MrC Wrote: > Any port opening represents a possible attack vector. Meaning, there's > software at the other end listening, and if there are flaws in that > software, they can and will eventually be exploited. > > You'd be better off setting up an SSH tunnel, as SSH server > implementations are widely scrutinized and deployed. Best to trust a > couple of security providers who specialize in such things.
I'm not going to disagree with any of this, except to say that the likleyhood of an attack being mounted against slimserver on :9000 are very (extremely) low. The vast majority of "attacks" are simply automated scripts looking for known flaws in commonly used software. SlimServer simply isn't a big enough target to warrant the attention required for someone to find a flaw, craft an exploit and add it to a scanner. Of course if you really annoy someone and they happen to know what they're doing, all bets are off :) So by all means use a tunnel, it's certainly more secure, but I (personally) wouldn't be particularly unhappy about running it as an open service. -- radish _______________________________________________ Discuss mailing list [email protected] http://lists.slimdevices.com/lists/listinfo/discuss
