I may be an excellent software developer, but I'm a mediocre system administrator. Some of the stuff here may be obvious to the experienced, but I need the reminders and cheat sheets. Also, I want to record some of the lessons I've learned along the way.
Contents
General Security Links
Apache Proxy used as an Open Mail Relay by spammers
I've completely disabled the proxy capabilities in Apache until I can figure out how to properly close this vulnerability. As I research this, here are some links I've found interesting:
Tracking the Wily Proxy Hackers describes the exact situation in which I found myself. The solution mentioned there, totally disabling the proxy capability, is what I've done for a temporary solution. Long term, I really want to figure out how to control the proxy capability, rather than nuke it altogether.
Apache 1.3.28 release notes describe the problem with respect to the Apache 1 releases, but I'm running Apache 2.
Email DNS Blacklists
BL-Monitor is a free visual tool to analyze DNSBL response times and effectiveness for the DNSBL servers you use.
TrustedSource checks the reputation of an email sender.
Other security links
http://ist.uwaterloo.ca/security/howto/ Mostly applicable to University of Waterloo environment, but plenty of generic information, too.
http://www.linux-sec.net/Harden/server.gwif.html Looks like a great collection of information.