Filter
Top Products
Installing Red Hat* Enterprise Linux 4*
Intel® Server Board S5000PAL
42
3) Enabling these options allow the specified services to pass through the firewall. Note, these
services may not be installed on the system by default. Make sure you choose to enable any options
that you may need.
• Remote Login (SSH)
• Secure Shell (SSH) is a suite of tools for logging in to and executing commands on a remote
machine. If you plan to use SSH tools to access your machine through a firewall, enable this option.
You need to have the openssh-server package installed in order to access your machine remotely,
using SSH tools.
• Web Server (HTTP, HTTPS)
• The HTTP and HTTPS protocols are used by Apache (and by other Web servers) to serve web-
pages. If you plan on making your Web server publicly available, enable this option. This option is not
required for viewing pages locally or for developing webpages. You must install the httpd package if
you want to serve webpages.
• File Transfer (FTP) The FTP protocol is used to transfer files between machines on a network. If you
plan on making your FTP server publicly available, enable this option. You must install the vsftpd
package in order to publicly serve files.
• Mail Server (SMTP) If you want to allow incoming mail delivery through your firewall, so that remote
hosts can connect directly to your machine to deliver mail, enable this option. You do not need to
enable this if you collect your mail from your Internet Service Provider’s server using POP3 or IMAP,
or if you use a tool such as fetchmail. Note that an improperly configured SMTP server can allow
remote machines to use your server to send spam.
Note: By default, the Sendmail mail transport agent (MTA) does not accept network connections
from any host other than the local computer. To configure Sendmail as a server for other clients,
you must edit /etc/mail/sendmail.mc and change the DAEMON_OPTIONS line to also listen on
network devices (or comment out this option entirely using the dnl comment delimiter). You must
then regenerate /etc/mail/sendmail.cf by running the following command (as root):
make -C /etc/mail
You must have the sendmail-cf package installed for this to work.
Additionally, you can now setup SELinux (Security Enhanced Linux) during your installation of Red Hat
Enterprise Linux.
SELinux allows you to provide granular permissions for all subjects (users, programs, and processes) and
objects (files and devices). You can safely grant an application only the permissions it needs to do its
function.
The SELinux implementation in Red Hat Enterprise Linux is designed to improve the security of various
server daemons while minimizing the impact on the day-to-day operations of your system.
Three states are available for you to choose from during the installation process: