How secure is my simple webserver?

The place to post if you need help or advice

Moderators: ChrisThornett, LXF moderators

How secure is my simple webserver?

Postby hubris » Sat Jan 12, 2013 10:59 pm

Hi,

please can I get a view/opinions on how secure my setup is. I basically want to run python's SimpleHttpServer to expose one directory over the internet.

I'm running debian squeeze with all the latest security updates.
I've got my router port forwarding only for ssh and 8000.

For ssh I use shared keys.

I use fail2ban to prevent repeated ssh attempts.

Using ufw I've only enabled access for the ports for ssh and port 8000.

Some of the above isn't relevant for port 8000, but do you think it's okay for me to expose a folder for any amount of time to the world using python's SimpleHttpServer for file download?

Thank you in advance.
hubris
 
Posts: 18
Joined: Sat Apr 23, 2005 1:09 pm

Postby leke » Wed Jan 16, 2013 9:56 pm

I'm just in the process of setting up mine too and found this article helpful: https://help.ubuntu.com/community/SSH/O ... onfiguring

I'm also looking into this MetaSploit app as I hear it's pretty easy to run some automated security tests at the server. It looked a little tricky to set up, so I've installed a distro called BackTrack on a live usb stick to run it as I hear it's pre-installed.
User avatar
leke
LXF regular
 
Posts: 508
Joined: Mon Oct 22, 2007 5:45 pm
Location: Oulu, Finland


Return to Help!

Who is online

Users browsing this forum: No registered users and 1 guest