On Sun, Mar 2, 2014 at 12:30 PM, W. Martinjak <mats...@play-pla.net> wrote:
> > On 2014-03-02 14:20, Mark Wendt wrote: > > In my other recent reply I mentioned my security concerns. These small, > > light weight web servers just don't seem to have much security built into > > them. Yes, SSL is a good thing, but that only encrypts "that" single > data > > stream, while not really securing the server itself. Even full-blown web > > servers running Apache can be broken into if they aren't configured > > correctly, and that previous link that was posted for that small python > web > > server didn't leave me with a good basis for presuming the web server was > > secure, or could easily be made so by the user. > > > > I'm just not thrilled with the idea of running a web server on a machine > > that's controlling a big hunk of heavy, fast moving metal that can do > > damage (and lots of it) by someone on the outside with mischief or > > malicious intent on their mind. Once somebody's in your network, and if > > they've gotten that far there's a decent chance they can get on your > > controller machine, who's to say they couldn't wreak havoc with an > unsecure > > web server which is one of the easiest things to hack into? > > > > I ain't buying the idea that it's a good thing to introduce into this > kind > > of environment. For security and safety reasons. > > > > Mark > > > Wow! > This is the FUD of the year. > And mentioning of theUS Navy (some posts above) in this context > scratches slightly on a chutzpah... > ...sigh! > Sigh. No, it's not FUD. It's over 20 years of system and network administration running big iron network servers, from file servers, to web servers to mail servers and so on. Developers tend to look at the "WOW, look what I can do!" side of the house, while us system administrators must live in the real world and pick up the pieces from the "WOW" projects. The US Navy is where I work now. I've also worked out in the civilian world doing the same thing. There are plenty of instances in the last few months alone of web sites from supposedly secure installations being hacked. Does the name "Target" ring a bell? You can do what you want with your machines and your network. For me, I'll leave the server stuff on the servers, and the work machines running the minimum of software necessary for the task. Mark ------------------------------------------------------------------------------ Subversion Kills Productivity. Get off Subversion & Make the Move to Perforce. With Perforce, you get hassle-free workflows. Merge that actually works. Faster operations. Version large binaries. Built-in WAN optimization and the freedom to use Git, Perforce or both. Make the move to Perforce. http://pubads.g.doubleclick.net/gampad/clk?id=122218951&iu=/4140/ostg.clktrk _______________________________________________ Emc-users mailing list Emc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/emc-users
