Hi Steve! I would be very careful about specifics to a list; especially if you plan to later advertise you work there. Using another name or alias for security questions is generally best. See my suggestions below. On Tue, Jun 14, 2011 at 10:41 PM, Steve Phariss wrote: > I may have a job putting a compramised system back into production > (actually we are moving them from Ubuntu to a RHEL VM...) > Be sure to do your feasibility research BEFORE making a technical recommendation. A feasibility plan takes into consideration ALL of the various daemons and services as well as other things which much connect and network (iSCSI for instance). What will you do if one of their programs (Mason-CM) won't work with RHEL VM? > > I am still lacking some details but they are running apache, Mysql AND > Postgres, Drupal, and something called *Mason*-*CM. I am not sure why > the two DBs but if there is not a good reason I will move them off of one or > the other. > * Mason-CM is required for one of their apps. You will break upwards compatibility if you move them. Run both. > * > Anyone have any good docs on securing Apache, Drupal, the DBs, or Mason-CM? > * That's too blanket of a question. Apache/SSL/postgresql all have insecurities based on version. Everything can be "hacked" or configured just to work, not to work securely. Apache runs with many additional features, for instance mod-proxy. Drupal runs with third party contributed modules -- not all secure as the government learned last year in a famous hack. DB's are only as good as the underlying security model. Read the docs for Mason-CM (but again it's going to be dependent for sql injection protection on the underlying code base or app). The best I can suggest is to run Rapid7 Nexpose security scanner against your configuration and mitigate each thing one by one. But before you rebuild, you might take a minute to determine the "attack vector". > * > Thanks > > Steve > * > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > -- (602) 791-8002 Android (623) 239-3392 Skype (623) 688-3392 Google Voice * *Server Engineer/Security Administrator HomeSmartInternational.com