[plug] Apache

Simon Scott simon.scott at flexiplan.com
Fri Jun 1 11:55:45 WST 2001


	Security is a process, not a program.....

	This doesnt mean 'Linux Firewalls' are not secure, and other $400
win-nt based firewall is cos you pay for it.

	No firewall is 100% secure. Ever. Get over it.

	Security is a process where you minimise risks and weigh up risk v
costs (ie costs of securing, costs of a breach). You can improve security
with a few simple firewall rules, but if someone really wants to get in they
will.

	For many people, security is of minimal importance, as the cost of
cleaning up a breach is far less than the cost of continually keeping on top
of everything. I guess for most people, a simple firewall and switching off
unused services suffices.

	If you have super-important military data on the net, your cost/risk
model may change :) 








	From:	Christian <christian at amnet.net.au> on 01-06-2001 11:48 AM
	Please respond to plug at plug.linux.org.au@SMTP at Exchange
	To:	plug at plug.linux.org.au@SMTP at Exchange
	cc:	 

	Subject:	Re: [plug] Apache

	On Fri, Jun 01, 2001 at 11:32:58AM +0800, WFerrara at vicpark.wa.gov.au
wrote:
	> Hello, Each!
	> 
	> Can you guys stop scaring me (a Linux newbie) and convince me that
a Linux
	> firewall I want to install is going to be secure?

	You want us to lie?

	Firewalls don't make things secure.   When properly configured by
	someone who knows what they are doing and understands the issues,
they
	minimise certain security risks.  They help a lot but they're
nowhere
	near a panacea.

	Anyone who says to you "We use [SSL|SSH|OpenBSD|Firewalls|<insert
any
	security technology you care to mention] so that means we're secure"
is
	either lying to you or doesn't understand security at all.

	-- 
	DSA 0x0EC1D28C: BBCB 0D79 4EBB 078A A066  7267 8BED E9D6 0EC1 D28C



**********************************************************************
This email and any files transmitted with it are confidential and 
intended solely for the use of the individual or entity to whom they   
are addressed. If you have received this email in error please notify 
the system manager.

This footnote also confirms that this email message has been swept by 
MIMEsweeper for the presence of computer viruses.

www.mimesweeper.com
**********************************************************************



More information about the plug mailing list