first time security configuration for webserver

[InsaneHamster]

hi im first time configuring a server
i want to log EVERYTHING cause im on a little kids chat site and the basterds hate me and always attempt to hack me

so im just wondering whats the best way to go about it

iptables for one ?
then like mysql apache2 and those online snort scanners in php for two?

anything else

im a n00b clearly and i want to make sure its as secure as possible

at this point i will use a mail client (right now i got ssmtp gentoo)

and this mail client will send all messages to my blackberry
what would u recommend as the best mail client for a webserver with this type of forwarding

thank u

[kamagurka]

I would emerge shorewall, which is a nice but powerful frontend to iptables (which is just brainfuck to configure). The default logging is from shorewall is a lot of output, and setting it to verbose (logging everything) would flood the fuck out of your poor blackberry. I still need to see the kiddy who can get past a reasonbly configured iptables on a *nix box, though.
If you want to go all out, look into honeypots and tripwire.
_________________
If you loved me, you'd all kill yourselves today.
--Spider Jerusalem, the Word

[InsaneHamster]

[think4urs11]

some starters for your quest

http://httpd.apache.org/docs/2.0/misc/security_tips.html
http://dev.mysql.com/doc/refman/4.1/en/security-guidelines.html
http://www.php.net/manual/en/security.php
http://www.gentoo.org/doc/en/security/security-handbook.xml?full=1#book_part1_chap3
_________________
Nothing is secure / Security is always a trade-off with usability / Do not assume anything / Trust no-one, nothing / Paranoia is your friend / Think for yourself

[InsaneHamster]