Sfd hanoi2012 nguyen nang thang sfd-2012_chroot_apache

347 views

Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Sfd hanoi2012 nguyen nang thang sfd-2012_chroot_apache

  1. 1. 2012
  2. 2. S F D 2012 @ HUSSecuring an Apache Web Server using Chroot Nguyễn Năng Thắng Fedora Ambassador Vietnam HN Community Space, HanoiLUG, Ubuntu-vn thangnguyennang1988 [at] gmail [dot] com This presentation is licensed under a Creative Commons 2 Attribution-ShareAlike (CC-BY-SA) 3.0 license.
  3. 3. Chroot () environmentChroot jailWorkshop 3
  4. 4. Chroot Environmentchroot () environment? 4
  5. 5. Chroot () Environment 5
  6. 6. Chroot Environment “chroot jail”? 6
  7. 7. Workshop 7
  8. 8. ObjectivesBuilding a chroot environmentSecuring an Apache Web Server using chrootRequirementsServer: Apache Web ServerServer OS: CentOS-5Jail directory: chroot 8
  9. 9. TODOStep1. Create a jail directoryStep2. Install ApacheStep3. Install mod_chrootStep4. Configure Apache mod_chrootStep5. Disable SELinuxStep6. Patch up /etc/init.d/httpdStep7. Start chrooted httpd 9
  10. 10. Step1. Create a jail directory 10
  11. 11. Step2. Install Apache 11
  12. 12. Install ApacheInstall required packages# httpd, httpd-devel, php ...Create required directory /chroot/var/www/html /chroot/var/run /chroot/tmp /chroot/home/httpdNotes /chroot/var/run: store PID ... (root.root) /chroot/tmp: used by many scripts ... (777/???) 12
  13. 13. Step3. Install mod_chroot 13
  14. 14. Install mod_chrootThe mod_chroot projectDownload source code from the InternetUntar the source code Using apxs to compile and install the sourcecode 14
  15. 15. Step4. Configure Apache mod_chroot 15
  16. 16. Step5. Disable SELinux 16
  17. 17. Step6. Patch up /etc/init.d/httpd 17
  18. 18. Step7. Start chrooted httpd 18
  19. 19. Thank you! 19
  20. 20. Questions? 20

×