Hi,
I would like to know which kind of security should we implement for a RaQ4 running as web / ftp server and caching DNS.
It's good you ask. You really should've asked on the security list, but nonetheless it's good you ask.
Should we create a firewall using ipchains?
Yes.
Should we just use TCP wrappers and host.deny + host.allow?
Yes.
Any advice?
I hope so. ;-)My short version: do as much as you can! Learn tcp_wrappers, learn ipchains and then some. Read up on every security related list/site you can get your hands on, ie. cert.org/securityfocus.com/linuxtoday.com.
Educate yourself until you burst and then educate yourself some more. Get a spare box (secondhand, who cares) and put it in your network. Run RedHat 6.2 on it, as it is what Cobalts are based on. Secure *that* first. You'll learn tremendously.
Tip of the day: get openssh before anything else and learn to use it. Then, ditch telnet.
Definitely a short version, sorry... Nico