|
|
Security Basics
server security Jun 20 2012 05:27PM Littlefield, Tyler (tyler tysdomain com) (3 replies) Re: server security Jun 20 2012 11:44PM Alex Dolan (dolan alex gmail com) (3 replies) Re: server security Jun 21 2012 04:34PM Mike Hale (eyeronic design gmail com) (4 replies) Re: server security Jun 22 2012 11:02AM Rory Browne (rbmlist gmail com) (3 replies) RE: server security Jun 22 2012 06:09PM Ron McKown (RMcKown apptio com) (1 replies) RE: server security Jun 22 2012 08:09PM Ward, Jon (Jon_Ward SYNTELINC COM) (1 replies) RE: server security Jun 22 2012 09:30PM Dave Kleiman (dave davekleiman com) (2 replies) Re: server security Jun 22 2012 09:54PM Tracy Reed (treed ultraviolet org) (2 replies) Re: server security Jun 22 2012 10:31PM Tracy Reed (treed ultraviolet org) (1 replies) |
|
Privacy Statement |
MONTHS would have provided a FAR better layer of security. As would have
not making the SQL Server accessible to the freakin' Internet in the
first place.
Seriously, SQL Slammer is an example for bad security practices, but not
an argument for running services on non-default ports for no good
reason. As long as there are more effective ways to ensure security, the
only thing gained from non-default ports are admin headaches (additional
documentation, support for connection issues, etc.).
Regards
Ansgar
On 2012-06-22 Dave Kleiman wrote:
> Tracy,
>
> You would have to admit little layers of security, such as running
> non-standard ports, can protect you as in the Slammer worm. I am not
> saying that is the best or recommended solution to a problem, but it
> can work.
>
>
> Respectfully,
>
> Dave Kleiman - http://www.ComputerForensicsLLC.com - http://www.DaveKleiman.com
>
> 4371 Northlake Blvd #314
> Palm Beach Gardens, FL 33410
> 561.310.8801
>
>
> -----Original Message-----
> From: Tracy Reed [mailto:treed (at) ultraviolet (dot) org [email concealed]]
> Sent: Friday, June 22, 2012 18:31
> To: Tracy Reed
> Cc: Dave Kleiman; security-basics (at) securityfocus (dot) com [email concealed]
> Subject: Re: server security
>
> On Fri, Jun 22, 2012 at 02:54:22PM PDT, Tracy Reed spake thusly:
> > Many "little layers of security" just aren't worth it.
>
> Clarification: Some "little layers of security" just aren't worth it.
>
> Multiple layers of security certainly are.
>
> --
> Tracy Reed
--
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
------------------------------------------------------------------------
[ reply ]