[thelist] Networks, webservers, file servers, etc.

Ken Schaefer Ken at adOpenStatic.com
Tue May 2 20:54:46 CDT 2006


This is probably anathema to various people on the list, but I'm going to
disagree with what people have said before.

Do not install your own firewall on an old PC (at least, not to start off
with).

Get some experience *first* before you start branching off into more complex
things. Otherwise you'll be forever running around trying to work out whether
the problem is in the OS, your applications, your LAN configuration or just
how you've configured your various protocols.

If you have a NAT router, then just use that for the time being.

My suggestion to get started?

Pick an OS. My suggestion is whatever you are most familiar with, but you can
pick anything.

Get a book on managing a network with that OS. Read it

That way, you'll be familiar with Windows Server, or MacOSX, or *Nix, rather
than trying to learn too many things at once. If you go down to your local
bookstore you will see why I'm recommending this. There are books dedicated
to just single portions of operating a network on just a single OS. The whole
area is *huge*. So, just get a general book on Windows Server, or whatever
NOS (network OS) you want to use.

Once you have that working, start worrying about other OSes, and worrying
about running applications on top of these OSes.

Once you have your network stable, and have a good idea on networking
protocols and where to configure them, start worrying about setting up your
own proxy server, or firewall, and exposing it to the 'net. Until then, you
run the risk of misconfiguring things just to "get it working", and ending up
with a compromised network.

Cheers
Ken

--
My IIS Blog: www.adOpenStatic.com/cs/blogs/ken
Tech.Ed Boston 2006 See you there: Everything the web administrator needs to
know about MOM 2005

:  -----Original Message-----
:  From: thelist-bounces at lists.evolt.org [mailto:thelist-
:  bounces at lists.evolt.org] On Behalf Of Eduardo Kienetz
:  Sent: Wednesday, 3 May 2006 12:42 AM
:  To: thelist at lists.evolt.org
:  Subject: Re: [thelist] Networks, webservers, file servers, etc.
:  
:  > Date: Tue, 2 May 2006 09:34:01 -0400
:  > From: "Chris Johnston" <fuzzylizard at gmail.com>
:  > Subject: Re: [thelist] Networks, webservers, file servers, etc.
:  >
:  > On 5/2/06, Richard Brown <rich at cregy.co.uk> wrote:
:  > >
:  > >
:  > > I am starting to look at building networks. I have up to now
:  usually
:  > > used a Netgear 4 port router/hub and ran a network like that. The
:  > > network usually consists of a variety of OS's but most XP boxes.
:  > >
:  > > However, I now want to add into these networks, backup technology
:  and
:  > > also webservers. I use Mac OS X but can use also XP or Linux sort
:  of! I
:  > > know I need to use a modem to connect to the net and serve web
:  pages
:  > > but is it best to use Netgear's in built web pages or default to a
:  > > purpose build web serverplease? If I built a web server would you
:  then
:  > > have that as a file server and also as a router please?
:  > >
:  > >
:  > Is this for a business or for something that you are running out of
:  your
:  > home?
:  >
:  > As for how to set it up, if it is just something you are running out
:  of your
:  > home, then I would get a router/hub that supports a DMZ -
:  Demiliterized Zone
:  > - and place the web server on that. This will isolate the web server
:  from
:  > the rest of your network. That way, if the web server gets hacked,
:  your
:  > other computers are safe.
:  >
:  > Along that same line, the only thing I would put on the web server
:  box is
:  > the web server. Any database, file, print, etc servers should be
:  placed on
:  > another box inside your firewall. This will prevent them from being
:  hacked
:  > if and/or when your web server is hacked.
:  >
:  > As for a firewall, NAT should be safe enough. I would suggest using
:  a Linux
:  > box, but OS X and Win XP as also good bets. You just have to know
:  how to
:  > harden them problem--all three OS's, not just win XP.
:  >
:  > If you want to put a computer based firewall between you, your web
:  server
:  > and the outside world, then I would strongly suggest you take a look
:  at
:  > Smoothwall[1]. It is an open source firewall/router that is very
:  easy to use
:  > and also very secure. I would also strongly advice against putting
:  both your
:  > web server and your firewall/router on the same box. Once again for
:  security
:  > purposes.
:  >
:  > [1] http://www.smoothwall.org/
:  >
:  > Chris Johnston
:  > --
:  > www.fuzzylizard.com
:  
:  I agree with Chris in the security point-of-view. You could probably
:  have a relatively old machine acting as a firewall and have it
:  separate from your 'data' servers. However, it's not uncommon -
:  usually due to financial reasons, to see one machine acting are
:  firewall and also having other services running on. Extra precaution
:  should be taken in that case.
:  So, it is important to state if you're gonna be running it as a
:  professional server or just for home/personal use/testing.
:  
:  Best regards,
:  
:  --
:  Eduardo  Bacchi Kienetz
:  LPI Certified - Level 2
:  http://www.noticiaslinux.com.br/eduardo/
:  --
:  
:  * * Please support the community that supports you.  * *
:  http://evolt.org/help_support_evolt/
:  
:  For unsubscribe and other options, including the Tip Harvester
:  and archives of thelist go to: http://lists.evolt.org
:  Workers of the Web, evolt !



More information about the thelist mailing list