From owner-freebsd-questions@FreeBSD.ORG  Thu Dec 15 00:13:49 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 7605E16A41F
	for <freebsd-questions@freebsd.org>;
	Thu, 15 Dec 2005 00:13:49 +0000 (GMT)
	(envelope-from mikeala3@hotmail.com)
Received: from hotmail.com (bay7-f18.bay7.hotmail.com [64.4.11.18])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 2F72443D49
	for <freebsd-questions@freebsd.org>;
	Thu, 15 Dec 2005 00:13:48 +0000 (GMT)
	(envelope-from mikeala3@hotmail.com)
Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC;
	Wed, 14 Dec 2005 16:13:48 -0800
Message-ID: <BAY7-F189657E154043057A1B1409A3B0@phx.gbl>
Received: from 68.237.164.173 by by7fd.bay7.hotmail.msn.com with HTTP;
	Thu, 15 Dec 2005 00:13:48 GMT
X-Originating-IP: [61.95.65.37]
X-Originating-Email: [mikeala3@hotmail.com]
X-Sender: mikeala3@hotmail.com
From: "Mike Esquardez" <mikeala3@hotmail.com>
To: freebsd-questions@freebsd.org
Date: Thu, 15 Dec 2005 00:13:48 +0000
Mime-Version: 1.0
Content-Type: text/plain; format=flowed
X-OriginalArrivalTime: 15 Dec 2005 00:13:48.0585 (UTC)
	FILETIME=[6BC38990:01C6010C]
Subject: Insecure Web App Hosting
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Dec 2005 00:13:49 -0000

i have to install a server that will host a "test drive" of a web app on the 
internet. from my inital look at the app, it looks like it will be a target 
to be exploited. i am not involved with the code so fixing it is not an 
option. what i would like to try and do is host it in a manner where i can 
minimize the risk and damage. it will only have sample data and it doesnt 
have to be "live". some ideas i have-

automate disk imaging or rsync.
read only filesystem.
integrity tool.
live cd version of the app.

any other ideas?????

its using apache/php/mysql and i have explained that it might not be fully 
functional or might have to be offline for a small amount of time each day. 
i have only just switched to freebsd so if any one has any links to some 
docs or tools that would be helpful. thankyou.
Mike

_________________________________________________________________
FREE pop-up blocking with the new MSN Toolbar - get it now! 
http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/