Subject: security for netbsd as web server
To: None <email@example.com>
From: Amadeus Stevenson <firstname.lastname@example.org>
Date: 03/25/2005 23:02:01
I've been pondering security for a web server + database server
recently, in order to make it as secure as possible.
The obvious things for me were:
-database server accessible only from web server via local network
-tried-and-tested versions of apache and cgi software (no new exploits
-ipfilter block all default, allow in www with keep state
-securing cgi for code injection etc. (probably biggest area of
Is there anything else you could do? Password rotation? What would you
do if you had to run, say, a security-critical (eg. a bank or paypal)
system? Would you use netbsd? Why not (if so)?
Sorry if this is the wrong group - I'm thinking about netbsd for this
as for me it's stripped down service wise to a minimum as it is.