[ydl-gen] making YDL secure for Apache
Derick Centeno
aguilarojo at verizon.net
Tue Jul 24 11:13:07 MDT 2007
Hi Paul:
Here is an official TSS link to various HOWTOs which I believe address
various aspects of your query; look under the category listed as HTTP,
FTP, and NFS:
http://www.terrasoftsolutions.com/support/solutions/ydl_general/
Regarding building "bullet proof" security there are a variety of
products out there addressing various needs. Out of the variety of
products available only a few provide true open source versions of their
products which are not evaluation versions (which fail after a certain
period). Each product follows a particular approach, strategy or
philosophy; in my view a product which can be flexible to one's own
changing environment and modified accordingly is an available open
source tool which deserves to be tried. Of course, should one approach
the need for a level of service beyond the open source product -- then
one will have collected sufficient experience to expect better
facilities and options from the commercial version.
The available open source security system which I have used within YDL
is known as Open Source Tripwire (OST). It is available here:
http://sourceforge.net/projects/tripwire/
A comparison of features between open source tripwire and the commercial
versions of tripwire is available here:
http://www.tripwire.com/products/enterprise/ost/
At tripwire's website there's a rather nice security technical reference
located here:
http://www.tripwire.com/resources/tech_library/rec_reading.cfm
I'm sure the same list of recommended texts can be acquired from Barnes
& Nobles or Amazon.com at competitive prices.
Their work in security stands on it's own and their contribution
regarding open source is significant and generous in my view -- OST is a
serious tool when implemented properly.
As OST works within the YDL environment upon compiling from source
should you realize that the commercial versions are more useful to you
then contacting the tripwire tech/sales department regarding a
commercial version which runs within YDL would be the next step to
explore. I've not had the need to use the commercial versions of
tripwire and so can make no comment regarding it other than to refer you
to tripwire's website.
Here's an official TSS comment on commercial and open source
applications in general:
http://www.terrasoftsolutions.com/products/faq/redhat.shtml
Best wishes...
On Tue, 2007-07-24 at 07:01 -0700, Paul Worbey wrote:
> Hello:
>
> Where can I find documentation on configuring my Yellow Dog Linux to make it a 'bullet proof secure' Apache webserver. PHP will extract data from MySQL databases running locally and externally (on a different host at a different IP address).
>
> Thank you.
>
> Paul
>
>
>
> ______________________________________________________________________
> Need a vacation? Get great deals to amazing places on Yahoo! Travel.
>
> _______________________________________________
> yellowdog-general mailing list
> yellowdog-general at lists.terrasoftsolutions.com
> http://lists.terrasoftsolutions.com/mailman/listinfo/yellowdog-general
> HINT: to Google archives, try '<keywords> site:terrasoftsolutions.com'
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.terrasoftsolutions.com/pipermail/yellowdog-general/attachments/20070724/cf66e1bb/attachment.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.terrasoftsolutions.com/pipermail/yellowdog-general/attachments/20070724/cf66e1bb/attachment.bin
More information about the yellowdog-general
mailing list