[OWASP-LEADERS] Big welcome to Carric / Server Setup

Ingo Struck ingo at ingostruck.de
Thu Nov 7 07:29:24 EST 2002


Hi Carric,

I assume that Mark put you on this list, so welcome at the OWASP staff.
It is really great that you volunteered for some admin work and that you
could provide a hosting location for our production servers.
Thanks a lot!

Some weeks ago I already sent a personal wishlist for the production server
setup, so I simply repost it here:

=== snip ===

Here you go with a detailed wishlist for the server configuration:
(I am currently not sure, whether the BSD or a linux box will be
 used for vulnxml - that makes no difference for me)

1. The file system setup *must* provide separate partitions for
    /var and /tmp
2. The file system setup *should* provide separate partitions for
    /opt , /usr and /home
3. All apache stuff goes to /opt/apache, i.e.:
   /opt/apache/httpd      httpd (preferably 2.0.43, 1.3.27 will do as well)
   /opt/apache/tomcat    tomcat (4.1.12)
   (I will provide the appropriate conf files for httpd 2.0 and for tomcat)
4. The vulnxml application goes to /opt/owasp/vulnxml
    (I will provide this directory in a whole as tar.bz2)
5. absolutely no ftp, telnet, finger or other crap access
6. only port 80 open for remote access (best would be a package filter
   firewall), if *really* necessary port 22 for ssh
5. If it is somehow possible (i.e. you have got the servers near to you)
   NO SSH ACCESS AT ALL

Due to our project goals I expect our apps to be attacked more than
an average web app. Thats why I want the servers as leakproof as
possible.

=== snap ==

Kind regards

Ingo
    






More information about the OWASP-Leaders mailing list