RW wrote: > On Wednesday 19 January 2005 07:21, Jay O'Brien wrote: > >>I've brought up a 5.3 Release machine as a learning tool, >>with apache 1.3. It is on a LAN with Windows machines, and >>port 80 (and only port 80) is open and directed by the >>Linksys router to the FreeBSD machine. It is working fine so >>far, but my learning curve is slower than I would like. >> >>I know that there's lots to learn and do later about >>security, when I bypass the Router and use the FreeBSD box >>as the NAT device, but for now I would like to confine my >>learning to Apache, with only port 80 open. I do have ftp >>and ssh enabled on the LAN for access by the Windows boxes. >> >>As I haven't done anything for security on the FreeBSD >>machine, am I exposed to anything by having port 80 open? Is >>there anything I should do now? > > > It's in the nature of any webserver software that it provides rich picking > for > hackers. > > If it's a learning tool, don't expose apache to the internet, you can test it > perfectly well from your local network. If you want to access it from a > remote location, then setup your FreeBSD firewall to allow access from a > limited range of ip addresses. >
Thanks, but what I want to know is what risk I have with port 80, and only port 80 open. Jay _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
