Re: [RE: Benefits of in-house SS/L for Business ]

"Webmaster at WebWham" <webmaster(at)webwham.com> wrote:

> At minimum, two machines are required, with a STRONG firewall on the =

> Intranet server.  Security Best Practices should always be in place. =


If I may pipe in here; IMHO, the firewall should be a box running some va=
riant
of BSD (preferably OpenBSD ( http://www.openbsd.org )).  Five simple reas=
ons
why:

1: None of the standard Micros~1 attacks (of which there are more than I =
feel
like counting) will have any effect.  No Back Orofice, no ActiveX control=
s
gone awry, and no silly things (like leaving telnet access enabled by
default).

2: 18 month comprehensive security audit.  OpenBSD is quite possibly (gad=
,
I'll get flamed for this) the most secure server OS in existence.  =


3: Free, as in beer and as in speech.

4: Runs on a variety of hardware.  X86, sparc, Alpha, Mac, PPC, and other=
s. =

I've seen several low to mid traffic sites that use an old P1 running Ope=
nBSD
as the corporate firewall/proxy.

5: Stable.  Uptime in the years.  Very important when you need your site
available to customers 24x7.

Down sides:  A competent, security minded admin, preferably with experien=
ce in
running e-commerce sites is an absolute must.  You cannot just install it=
 out
of the box and assume you are secure.  Security is a pro-active, ongoing
process.  A good admin knows this and takes it into account.  Unfortunate=
ly,
these people can be expensive.  Use the money you saved on the OS and har=
dware
to help defer this cost.

My $0.02US.  If I were in your shoes, however, this is exactly what I'd d=
o...

--Jedi Hacker(apprentice) and Code Poet

____________________________________________________________________
Get your own FREE, personal Netscape WebMail account today at http://webm=
ail.netscape.com.

HTML: hwg-business mailing list archives, maintained by Webmasters @ IWA