[REBOL] OT: SSH and secure servers, WAS: XML / dialects
From: bwilson::ihpva::org at: 7-Jan-2002 12:13
On Mon, 7 Jan 2002, Jason Cunliffe wrote:
> A good example, I have been grappling with very recently: A web site
> development has had its security compromised. From now on the site needs
> secure client access tols such as SSH2 Telnet and better FTP.
SORRY - not much REBOL content here but I think this is worth saying
There are numerous totally free ssh and ssl cross platform solutions.
See http://www.clickshift.com/ssh/ for some info + links on ssh.
BUT they only in keep data from being sniffed as it passes over the 'net.
I am a REBOL newbie so it's hard for me to see how it fits into the picture.
I bet your compromise came by exploiting a buffer overflow or some
stupid scripting configuration problem. Would this not include badly
written REBOL scripts?
IMHO you have much more to worry about from security holes
unintentionally installed by yourself (NEVER happens to ME of course!
HA HA) and by the providers of your various server tools such as BIND,
Apache, MS Exchange and so on.
If you really are serious about bolting down the lid on a server, look
at HP secure linux. If you are a tightwad like me also look at the NSA
secure server project.
I have not yet deployed HP OS yet on an exposed server. Risk versus
cost and complexity and all that. SOON though!
Santa Rosa, California