[KLUG Members] Hey you...got a server suggestion?

Bruce Smith members@kalamazoolinux.org
22 Nov 2002 08:46:57 -0500

Previous message: [KLUG Members] Hey you...got a server suggestion?
Next message: [KLUG Members] Hey you...got a server suggestion?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> I made the leap this week and signed up for DSL with
> seemingly the only provider able to bring it to my house.
> (JAS, for those that are wondering.) I went with a business
> package, which will allow me to run my own server.
> (pppphtphtpphtpht Charter...) Here are my intentions:
> 
> - To VPN in from work or wherever.
> 
> - To run my own mail server.
> 
> - To run my own web server, where I plan to host at least
> two sites, possibly 3.

All sounds very doable.

> I intend to have an IPCOP server with 3 NIC's: red to the
> world, orange to a DMZ, green to the family network. A
> couple of questions:
> 
> - Should the web and mail services be separated to two
> servers? If so, should they be in their own DMZ's? 

If you're going to have small (low traffic) web sites and
email, then I personally would run it all on the same box
and save the electric bill a little.

> - What, if any, modifications to sendmail should I consider
> to avoid being abused (open relay, etc.)? Is the default
> installation secure enough? (doubtful, that's why I'm
> asking). The ISP has issued me the stern warning that if
> spam originates from my server, they will shut it down
> without asking. Besides that, spam is the spawn of satan
> and is not welcome in this house.

All recent distributions of Redhat ship sendmail with 
relaying turn off, but it doesn't hurt to double check it.
Go to work (or someplace outside your home), and set your
outgoing mail server to your home server.  Press SEND.
It should tell you that site doesn't relay.

Make sure you keep up with all the latest updates for you
site, and remove all unneeded services.

And if you have a WAP (wireless) be extra careful!  The
latest "thing" is for people to drive around until they
find an open WAP with internet access, and use that access
point to send out spam!

> - With three interfaces, squid, VPN, and DMZ, what kind of
> beef should I consider for the IPCOP server? I currently
> have a P100, 16 MB, 1 GB HD and it works great. 

Probably good enough.  Seems like there is a presentation at
the next KLUG meeting about different firewalls available.
Might be worth checking out.  ;-)

> I'm open to any other suggestions as well. It's one thing
> to maintain everything that has been passed to you from the
> previous network dude, but this is my home network now and
> I have the opportunity to build it right from the ground
> up. Thanks in advance for any suggestions!

An excellent way to learn!!!

--------------------------------------------
Bruce Smith                bruce@armintl.com
System Administrator / Network Administrator
Armstrong International, Inc.
Three Rivers, Michigan  49093  USA
http://www.armstrong-intl.com/
--------------------------------------------

Previous message: [KLUG Members] Hey you...got a server suggestion?
Next message: [KLUG Members] Hey you...got a server suggestion?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]