Mailing List Archive: 49091 messages
  • Home
  • Script library
  • AltME Archive
  • Mailing list
  • Articles Index
  • Site search
 

[REBOL] OT: SSH and secure servers, WAS: XML / dialects

From: bwilson::ihpva::org at: 7-Jan-2002 12:13

On Mon, 7 Jan 2002, Jason Cunliffe wrote:
> A good example, I have been grappling with very recently: A web site > development has had its security compromised. From now on the site needs > secure client access tols such as SSH2 Telnet and better FTP.
SORRY - not much REBOL content here but I think this is worth saying in response... There are numerous totally free ssh and ssl cross platform solutions. See http://www.clickshift.com/ssh/ for some info + links on ssh. BUT they only in keep data from being sniffed as it passes over the 'net. I am a REBOL newbie so it's hard for me to see how it fits into the picture. I bet your compromise came by exploiting a buffer overflow or some stupid scripting configuration problem. Would this not include badly written REBOL scripts? IMHO you have much more to worry about from security holes unintentionally installed by yourself (NEVER happens to ME of course! HA HA) and by the providers of your various server tools such as BIND, Apache, MS Exchange and so on. If you really are serious about bolting down the lid on a server, look at HP secure linux. If you are a tightwad like me also look at the NSA secure server project. I have not yet deployed HP OS yet on an exposed server. Risk versus cost and complexity and all that. SOON though! -- Brian Wilson Santa Rosa, California 707-576-7649