Saturday 18 October 2003


With much alternating joy and excrutiating pain yesterday, Dante and I setup and hardend Nikita in preparation for the great outdoors. She's been battened down to offering five services to the outside (counted based on port scanning her) and only a few more available locally only.

She currently does: ssh (22), smtp (25, no relaying), dns (53, see below), web server (80, apache + php4 but nothing up yet), and spop3 (995, ssl connection w/ std pass auth).

That's all that gets through the firewall. Internally, she really only adds syslog and system stuff like that. Everything else has been removed, NFS and RPC too.

All this in prepartion for hosting the new domain: Dante bought it once we were done and ready. It is up and active now. Nikita is the primary dns server for the domain with doing the backup. Basically, we ownz dis domain, yo. We've got A records for all my machines and all his already, MX records for Nikita as primary, pointing to roxy, and all the good things that domains are.

Mmmm the sweet taste of power. Now if only we had authority for the reverse lookups on our IPs...

No comments:

Post a Comment

Popular Posts