On Fri, 2005-08-05 at 15:30 -0700, Mike Benjamin wrote: > > sbjaerum Wrote: > > 1) The only thing there is a fairly specialized web server, meaning > > that the script-kiddies are going to pass it right by. > > This is very true. Until slimserver gets more popular and you don't > remember to close off the port. Or someone bored finds a hole and gives > the exploit to a script kid. The obscurity of uncommon software is not > security.
It is unwise to put any trust in security by obscurity. The limited functionality of the SlimServer, and its use of Perl, are good. But unless a piece of software has been tested, it is impossible to know how hardened it is. The script's are dumb, but they don't every bother to remove old exploits. They just blindly try every trick every found. So if a hole is found, it will be probed, essentially forever. You are not safer just because you use obscure software or an old and obscure operating system. > > connection. It's just not worth anyone's time. > > While this is very untrue. Yes, very untrue. It is worthwhile to attack any resources you can. Any computer that is on the internet, and can be attacked provides at least a host for subsequent attacks on other machines. More than 13 years ago, I had a security paper published at a NSA conference on this. http://www.pfarrell.com/resume/towardsabstract.html It discusses this topic. A full copy of also on that site. > Anyone who cares about the security of their home systems should not be > giving any more privileges out than those that are absolutely necessary. Very true. Use SSH tunneling, or a VPN. Whether you should expose a Windows machine is left as an exercise to the reader. -- Pat http://www.pfarrell.com/music/slimserver/slimsoftware.html _______________________________________________ Discuss mailing list [email protected] http://lists.slimdevices.com/lists/listinfo/discuss
