l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
September 2: Social gathering
Next Installfest:
TBD
Latest News:
Aug. 18: Discounts to "Velocity" in NY; come to tonight's "Photography" talk
Page last updated:
2001 Dec 30 17:14

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] cvs security
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] cvs security




Peter Jay Salzman <p@dirac.org> writes:

> i've been thinking about cvs security alot lately.

Security is defined by policy.  The mechanism tries to enforce the
policy.  Chant this mantra until you achieve security.

> wouldn't pserver be *fairly* secure using tcpwrappers?  i want one or
> two people accessing my server.  if i dump their IP's in
> /etc/hosts.allow, wouldn't that be secure enough?

Sounds like the mechanism here is tcpwrappers.

> i don't want to run fort knox here.  i know from my own personal
> experience that a determined hacker can get into anything he/she wants
> to.  but i do want to make my server a PITA to break in to.

This sounds like a security policy to me.

> would a tcpwrapped pserver be fairly secure?

Sounds like you are just looking to raise the effort bar on this one
port.  As long as the port is really tcpwrapped you raise the bar.
Address based authentication is weak, but it appears as though you are
concerned with keeping your effort/effect ratio low.

Monitor your server.  Keep good backups away from the machine.  Wash
behind your ears.

-Ricardo

_______________________________________________
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech


LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
EDGE Tech Corp.
For donating some give-aways for our meetings.