Peter Jay Salzman <[EMAIL PROTECTED]> writes:
> i've been thinking about cvs security alot lately. Security is defined by policy. The mechanism tries to enforce the policy. Chant this mantra until you achieve security. > wouldn't pserver be *fairly* secure using tcpwrappers? i want one or > two people accessing my server. if i dump their IP's in > /etc/hosts.allow, wouldn't that be secure enough? Sounds like the mechanism here is tcpwrappers. > i don't want to run fort knox here. i know from my own personal > experience that a determined hacker can get into anything he/she wants > to. but i do want to make my server a PITA to break in to. This sounds like a security policy to me. > would a tcpwrapped pserver be fairly secure? Sounds like you are just looking to raise the effort bar on this one port. As long as the port is really tcpwrapped you raise the bar. Address based authentication is weak, but it appears as though you are concerned with keeping your effort/effect ratio low. Monitor your server. Keep good backups away from the machine. Wash behind your ears. -Ricardo _______________________________________________ vox-tech mailing list [EMAIL PROTECTED] http://lists.lugod.org/mailman/listinfo/vox-tech
