Today I ran across a
organized crime is systematically taking advantage of known
security holes. This reminded me of RE (tilly) 2: Warning our Fellow Monks
, with the
moral being that with port scanning once an error is found,
there really aren't fish that are too small to be noticed.
Security is hard because it is not obvious. You can fail
to be secure and there are no overt symptoms. Your software
still works. You don't know of the hole. But it is there,
and you can still suffer for it.
However, hard or not, you still need to do it. Choose
reasonable passwords. Keep up on patches. Use taint mode.
Whenever you are processing arguments, rather than trying
to search for every way of breaking in (an approach that
always fail) consistently instead validate that the input
is a form that you know is trustworthy. If you can, get
someone who is knowledgable to review your security setup
before someone "volunteers" to do the job for you.
Now that link talks about Windows. And it is true that
Windows has an abysmal track record. However the track
record for Windows is due to a combination of Microsoft not
prioritizing security, and the belief (which Microsoft has
promoted) that you don't need competent admins for Microsoft
products. However an NT box with a competent admin is going
to be orders of magnitude safer than any *nix with an admin
who doesn't know what they are doing. (Home users of
Linux are at serious risk.)
This is a general problem, and it is one which many here
contribute to in one way or another, as admins, techs,
Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
Read Where should I post X? if you're not absolutely sure you're posting in the right place.
Please read these before you post! —
Posts may use any of the Perl Monks Approved HTML tags:
You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
- a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
Link using PerlMonks shortcuts! What shortcuts can I use for linking?
See Writeup Formatting Tips and other pages linked from there for more info.
| & || & |
| < || < |
| > || > |
| [ || [ |
| ] || ] ||