On Sunday 10 May 2015 02:14:40 pm Jay Ashworth wrote: > I'd like to lay one extra layer of foundation under Rob's excellent advice.
Jay and I only slightly disagree on one aspect. Outside access. That's something that can and should be customized according to the requirements of the specific installation by someone competent to do it right, IMHO. Done right, it's no more insecure than physically disconnected. Done wrong, it's like wearing a "KICK ME" sign on your back. In my career, I've had one firewall compromised. One, and that was a result of announcing the shellshock exploit. Even then, the incompetence of the cracker ( china ) limited damage to a screwed up crontab file. Heck, my own brother has to phone me for access, and he has the root passwords !! I've had a system on-line 20 years now, where I've invited the WaReZ crowd to crack it. None have. But, be warned... Past Performance is Not Necessarily Indicative of Future Results Of course, I'm the guy who uses backspaces in passwords. ( because script kiddies and Windows won't even transmit a backspace character ) -- Cowboy http://cowboy.cwf1.com How can you be in two places at once when you're not anywhere at all? _______________________________________________ Rivendell-dev mailing list [email protected] http://caspian.paravelsystems.com/mailman/listinfo/rivendell-dev
