Web Hosting, web serveri i operativni sistemi Komercijalni hosting, web serveri, bezbednost, operativni sistemi na serverima |
|
Alati teme | Način prikaza |
24. 11. 2013. | #11 |
emperor Selassie
Grand Master
|
Hah, radi! Kako da koristim iptables, ali da radi? I je l' da uključim SELinux ponovo ili ne?
edit: evo iptables -L -v Kôd:
[root@server ~]# iptables -L -v Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 90 6700 ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED 0 0 ACCEPT icmp -- any any anywhere anywhere 0 0 ACCEPT all -- lo any anywhere anywhere 0 0 ACCEPT tcp -- any any anywhere anywhere state NEW tcp dpt:ssh 107 9774 REJECT all -- any any anywhere anywhere reject-with icmp-host-prohibited Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 REJECT all -- any any anywhere anywhere reject-with icmp-host-prohibited Chain OUTPUT (policy ACCEPT 101 packets, 14404 bytes) pkts bytes target prot opt in out source destination Poslednja izmena od Nemanja Avramović : 24. 11. 2013. u 18:48. |
24. 11. 2013. | #12 |
Ivan Dilber
Sir Write-a-Lot
|
Probaj da startujes opet iptables i onda kucaj (kao root):
Kôd:
iptables -I INPUT 3 -p tcp -m tcp --dport 80 -j ACCEPT Isprobaj da li apache radi i ako je sve ok onda uradi /etc/init.d/iptables save (ako sam nesto zeznuo samo restartuj iptables bez snimanja)
__________________
Leadership is the art of getting people to want to do what you know must be done. |
"Hvala" ivanhoe za poruku: |
24. 11. 2013. | #13 |
emperor Selassie
Grand Master
|
To je to, radi! Hvala puno! Sad još da vidim šta sa ovim SELinux-om da radim ali pre toga da namestim neki vhost... sad kreće zezanje
|
25. 11. 2013. | #14 |
Ivan Dilber
Sir Write-a-Lot
|
selinux opusteno mozes da ostavis ugasen, pogotovo ako si sam na serveru. Podesi sve privilegije lepo sa chmod i ne trebaju ti te secure role uopste...
Ako hoces dodatni nivo osiguranja kad podesis sve ostalo na serveru instaliraj si http://aide.sourceforge.net/ i fail2ban
__________________
Leadership is the art of getting people to want to do what you know must be done. |
25. 11. 2013. | #15 |
Pukovnik u penziji
Grand Master
|
Ja još nisam upoznao nekoga da drži selinux uključen. Ne kažem da je loša stvar ali dosta komplikuje održavanje...
|
25. 11. 2013. | #16 |
emperor Selassie
Grand Master
|
Hvala vam puno ljudi eto mene opet sa novim pitanjima kad/ako odlučim da dižem BIND, ili tako nešto
|
Alati teme | |
Način prikaza | |
|
|