[thelist] Networks, webservers, file servers, etc.

Eduardo Kienetz eduardok at gmail.com
Tue May 2 09:42:15 CDT 2006


> Date: Tue, 2 May 2006 09:34:01 -0400
> From: "Chris Johnston" <fuzzylizard at gmail.com>
> Subject: Re: [thelist] Networks, webservers, file servers, etc.
>
> On 5/2/06, Richard Brown <rich at cregy.co.uk> wrote:
> >
> >
> > I am starting to look at building networks. I have up to now usually
> > used a Netgear 4 port router/hub and ran a network like that. The
> > network usually consists of a variety of OS's but most XP boxes.
> >
> > However, I now want to add into these networks, backup technology and
> > also webservers. I use Mac OS X but can use also XP or Linux sort of! I
> > know I need to use a modem to connect to the net and serve web pages
> > but is it best to use Netgear's in built web pages or default to a
> > purpose build web serverplease? If I built a web server would you then
> > have that as a file server and also as a router please?
> >
> >
> Is this for a business or for something that you are running out of your
> home?
>
> As for how to set it up, if it is just something you are running out of your
> home, then I would get a router/hub that supports a DMZ - Demiliterized Zone
> - and place the web server on that. This will isolate the web server from
> the rest of your network. That way, if the web server gets hacked, your
> other computers are safe.
>
> Along that same line, the only thing I would put on the web server box is
> the web server. Any database, file, print, etc servers should be placed on
> another box inside your firewall. This will prevent them from being hacked
> if and/or when your web server is hacked.
>
> As for a firewall, NAT should be safe enough. I would suggest using a Linux
> box, but OS X and Win XP as also good bets. You just have to know how to
> harden them problem--all three OS's, not just win XP.
>
> If you want to put a computer based firewall between you, your web server
> and the outside world, then I would strongly suggest you take a look at
> Smoothwall[1]. It is an open source firewall/router that is very easy to use
> and also very secure. I would also strongly advice against putting both your
> web server and your firewall/router on the same box. Once again for security
> purposes.
>
> [1] http://www.smoothwall.org/
>
> Chris Johnston
> --
> www.fuzzylizard.com

I agree with Chris in the security point-of-view. You could probably
have a relatively old machine acting as a firewall and have it
separate from your 'data' servers. However, it's not uncommon -
usually due to financial reasons, to see one machine acting are
firewall and also having other services running on. Extra precaution
should be taken in that case.
So, it is important to state if you're gonna be running it as a
professional server or just for home/personal use/testing.

Best regards,

--
Eduardo  Bacchi Kienetz
LPI Certified - Level 2
http://www.noticiaslinux.com.br/eduardo/



More information about the thelist mailing list