October 12th, 2002, 03:52 PM
well it has been sometime since I have touched unix. I know you said Linux. It's been mmmmm 8 years +. So what I am doing is a home project. Not really sure if it will fly. Really doing it to challange myself to learn php, mysql, and all the ends and outs of running a website. If people like it great. If not, no loss. Don't want to invest alot of money as it is only a project or concept.
I do honestly appreciate your feedback and everyone elses as it has made me understand many pros and cons about alot of things that I didn't even consider at the beginning of this project.
October 12th, 2002, 03:56 PM
If you're thinking about making any kind of investment in learning, I suggest that you install Linux. You can even dual-boot with Windows if you don't have another machine. You will learn a lot more than if you install it under Windows.
October 23rd, 2002, 02:09 AM
Well... BSD and Linux are free, Apache is free, so it can't get much cheaper than that.
This said, if you are just going to learn how to program and won't publish it to anyone but yourself, it really doesn't matter diddly what OS you are running. I would opt for Apache though, becous if you are going to run PHP scripts, chances are that apache is the system you will encounter when you start wrighting code that will end up on the internet.
If you are unfamiliar with *nix and don't want to spend time learning it, I would NOT reccomend it for you. I like *nix, and especially BSD, but it do take time to get into for a newbie. I think the other responses assumed that you where going to take care of a production server. The way I read your message now you only want to be a web programmer. If this is the case, it's usually someone else that deals with security of the servers like some kind of web hosting, or some kind of IT staff on a/your company (you still have to worry about wrighting secure scripts though)
October 27th, 2002, 10:59 PM
You have described how a network works with hubs. Using a switch is more secure as it does not broadcast every message out to every user on the local network. It keeps a table (CAM table in CISCO speak) telling it which MAC address is on each of its ports. When the switch gets a packet it only forwards the packet out the proper port to the computer it is addressed to. VLANS are even more secure as when there is a broadcast message it only gets sent to every computer on that VLAN.
Back to securing e-mail over the web, php based or any other way. You should use SSL (www.openssl.org) without question. This will encrypt the data which will keep it safe from "most" of the people that may be sniffing your network.
I am no expert but this has been my experience.
October 27th, 2002, 11:49 PM
I remember seeing an article awhile ago that said it is possible to sniff traffic through a switch, though. Not sure how, but the gist of it was to not rely on switches for security.
October 28th, 2002, 08:07 PM
Switch sniffing requires you to flood the switch with ACK packets so that it will then start acting as a hub. This is so called fallback behaviour, however not every switch exhibits this.
Alternatively you can "spoof" your MAC address to match the targets MAC address. Good quality new switches are not vulnerable to either attack mentioned.
Additionally for either attack to work you need to be served off the same switch as the target user e.g. be on same LAN.
Now the hub sniffing you described requires the network adapter to be put in promiscuous mode, which not all cards support oh and be on the same LAN segment.
LAN Packet interception is very much an end case in comparison to DNS related spoofing methods freebsd described.
If you’re after "securing" the contents of emails whilst in transit then there is always s-mime. This method works with all email servers and most modern email clients.
SMTP over SSL whilst possibly more secure requires your mail server and the recipient mail server to support it, most do not.