public inbox for gentoo-user@lists.gentoo.org
 help / color / mirror / Atom feed
From: Jarry <mr.jarry@gmail.com>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] Running HTTP and DNS on same machine
Date: Thu, 18 Aug 2011 20:47:21 +0200	[thread overview]
Message-ID: <4E4D5E39.30401@gmail.com> (raw)
In-Reply-To: <CAN0CFw2TTGMyaAGJYX3ptcCLty-8RGLXgusZ6dyJ7zAK54HeTA@mail.gmail.com>

On 18-Aug-11 20:22, Grant wrote:
>>>> Just to counter all of the scary stories,
>>
>> I do run dns with www on the same server (in addition to ftp,
>> mail, and a few more things), but each of those services in
>> its own vserver-guest...
>
> Are those vserver-guest instances for security?  I didn't know people
> used those for each service they run on the same machine.

It is a kind of "better chroot". Some services are not easy
to make running chrooted but can still run in vserver guest.

I think it is good to have services running separated.
If one of them gets compromised, others still keep running.
One more extra layer of security, worth trying. The only
service I'm running on "master-server" (host) is ssh on
non-standard port, with pretty tight firewall rules...

Jarry

-- 
_______________________________________________________________
This mailbox accepts e-mails only from selected mailing-lists!
Everything else is considered to be spam and therefore deleted.



  parent reply	other threads:[~2011-08-18 18:49 UTC|newest]

Thread overview: 26+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-08-17 20:56 [gentoo-user] Running HTTP and DNS on same machine Grant
2011-08-17 21:08 ` Alan McKinnon
2011-08-17 21:22   ` kashani
2011-08-17 21:43     ` Alan McKinnon
2011-08-17 22:08       ` kashani
2011-08-17 22:51         ` Alan McKinnon
2011-08-18  0:50           ` Peter Humphrey
2011-08-17 21:49   ` Grant
2011-08-17 22:09     ` Alan McKinnon
2011-08-17 21:23 ` Michael Mol
2011-08-17 21:53   ` Alan McKinnon
2011-08-18  1:35     ` Michael Mol
2011-08-18 18:17       ` Florian Philipp
2011-08-18 18:36         ` Michael Mol
2011-08-19  7:17           ` Alan McKinnon
2011-08-17 23:51 ` Paul Hartman
2011-08-18  0:18   ` Adam Carter
2011-08-18  0:40     ` kashani
2011-08-18  1:56     ` Grant
2011-08-18 17:26     ` Jarry
2011-08-18 17:39       ` Michael Mol
2011-08-18 18:22       ` Grant
2011-08-18 18:38         ` Michael Mol
2011-08-18 18:47         ` Jarry [this message]
2011-08-18 21:48     ` Stroller
2011-08-18  0:35   ` Pandu Poluan

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4E4D5E39.30401@gmail.com \
    --to=mr.jarry@gmail.com \
    --cc=gentoo-user@lists.gentoo.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox