  • by BooRadley (3956) on Friday June 15, 2012 @07:56PM (#40340731)

    Your distro will have a regular patch channel that will address most vendor-introduced vulnerabilities. Patch religiously, and often. At least once per week. It's not like you're responsible for SLA's or regression testing. If you somehow uncover a bug when you patch, muscle through it, and keep going.

    Use a firewall and only expose necessary ports. Protect the ports with strong authentication, encryption where applicable, and possibly a reactive blocker such as fail2ban to keep the script kiddies at bay. If you must run an external SSH server, run it as a seperate process, and only allow key auth, and only for a single user.

    Get on whatever mailing lists or errata lists support your distro and apps, and try and keep up with them. If your apps are maintained as source, try and use the repos to update your apps instead of just relying on standard stable packages. You'll get bug fixes faster (probably bugs as well. See above)

    Use something like logwatch and read the daily mails.

    Also use something like rkhunter to alert you in case something changes.

"In the face of entropy and nothingness, you kind of have to pretend it's not there if you want to keep writing good code." -- Karl Lehenbauer

Working...