[Herts] CENTOS 5.1 LAMP

nicolas at jetblackjelly.com nicolas at jetblackjelly.com
Thu Jun 26 10:02:50 BST 2008


Time for a new dedicated server - in preparation I have been building a test server at home. Based on Centos 5.1 the aim is to install the minimum amount of services and a tight configuration to help keep the server secure.
I have based my configuration on the following sets of notes. 




Although they do not always agree.. :(

Observations / Questions!

1. Various Howto's advise or curse SELinux - Any thoughts?

2. One of the howto's recommends removing a long list of packages to tidy up the install, fair enough. Until I try to remove indexhtml which insists on taking 35 other packages with it - including the kernel. It seems all these dependencies are by design. Very strange!

3. FTP - Spent way too long looking at the options for Proftpd which I currently use, but it is not in the Centos base distro and VSftpd, in the Centos distro but no official webmin module, configuration etc.. I have solved the problem now.. The server won't have an FTP server - SFTP only.

4. Firewall - My current server uses the KISS firewall script which has worked well. http://www.geocities.com/steve93138
So, this was my first choice. The scripts tests for - ipt_state, and ipt_multiport - but these tests fail!


modprobe ipt_state 
modprobe ipt_multiport

Work fine. I have removed the tests from the script, but it would be nice to fix it properly


I am also puzzled as to why a number of the Modprobe commands are duplicated in the script and the effects of not loading the other modules mentioned in the script.  

Thanks again for any thoughts. 


More information about the Herts mailing list