Port forwarding and security

Jon1001 · 14-May-2008, 09:45 AM #1

I recently set up a webserver using an old pc that i had lying around and I am thinking of using port forwarding to forward http requests to that computer. I am just wondering how secure this is. I have nothing else on the pc, no personal data so it really is just a server. Thanks in advance.

lunarlander · 14-May-2008, 02:28 PM #2

The security concern here is how secure is the web site that you're hosting. If you're running just a static web site with no PHP, CGI things, then that is usually pretty secure, since there is no interactive stuff for attackers to ticker with. Also make sure that that web server machine is fully patched, as there can be vulnerablities in the underlying OS. The general fear is that once an attacker sucessfully gets a foothold on the web server machine, he can go on to attack the rest of the network. If you have a router with a true DMZ that provides an isolated subnet, then put your web server machine in that subnet.

Jon1001 · 15-May-2008, 07:16 AM #3

Thanks for the reply. I'll be using php and mysql and possibly perl, python in the future so in that case it is more of a concern. In reality I won't use it very much outside of my own home so I guess I will probably just turn port forwarding on when I need it. My router does have DMZ so I will have a look into that as well. Thanks very much for your help.

lunarlander · 17-May-2008, 11:36 AM #4

If you are writing the PHP code yourself, the general advice is not to trust user supplied values. Validate and Validate and Validate all user input.

Search
Search in:
Show Threads Show Posts
Advanced Search

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)