Help - Search - Members - Calendar
Full Version: Advice... Making A Mirror
Linuxhelp > Support > Technical Support
Hey I finally got RedHat 7.3 to work with X on my old computer! (I tried using "vesa" drivers instead of the regular "trident" one)

Anyways... I was thinking of helping my friends by setting up an Apache web server and mirroring their files, (and trying to get my lil bro away from crappy hosts like angelfire...). I wasn't sure about leaving my ftp port open all day so this came into mind because I might get a third computer. I have a few questions though...

1. Is it safe? Like, can it easily be hacked, and my other computers on the network also? I also thought about getting one of those free ".tk" (DotTK) so it can hide my ip too....

2. Is my peice of trash good enough? I am not expecting much people on it, but I am suprised at how "ok" my computer is for its stats. Is a Cyrix 6x86L 150MHz, 96MB RAM aight? (Well I got DSL!) And I am not planning to leave X on either because I know how much it can suck all the system resources... (Just for the record... would it still do ok with X)?

3. Can it "kill" my computer? If I leave it on like pretty much 24/7 will the HDDs "erode" and die? Because I know we can shutoff HDs on Windows as a powersaving thing but does it do that in Linux also?

There is an increased risk of intrusion if you have open ports while connected to the web. If you allow a connection to your PC for download ... you can't hide your IP. (for a person to get to your machine to do the download, their computer must connect directly with yours ... and when it is connected, they can see what the IP address is of at least the outside port of your firewall). While you are downloading a file from somewhere (or right after a webpage refresh) type the command (in windows or linux) at a command prompt:

netstat -an

and look for connection types of ESTABLISHED ... that is where you are currently connected.

I would not use RH 7.3 as an FTP server ... RedHat has stopped support for RH 7.3 and they will release no more security updates for it. To see what I mean by security updates, see this list. Actually, only one of those is a vulnurability that would allow root access to your machine via an ftp server (this one)....but if you are also adding a web server then that adds these (1, 2, 3, 4). There are programs built to scan a range of IP's looking for vulnerable computers and programs written to exploit each of these vulnerabilities ... and machines that are not pactched have root kits installed regularly.

This isn't a problem right now for RH 7.3 .... all the above problems are patchable (if you patch your 7.3 with the latest patches), however; there will be no more security patches for RH7.3 ... so there will be no fixing new security issues.

I'm not paranoid ... but I do run business networks as my job. Take a look at the Internet Storm Center and for a information on attacks.

Your machine is older and running a newer distro will not be easy (most require more than 128mb ram to really run X and either gnome or kde) .... If I had to use that machine for a web/ftp server I would probably install debian woody or WhiteBox Enterprise Linux and always boot into console mode (you could install X and gnome (or kde) to use for setup and make it boot to a runlevel that doesn't have a gui ... then type startx if you wanted to use the gui ... however it will be VERY slow.....)
I never allow servers to use power saving features ... and hard drives do crash based on runtime ... but, believe it or not, the most stress that your hard drive has is cause by powering it on (when it goes from 0 rpms up to speed in a very short period of time) ... having it running is less stress than starting and stopping it several times per day. I have 7 PC's in my house ... 4 of them have been running for more than 4 years (pretty much 24/7/365) with the same 8gb hard drives and no failures. (I have only had 1 drive fail in all the seven machines).

At work, we maintain 400 workstations and 10 servers with (with the servers running 24/7/365 and the workstations running 24 hours from Monday morning to Friday evening (so updates can be pushed out). We may have 1 hard drive fail every couple of months (maybe 4 a year)....but those mostly happen after a power surge / power supply issue.
Heh... Thanks man. But now I'M SCARED! LoL. But since I posted a few days ago, I pretty much have the thing setup, but ONLY as an HTTP server (with DNS). After reading up a bit and learning about how insecure telnet, ftp... etc were I was getting paranoid! And about the speed of the computer, as I said, you'd be suprised how that thing runs! KDE 3.0 isn't THAT slow, especially in 800x600 8bit(or was it 16?) and "no gui effects". But now I pretty much know how the apache configuration works and all. And I don't know if this means anything... but "phpinfo()" is LONG right? I checked the page from my friends house to see if it was all ok, and it loaded so frigging FAST!!! Even though my brother was playing games on X at the same time. So I think it will be fair enough for 2-3 web sites of about 100 click-thrus a day each, especially without X, do you agree?

And I have another safety question. I was thinking of using ssh (already setup) to upload files in our site directories from our good computer. Is this safe? Or is there a OpenSSH server config option that lets me select specific ip's to serve with it (like the Apace "allow" and "deny" list)? Because I can't really think of another way... I know I can make a sort of hidden online signup form thing with SSL, and the uploading... But to me that seems like a waste of time and space.

Now I know that we could use that netstat -an to see the ip... But I'm sure nobody even knew that! (lol!)
But will my server still be safe after those patches? (in general... not to the L33t!)

And my HDD is a fairly new (1999 I think) 4GB SCSI drive and I trust it fully tongue.gif And I DID try Debian Woody, but it's too complicated for me! I had to uninstall it because the only thing I was able to configure was X. (With a bit of luck and a bit of help from the installer) Then my stupid eth0 was called something like "ld or ly" and it didn't work. So I'll stick with RedHat for know!

PS: Thanks a lot... !!! But how the hell did you remeber all that? blink.gif
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2018 Invision Power Services, Inc.