Apache/Linux Security Question (/etc/hosts.allow)
I am trying to secure my RH 7.1/Apache 1.3.26 box from hackers. As far as security is concerned, I have found that more is better, of course.
So, I am up late thinking about this issue. Here is what I am theorizing.
1. It seems that a hacker/cracker requires shell access (telnet or SSH) in order to do their dasterdly deeds and without shell access, they cant do bad things from the inside. Is this correct?
2. If this is correct, then a Linux/Apache server can be made quite secure by blocking all telnet and ssh access in /etc/hosts.deny and opening up ssh access only to known ISPs such as my own. Is this a good assumption?
3. Thus, with tight control over /etc/hosts.deny and /etc/hosts.allow, hackers will have no ability to hack/crack a server. Yes or no?
Your thoughts on these issues are welcome.
