"This week we discuss IPSec issues; an FTP client that supports SSL; "owning" Apache; EML extensions; listing of port numbers; connecting a Linux machine to the Internet; and stateful firewalls."

"Who should own Apache? I have nobody as the owner and the group, but I'm not sure if this is safe or not...."

"I have had a discussion with a colleague about different types of firewalls. He scorned at my mentioning the Linux ipchains and said that ipchains is a stateless firewall, meaning (I figured) that a stateful firewall is more secure since it can trace individual connections instead of individual packets. I can understand the advantage of a stateful firewall for doing things like SSL in a load-balanced environment, but I do not see how it improves security. Would you say that a stateful firewall is a more secure technology (I am not talking about any particular implementation), and if it is, why?"

Complete Story

Related Stories:
Installing a secure web server(Dec 11, 2000)
Netscape 6, Part I: Detection and Scripting(Dec 05, 2000)
Red Hat Bug Fix Advisory: Updated web server module packages are now available for Red Hat Linux 7(Nov 28, 2000)
Red Hat Bug Fix Advisory: Updated web server module packages are now available for Red Hat Power Tool 7(Nov 28, 2000)
Network Security Tool SAINT Updated(Nov 05, 2000)
Red Hat Security Advisory: Updated Secure Web Server packages now available (Oct 28, 2000)
Red Hat Security Advisory: Updated apache, php, mod_perl, and auth_ldap packages available (Oct 24, 2000)
SuSE.de: Installation of a Secure Web Server(Oct 19, 2000)