Any security risks with setting up server on home network? I would like to set up a computer running linux or xp as a computer on our home network. We have about 3 other computers on the same network.

My network manager says that it would be a security risk to the other computers on the network if I were to have the server running on the network. The server would be connected to a netgear wireless router and I would have ports 80 and 21 opened just for the internal ip address of the server. (for example, the server is on 192.168.0.3, and I had just the two ports open for it, while there were computers on 192.168.0.2 and 192.168.0.4).

The netgear router has a firewall built into it. Each of the other computers on the network have software firewalls. I would not have a firewall on the server, and I really don't care if someone hacks it. So, what at worst could happen? Would the other computers be at risk?

If you are a professional, I want your opinion also. It would help if you posted your previous experience with related stuff.

Three things come immediately to mind.

1) Make sure your ISP's acceptable use policy allows you to run servers under the type of service you have. Most residential service agreements prohibit serving. That said, many ISP's will authorize very low volume servers for personal, non-commercial use.

2) You indicated port 21 open. If you are thinking about FTP you also need port 20 open. One port is for data and the other for control.

3) Every computer on the network risks being compromised if any member on the network is compromised. Run a firewall on the server. Each computer on the network should also be running malware detection software. The firewall can protect you from compromised code that is attempting to send unauthorized outbound packets.

Servers on a home network is fine as long as you protect the network. I have several servers on my own home network. They receive traffic from the internet for mail, web and ftp services for my own convenience. (I'm a retired international networking consultant.)

I would be using linux (debian) with apache. Would there be a security risk there?

The risk is the same regardless of the OS used.

FYI: I would be using port forwarding on the router.
Well, they make firewalls for linux? Ok. But is that enough?

The system needs to be locked down as tight as possible.
It needs to run anti-virus software and malware detection software.
If not, someone could compromise your system through the ports you are forwarding.
If one system on a LAN is compromised, all systems have a high risk of being compromised as well.
In other words, you need to protect against threats from both external and internal sources.

A simple way to add a significant layer of security for a public server is to put it in a DMZ, or 'de-militarized zone'. This means the server is on a separate subnet from your home PCs, and is not directly accessible from or to any of them.

Wireless security is separate and crucial security problem. If you're not using WPA/WPA2 security and requiring that all clients use it, and enforcing access controls, you're asking to be pwned.