[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: OT: webhosting considerations
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: OT: webhosting considerations
- From: Siegbert Marschall <siggi_(_at_)_marschall_(_dot_)_org>
- Date: Sat, 09 Jun 2001 11:42:05 +0200
Yuri K wrote:
> Hello everybody and All in particular,
> the more Unix knowledge finds its way in my primitive head
> the more holes I see in web-hosters my company uses.
> They use Pair.com and your-site.com with Pair being more stringent
> towards innocent pranks. Yet both allow Telnet and ftp.
> Any recommendations on a reasonably securer hosting Co?
> Do they exist?
They are secure, at least pair, which I use since a few years too.
That they provide ftp + telnet access doesn't mean they don't know
what they're doing. You can still use ssh and scp which they provide
too and forget about telnet+ftp.
They use a heaviliy patched custom version of FreeBSD whith a excellent
choice of directories/permission for the hosting etc.
The advantage of OpenBSD is, that you can take it out of the box and
be sure that it has no wide open holes in the default install like
eg. Suse or so. But if you know what you're doing security is not
really a matter of the os, more a matter of configuration.
And finally of watching your stuff, that they do 24/7 and they really
have people with knowledge there around the clock.
Ask yourself a question : If you're a webhoster, would you be able
to stand the enduser market without providing telnet + ftp ?
Also the question about the security of telnet is a question of
trust, if your using a clean connection where nobody is sniffing
on and you think you're data and password is not _really sensible_,
there is no reason not to use telnet. Same goes to ftp.
Also if you're using ssh on a insecure machine, sniffing the keyboard
is as easy as sniffing the network. First thing I do when I'm not on
a trusted host, check the process lists as root, see if anything
strange is there. Certain login's I will never do from a box where I
am not 100% sure about it not being "bugged".
You have to take into account the whole picture on questions like
that and not only some details like ftp and telnet, which to use or
not is your choice anyway.
Bye, Siggi.Yuri K wrote:
Visit your host, monkey.org