It was never such a heavily visited site, so I guess you're wondering why I started a topic just to tell you this...
Well, the website is now 100% custom-coded XHTML/CSS-valid PHP with high-level database and caching system, running on a self-compiled, self-administrated FreeBSD server. Before I started this project, I knew next to nothing about all these topics.
So to me, it's the end of an epic journey, while to you it's just another website with 10 downloads and a guestbook :)
By the way, first one to find a security hole in the server gets a cookie :) (I'm not doing anything important on there just yet...)
http://chime.student.utwente.nl/qweerdy/
Well, the website is now 100% custom-coded XHTML/CSS-valid PHP with high-level database and caching system, running on a self-compiled, self-administrated FreeBSD server. Before I started this project, I knew next to nothing about all these topics.
So to me, it's the end of an epic journey, while to you it's just another website with 10 downloads and a guestbook :)
By the way, first one to find a security hole in the server gets a cookie :) (I'm not doing anything important on there just yet...)
http://chime.student.utwente.nl/qweerdy/
Absolutely too cool! I just posted elsewhere that I've given up on .NET and was going to go with Apache, mySQL, and so forth. I'm creating a website for a wholesale company but I want to start up my own server for it and others.
FreeBSD was my first choice but, since I only decided this today, Linux, of course, came to mind as well as running Apache on Windows. Any thoughts?
One concern is whether FreeBSD, ie Unix, is just not a good option anymore.
FreeBSD was my first choice but, since I only decided this today, Linux, of course, came to mind as well as running Apache on Windows. Any thoughts?
One concern is whether FreeBSD, ie Unix, is just not a good option anymore.
I'll nmap you once to see if it turns up anything :)
just ftp and http :)
your ftp server is vulnerable to a user list though, may wish to upgrade to 1.2.11 or not use ftp directly (tunneled via ssh for instance or just use scp)
your ftp server is vulnerable to a user list though, may wish to upgrade to 1.2.11 or not use ftp directly (tunneled via ssh for instance or just use scp)
FTP and HTTP are definately not the only services I'm letting through the firewall, could you tell me what settings you used on nmap? You're right about ftp though. I'm thinking about installing a different FTP server, preferably one that's easy to configure, secure, and doesn't have a new vulnerability every 2 days. Any suggestions? :)
DrHoward: I don't really see any Linux distribution that can compete with FreeBSD in ease of installation/maintainance, and that includes Debian. Dependancy hell can bite you on both systems, but on FreeBSD it's much harder to actually break anything. And of course, you can always and easily compile from source if the packages just don't fit. As for performance, I'm really not qualified to say anything about that since I've never really pushed either OS. I've heard MySQL does significantly better on Linux though, but that may have been solved with FreeBSD 5.x.
Edit: Hiro, is it just me or is proFTPd v 1.2.11 not yet released?
DrHoward: I don't really see any Linux distribution that can compete with FreeBSD in ease of installation/maintainance, and that includes Debian. Dependancy hell can bite you on both systems, but on FreeBSD it's much harder to actually break anything. And of course, you can always and easily compile from source if the packages just don't fit. As for performance, I'm really not qualified to say anything about that since I've never really pushed either OS. I've heard MySQL does significantly better on Linux though, but that may have been solved with FreeBSD 5.x.
Edit: Hiro, is it just me or is proFTPd v 1.2.11 not yet released?
hey, Qweerdy
the ppa.exe written by you is wonderful. where have the pnglib.inc and pnglib.lib?
regards.
the ppa.exe written by you is wonderful. where have the pnglib.inc and pnglib.lib?
regards.
hello, all
ok,
i'v found it at :
http://www.madwizard.org/view.php?page=downloads
good luck everyone.
ok,
i'v found it at :
http://www.madwizard.org/view.php?page=downloads
good luck everyone.
just standard nmap and those 2 were the only services that seem to respond, I could probe deeper I guess but I value my internet-access :grin:
well they talked about 1.2.11 having the fix so I assume it exists :)
some distros do the renumbering game though. I use pure-ftpd myself
I find debian, gentoo and freebsd pretty easy to manage/install, just the old installer sucks. The new installer is peachy. :)
well they talked about 1.2.11 having the fix so I assume it exists :)
some distros do the renumbering game though. I use pure-ftpd myself
I find debian, gentoo and freebsd pretty easy to manage/install, just the old installer sucks. The new installer is peachy. :)
perhaps freebsd detects the nmap probe and decides to drop packets from the scanning host for a while? I had that behaviour with my linux firewall...
I could nessus it once if you want
Hiro - thanks, but I think it may be beter if I just run that myself. It'll probably be usefull later anyway, and there's no point in sending more portscans over your internet connection than is absolutely necessary.
As for the missing services on your nmap scan, I think you ran your scan in a really short period in which I was messing with the firewall config. It's really the only logical explaination I can think of. I've never heard of ipfilter being able to detect portscans.
http://www.proftpd.org/ still lists 1.2.10 as being current; perhaps they haven't released the patch yet?
