Security for webserver behind router?
Jay O'Brien
jayobrien at att.net
Wed Jan 19 18:49:00 PST 2005
RW wrote:
> On Wednesday 19 January 2005 07:21, Jay O'Brien wrote:
>
>>I've brought up a 5.3 Release machine as a learning tool,
>>with apache 1.3. It is on a LAN with Windows machines, and
>>port 80 (and only port 80) is open and directed by the
>>Linksys router to the FreeBSD machine. It is working fine so
>>far, but my learning curve is slower than I would like.
>>
>>I know that there's lots to learn and do later about
>>security, when I bypass the Router and use the FreeBSD box
>>as the NAT device, but for now I would like to confine my
>>learning to Apache, with only port 80 open. I do have ftp
>>and ssh enabled on the LAN for access by the Windows boxes.
>>
>>As I haven't done anything for security on the FreeBSD
>>machine, am I exposed to anything by having port 80 open? Is
>>there anything I should do now?
>
>
> It's in the nature of any webserver software that it provides rich picking for
> hackers.
>
> If it's a learning tool, don't expose apache to the internet, you can test it
> perfectly well from your local network. If you want to access it from a
> remote location, then setup your FreeBSD firewall to allow access from a
> limited range of ip addresses.
>
Thanks, but what I want to know is what risk I have with port 80,
and only port 80 open.
Jay
More information about the freebsd-questions
mailing list