On Wednesday 19 January 2005 07:21, Jay O'Brien wrote: > I've brought up a 5.3 Release machine as a learning tool, > with apache 1.3. It is on a LAN with Windows machines, and > port 80 (and only port 80) is open and directed by the > Linksys router to the FreeBSD machine. It is working fine so > far, but my learning curve is slower than I would like. > > I know that there's lots to learn and do later about > security, when I bypass the Router and use the FreeBSD box > as the NAT device, but for now I would like to confine my > learning to Apache, with only port 80 open. I do have ftp > and ssh enabled on the LAN for access by the Windows boxes. > > As I haven't done anything for security on the FreeBSD > machine, am I exposed to anything by having port 80 open? Is > there anything I should do now?
It's in the nature of any webserver software that it provides rich picking for hackers. If it's a learning tool, don't expose apache to the internet, you can test it perfectly well from your local network. If you want to access it from a remote location, then setup your FreeBSD firewall to allow access from a limited range of ip addresses. _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
