Insecure Web App Hosting
Pietro Cerutti
pietro.cerutti at gmail.com
Wed Dec 14 16:31:36 PST 2005
On 12/15/05, Mike Esquardez <mikeala3 at hotmail.com> wrote:
> i have to install a server that will host a "test drive" of a web app on the
> internet. from my inital look at the app, it looks like it will be a target
> to be exploited. i am not involved with the code so fixing it is not an
> option. what i would like to try and do is host it in a manner where i can
> minimize the risk and damage. it will only have sample data and it doesnt
> have to be "live". some ideas i have-
>
> automate disk imaging or rsync.
> read only filesystem.
> integrity tool.
> live cd version of the app.
>
> any other ideas?????
What about putting your services in a jail(8) ?
>
> its using apache/php/mysql and i have explained that it might not be fully
> functional or might have to be offline for a small amount of time each day.
> i have only just switched to freebsd so if any one has any links to some
> docs or tools that would be helpful. thankyou.
> Mike
>
> _________________________________________________________________
> FREE pop-up blocking with the new MSN Toolbar - get it now!
> http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
>
--
Pietro Cerutti
<pietro.cerutti at gmail.com>
Beansidhe - SwiSS Death / Thrash Metal
<www.beansidhe.ch>
Windows: "Where do you want to go today?"
Linux: "Where do you want to go tomorrow?"
FreeBSD: "Are you guys coming or what?"
More information about the freebsd-questions
mailing list