Yasushi Okubo wrote: > But I know how to setup iptables, but do not have much experience for > security management to protect this box from security threat through > application servers like apache/tomcat. That's probably going to be your biggest problem. How well has your web application been tested and reviewed for security? Where has it come from? What does it do with unexpected data? Has a team of inventive, clever people spent time trying to break it? There are companies that specialize in testing this sort of stuff; security isn't a switch that one can simply flick on -- there's no point firewalling everything except HTTP access if the web application is vulnerable to SQL injection attacks. In my opinion, a linux box with no open ports is pretty damn secure. Opening up access to the web application will therefore probably only expose holes in your web application (and the webserver, but Apache's pretty well trusted!) jack -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