Edit: Just checked out PureFTP. Sounds really good, I think I'll give it a shot :)
As for the missing services on your nmap scan, I think you ran your scan in a really short period in which I was messing with the firewall config. It's really the only logical explaination I can think of. I've never heard of ipfilter being able to detect portscans.
http://www.proftpd.org/ still lists 1.2.10 as being current; perhaps they haven't released the patch yet?
Edit: Just checked out PureFTP. Sounds really good, I think I'll give it a shot :)
qweerdy,
Does FreeBSD have a built in server? I'm trying to figure out Apache.
Does FreeBSD have a built in server? I'm trying to figure out Apache.
drhoward,
FreeBSD's base installation doesn't include a webserver but selecting the Apache package during installation is really all that is needed to install it. You'll still have to do some minor configuration in httpd.conf, but the comments should help you through that. And of course there's about a zillion tutorials out there on httpd.conf.
I forgot if the line APACHE_ENABLE="YES" is added to /etc/rc.conf by the installer, if not then you'll have to do that as well.
PHP support is as easy as installing the "Apache + PHP" package instead of the "Apache" package. If you also want HTTPS support you'll have to compile it yourself, check the fine FreeBSD handbook for info on that (freebsd.org).
FreeBSD's base installation doesn't include a webserver but selecting the Apache package during installation is really all that is needed to install it. You'll still have to do some minor configuration in httpd.conf, but the comments should help you through that. And of course there's about a zillion tutorials out there on httpd.conf.
I forgot if the line APACHE_ENABLE="YES" is added to /etc/rc.conf by the installer, if not then you'll have to do that as well.
PHP support is as easy as installing the "Apache + PHP" package instead of the "Apache" package. If you also want HTTPS support you'll have to compile it yourself, check the fine FreeBSD handbook for info on that (freebsd.org).
How long did it take you to get everything running?
Did you have many struggles coming from a Windows and MASM background? (I'm assuming)
I'm having a helluva time trying to figure out Apache. My thoughts are that if you want to use PHP of Perl you're all set. Anything else and it's a struggle. Especially since I don't know Unix. A lot of the code examples use it and I can't follow it.
Did you have many struggles coming from a Windows and MASM background? (I'm assuming)
I'm having a helluva time trying to figure out Apache. My thoughts are that if you want to use PHP of Perl you're all set. Anything else and it's a struggle. Especially since I don't know Unix. A lot of the code examples use it and I can't follow it.
Nice looking site!
drhowarddrfinedrhoward, I too have recently setup a FreeBSD server running Apache, PHP, MySQL, python, etc. Plus a mail server with web interface.
Before this I knew nothing about Unix but the process wasn't too painful, the FreeBSD ports system makes installing (and upgrading) everything very simple. The only really difficult thing was the webmail, but I followed a qmail rocks guide which walked me through it.
BTW if anyones interested check out my pages that use MathML. Its a really cool way of writing math in web pages.
Before this I knew nothing about Unix but the process wasn't too painful, the FreeBSD ports system makes installing (and upgrading) everything very simple. The only really difficult thing was the webmail, but I followed a qmail rocks guide which walked me through it.
BTW if anyones interested check out my pages that use MathML. Its a really cool way of writing math in web pages.
Perhaps you know the answer to my problem with Apache. I was just trying to get it to call my app whenever I went to index.html so the app would dynamically generate the index page. I set a directive to do that, and it does execute when I go to 127.0.0.1/index.html, but I wanted ALL html pages to be created dynamically. Just like isapi does. When the address is called, the server calls your program.
Hmm, well don't know specifically, but on the wiki I setup in which every page would be dynamic I had to include a script alais to the cgi. That way every address actually gets interpeted by the wiki I believe. Here's the alias, maybe its useful to you:
I run VirtualHosts cause theres more than one site on the server, also I believe the DocumentRoot there has no effect case the aliases overwrite it.
<VirtualHost *:80>
DocumentRoot /usr/local/www/binarynotions/moin
ServerName wiki.binarynotions.com
Alias /wiki/ "/usr/local/share/moin/htdocs/"
ScriptAlias / "/usr/local/share/moin/mainwiki/cgi-bin/moin.cgi/"
</VirtualHost>I run VirtualHosts cause theres more than one site on the server, also I believe the DocumentRoot there has no effect case the aliases overwrite it.
I had gotten so frustrated I uninstalled everything just a few days ago. I'll reinstall Apache and see if that works for me. I tried ScriptAlias but I may not have done it right. Let you know later today. Thanks.
drhowarddrfinedrhoward:
Did you try mod_rewrite? Perhaps something like this will work:
... will internally redirect requests for any index.html to /index.cgi, and set the environment variable DIR to the part of the url that came before the /index.html part. Untested, but this should work.
Did you try mod_rewrite? Perhaps something like this will work:
RewriteEngine on
RewriteRule ^(.*)/index.html /index.cgi [E=DIR:$1]
... will internally redirect requests for any index.html to /index.cgi, and set the environment variable DIR to the part of the url that came before the /index.html part. Untested, but this should work.