Hi Andres, Looks like I answered the wrong question, sorry :-(
Can you tell us more about where the Moodle and EduBlog will be deployed? Will it go on the existing Debian based servers in Uruguay or will it go on a server which is in a data center and access from Uruguay schools via WAN (private or Internet)? In terms of authentication to Moodle, I think the best you can do with the XO is to have user name/password on the first try. Then Moodle cookies the browser so its recognized and you don't need to login again. That's my guess but I think Tarun knows more about the available options. Let me know if that is closer to what you are asking. Thanks, Greg S > ------------------------------ > > Message: 2 > Date: Mon, 6 Oct 2008 20:22:48 -0200 > From: Andr?s Ambrois <[EMAIL PROTECTED]> > Subject: Re: [Server-devel] Password-less authentication with moodle > (Martin Langhoff) > To: [EMAIL PROTECTED] > Cc: [EMAIL PROTECTED] > Message-ID: <[EMAIL PROTECTED]> > Content-Type: text/plain; charset="iso-8859-1" > > Hi Greg! > > Thanks for your insight. Currently, the scope of our project is restricted > to the application (id est Moodle) layer, and my question was directed > towards > authentication at that level.But your notes are very relevant for > installations in the future. Thank you! > > In reply to your comments, school servers in Uruguay have no public > presence. I dont know the details but I would think this is done with a > firewall blocking everything but monitoring services used by LATU. > > With some luck we will be able to work on these lower layer problems in > deployment at later stages. > > Cheers! > > On Monday 06 October 2008 11:58:49 Greg Smith wrote: >> Hi Andres, >> >> I missed one key one. >> >> Have a known clean backup. Add user data to it if you can, but backup >> regularly. Be ready to restore to a clean backup on short notice if you >> are compromised and need to start from scratch. >> >> Thanks, >> >> Greg S >> >> Greg Smith wrote: >>> Hi Andres, >>> >>> A few comments to get you warmed up. I will ask the current EduBlog team >>> to give you more suggestions and details too. >>> >>> 1 - My understanding of the current XS design is that it has one >>> interface visible to the Internet and another visible to the school >>> only. It seems pretty secure that way but it can open up a bunch of >>> security issues if you expose the School side interface to the Internet. >>> You may need to do that in order to run EduBlog on the Internet so let >>> us know ASAP which services are available on public routed interfaces. >>> >>> 2 - Use denyhosts (http://denyhosts.sourceforge.net/) or some other >>> protection against dictionary style attacks on any public facing >>> interfaces. >>> >>> 3 - Put an anti-virus tool on the box. e.g. clamAV. Especially if your >>> PHP, Apache, Moodle, SQL services are visible publicly its important to >>> have a second line of defense in case some virus SW gets on the box. >>> >>> 4 - Run a port scan yourself (e.g. Nessus). Also, watch and protect >>> yourself against being port scanned by an attacker. >>> >>> Those are some suggestion off the top of my head. I'll try to collect >>> all suggestions from EduBlog round 1 and get those to you as well. >>> >>> HTHs. >>> >>> Thanks, >>> >>> Greg S >>> >>> ************ >>> >>> Date: Sun, 5 Oct 2008 14:52:25 +1300 From: "Martin Langhoff" >>> <[EMAIL PROTECTED]> Subject: Re: [Server-devel] Password-less >>> authentication with moodle To: " Andr?s Ambrois " >>> <[EMAIL PROTECTED]> Cc: [EMAIL PROTECTED] Message-ID: >>> <[EMAIL PROTECTED]> >>> Content-Type: text/plain; charset=ISO-8859-1 On Sun, Oct 5, 2008 at 5:29 >>> >>> AM, Andr?s Ambrois <[EMAIL PROTECTED]> wrote: >>> >> >> - What's your timeframe? >>> > > >>> > > The timeframe for our project is 5 weeks starting from last >>> >>> Wednesday, in >>> >>> > > which I need to cover the interface (Moodle and Wordpress theming), >>> >>> course >>> >>> > > configuration, authentication, modifying Write to enable blog >>> >>> posting, and >>> >>> > > document all this for a manual. >>> >>> Ouch - that's very tight! >>> >>> > > I'm glad I wasn't that far off :) . Are these required >>> >>> modifications documented >>> >>> > > somewhere? >>> >>> Not yet. We're finishing off 0.5 - will be looking into this for 0.6 >>> or 0.7, not too far away, unlikely to be "done" in the next 5 weeks >>> either :-/ >>> >>> cheers, >>> >>> >>> >>> m >> _______________________________________________ >> Server-devel mailing list >> [EMAIL PROTECTED] >> http://lists.laptop.org/listinfo/server-devel > _______________________________________________ Server-devel mailing list [EMAIL PROTECTED] http://lists.laptop.org/listinfo/server-devel
