[plug] LinmagAU

Kimberly Shelt kim at linmagau.org
Fri Apr 2 21:39:53 WST 2004


On Fri, Apr 02, 2004 at 09:21:13PM +0800, Ben Jensz wrote:
> Senectus - wrote:
> 
> >I feel that if we can get a handful of guy^H^H^H  People together to 
> >run the site as is for a few months, then if all looks stable, we'll 
> >talk about rebuilding and financing into something with the same 
> >"structure" and design philosophy but better technical implementation 
> >(not that I'm saying its badly done now, but there is always something 
> >better... its part of being a geek).
> 
> As skribe has mentioned, PHP-Nuke has serious security issues (and it 
> has done for a few years now ).  So based on what Kim has said, it 
> sounds like its more than likely that PHP-Nuke is where the point of 
> attack has been.  

This is an assumption by you.. NOT ME.. I still stick with sucking
my passwd from the home system.. aka doze.. but the reality is just what I said..
finger pointing ..no matter what you run.. people have better ideas..
about what is more secure.. this is an issue the person who runs a site
has to deal with.. I dont know one from the other.. 
I do know that lots of sites run it.. and for the most part I never had
any issues.. 

And the verdict is not in anyway..

BTW I ran POST NUKE...

Especially considering the profile of the site on 
> places such as Slashdot.  By the way, don't take it that I'm saying 
> anything negative about the way that you did Linmagau in the past Kim, I 
> think you've done a great job of it.. and I think that has been shown 
> through the fact that so many people have put their hands up after its 
> gone down. :)

I dont :)
Putting up hands is the easy part.. doing the work and doing it consistantly 
over a period of time.. is the hard part :)..well so it seems :)
> 
> So what happens if you put all the time and effort into running it for a 
> couple of months under the same structure and it all comes to a 
> screaming halt again and you're left to try and rebuild it *again*.  You 
> certainly wouldn't be a happy camper.

I havent said I woudl rebuild under the same or a different structure
you assume :(
> 
> So personally I think if its going to be resurrected, maybe a slightly 
> different system is devised to undertake the task this time... so that 
> past issues are learnt from and not re-enacted.

Great..then you pick the "right".. code..or scripts or cms or whatever :)

Then find a place to put it.. and an admin (or do it yourself) to buiild
the back end.. say Zope/Plone etc.. get them to change the whole box to
suit your needs .. etc etc :)
that is of course if you are sharing a box with other folk.. else
find and place a box and then admin it it as well :)

I am NOT being negative here..just realistic.. truely it is not a little
issue to host this kind of thing..and horms has been amazingly helpful..

perhaps you have the infrastructure and time to do it all yourself.. 
then great.. stick up your hand.. get it happening :)

Kim



More information about the plug mailing list