[sllug-members]: Fedora Core 5 help wanted

Lamont R. Peterson lamont at gurulabs.com
Wed Sep 27 23:18:10 MDT 2006 

On Tuesday 26 September 2006 01:49pm, mark.k.spute at l-3com.com wrote:
> Hello Everyone.
>
> <Newbie Alert>
>
> I am looking for some extensive help with a new workstation cum server box.
> I have already installed Fedora Core 5, and now I need some help setting up
> the security settings etc.  It has never been connected to the internet,
> and I want to make sure it is secure before I do.

If you can wait for about 3-4 weeks, FC6 will be out.  If not, it's not hard 
to upgrade from FC5 -> FC6 without having to reinstall.

> My plan for the box is to be my home workstation and my web/mail server.
>
> My next steps after the security settings are as follows:
>
> Connect to the internet.
> Run Yum Update to update all installed software.
> Install Bind (named) in a chroot jail and secure it.
> Install the following servers and secure them:
>      Apache
>      some kind of secure FTP program

Use vsftpd.

>      Samba
>      SendMail
>      some kind of IMAP server (Cyrus?)

How many users are going to access this IMAP server?  If it's going to be less 
than 20, just use Dovecot, unless you're familiar and comfortable with 
Cyrus-IMAP.  If it'll be near to or over 20, go with Cyrus.

> Then I want to install the following application software:
>      Bluefish
>      Gimp
>      Lyx
>      SpamAsassin
>      FireFox
>      Thunderbird
>      Webmin

If you care about security, don't install webmin.

>      Webalyzer
>      some kind of spam poisoner
>      OpenOffice
>      Mambo or Joomla or equivalent content management system
>      WP for Linux (I have an old caldera disk - If this is possible.)

WP == ??  WordPress?  Word Processor?

Even if you have the source code discs from an old Caldera release, it would 
probably be way more work than it's worth to try to run any software from 
them on a modern distro.

> I'm pretty paranoid about security.  I still don't know enough about Linux
> to tell if my system has been compromised, so I want to make sure it's as
> hard to compromise as possible.  Also, I'm worried about my sendmail

Don't use sendmail.  Use postfix or exim, which both come with Fedora Core.

> system 
> being taken over.  I want to set it up so it sends mail from my machine
> directly, and I want to be able to log in to my e-mail via emap to check
> and delete mail during the day.  I get tons of spam, and I would like
> something like spamassasin to help get rid of all the junk mail -
> Thunderbird just doesn't seem to be able to handle it anymore.
>
> I'm thinking most of this will be done little by little over a several week
> period (2 to 3 weeks) and could even be set up to be done remotely.
> However, what do I know.  Maybe the whole thing could be done in a few
> hours for someone who really knows what they are doing.

I think that if I were doing it, that would just a few hours work for most of 
it.  I haven't played with everything on your lists (for example, 
spamassassin) much, so I'm not sure how long that part would take.

> I can pay you a little, or I can ply you with pizza and Pepsi.

How generous :) .

> Mark
>
> <Newbie Alert\>

If you haven't got anything worked out with someone, yet, I might be able to 
find some time in the next couple of weeks (not next week, though; I'll be in 
St. Louis).
-- 
Lamont R. Peterson <lamont at gurulabs.com>
Senior Instructor
Guru Labs, L.C. [ http://www.GuruLabs.com/ ]

NOTE:  All messages from this email address should be digitally signed with my
       0xDC0DD409 GPG key. It is available on the pgp.mit.edu keyserver as
       well as other keyservers that sync with MIT's.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://sllug.org/pipermail/sllug-members/attachments/20060927/a207e911/attachment.pgp

More information about the sllug-members mailing list