#1  
Old 27th November 2005, 01:30
bersi bersi is offline
Junior Member
 
Join Date: Nov 2005
Posts: 27
Thanks: 0
Thanked 0 Times in 0 Posts
Default Mandriva 2006 Install questions

Hi guys,
Installed ispconfig following the perfect setup.... Things went right and than diddn't and now its scrued up. No worry i want to reinstall the system anyhow. But getting deeper into all the infos in the process of my experiments i wonder about couple of things and i hope someone could clear things up befor i endeavour the next reinstall:
1) i would like to install in the paranoid security state (chrooted) or at least hightest. Does that give problems with ispconifig, and exactly what does?
2) i would rather use the standard Mandriva imap services (updates later on), does that give problems with ispc?
3) i would rather use the standard shorewall firewall and disable the firewall in ispc, does that...
4) i would rather use the sasl2 authentification thane the depriciated saslauthd, does that give problems?

Lots of questions but let mee say, it seems that ISPC is right on the spot! Looked long for a good opensource config panel and think i found it
Reply With Quote
Sponsored Links
  #2  
Old 27th November 2005, 15:40
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

Quote:
Originally Posted by bersi
1) i would like to install in the paranoid security state (chrooted) or at least hightest. Does that give problems with ispconifig, and exactly what does?
I'm almost sure that this will cause problems... These settings are so paranoid that almost nothing is allowed on the system! So don't do it, rather do as suggested by the tutorial.

Quote:
Originally Posted by bersi
2) i would rather use the standard Mandriva imap services (updates later on), does that give problems with ispc?
In the tutorial I use the standard Mandriva imap package...

Quote:
Originally Posted by bersi
3) i would rather use the standard shorewall firewall and disable the firewall in ispc, does that...
Not if you configure it properly... This means that also port 81 must be accessible otherwise you can't access ISPConfig.

Quote:
Originally Posted by bersi
4) i would rather use the sasl2 authentification thane the depriciated saslauthd, does that give problems?
saslauthd is for sasl2, there's no such package for sasl1, so I don't think it's deprecated. Anyway, use it, otherwise you'll have problems with authentication...

The best way to follow the tutorial is to use an SSH client (like PuTTY on Windows) and copy and paste the commands from the tutorial.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 29th November 2005, 09:49
bersi bersi is offline
Junior Member
 
Join Date: Nov 2005
Posts: 27
Thanks: 0
Thanked 0 Times in 0 Posts
Default Thanks Falco

Thanks for your reply,
The thing is i followed the tutorial but was a little concerned about security having had soem problems with that in the past. I already run 3 servers under mandrake but use the Higher setting, and than allow ssh by hand. Anything known if that causes trouble with ispc?

Email
When i install the standard imap i dont see anything aubout the "cyrus..." you state in the tutorial, ut maybe thats concealed buy the mardrake installer, so that what confused me.

Mail authentification
Ok, i followed some other thread on that. Since i am not an expert on this i guess ill follow your arumentation on that .

Firewall
Configuring the new ports in shorewall isnt really that big a problem (you have to to that for mysql anyhow, so thats answered for!

So what im really left with is the sec settings.. paranoid won't do, but what about higher? i woulndt mind setting some services back on again but i'll guess, since i am not an expert on this the overall system would be more secure than the standard install?! And what about the chrooted daemons everybody is talking about (bind, proftp) could i set that up together with ispc?
Reply With Quote
  #4  
Old 29th November 2005, 19:10
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

I think the standard install is already very secure because ISPconfig has its own firewall that blocks requests on all ports that you don't use. I've never tried the "Higher" setting together with ISPConfig so it's up to you to find out if this works.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #5  
Old 29th November 2005, 23:00
bersi bersi is offline
Junior Member
 
Join Date: Nov 2005
Posts: 27
Thanks: 0
Thanked 0 Times in 0 Posts
Smile Ok Falko,

I will do that and report back here, but still arent there exploits wich use just the opened ports? There are as far as i know many descriptions on how to secure lets say bind. So there has to be more on that issue?! Wouldn't you agree? Or for that matter would you consider a whole different distro, lets say the debian based Unbutu or fedora or suse?

Last edited by bersi; 29th November 2005 at 23:05.
Reply With Quote
  #6  
Old 30th November 2005, 00:05
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

Quote:
Originally Posted by bersi
Or for that matter would you consider a whole different distro, lets say the debian based Unbutu or fedora or suse?
If you ask me I'll always recommend Debian (see also http://www.howtoforge.com/forums/showthread.php?t=1393 ), but in the end it's a matter of which distribution you like most.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
cpan> install DB_File make error Nu2Linux HOWTO-Related Questions 6 13th April 2012 22:06
install error on the end of the installation Vegettex Installation/Configuration 2 20th November 2005 23:50
perfect install 5.04 isp on desktop image? bspratt Server Operation 5 6th November 2005 14:27
Mix of Install Problems shawndb Installation/Configuration 5 15th September 2005 09:09
Fresh Install of FC4 using Perfect Install HowTo latcarf HOWTO-Related Questions 21 10th August 2005 22:55


All times are GMT +2. The time now is 09:53.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.