June 20th, 2002, 02:02 PM
no server can be 100% safe, can it? are there any that come close?? i would like to have some feedback
June 20th, 2002, 02:10 PM
I think it depends on server's sysadmin(s)
June 20th, 2002, 02:13 PM
well, yes, it can...........you can unplug it from the wall........
other than that, have a state-of-the-art firewall, close almost all services except the ones necessary for people to browse the site/access their files, have a few honeypots, spoof the IP.....yeah, there's some that come close
hope that helps, i'm just a newb too, so i left out a lot
June 20th, 2002, 02:19 PM
yeah, it depends on how gullible the sysadmin is, like if someone calls and says "I'm the ceo, I need the admin password for all our servers" does he say "sure, it's ****" or "come by my office in person and I'll give it to you"
June 20th, 2002, 02:27 PM
I think the general consensus is that all systems are only as good as the sysadmin... some server software is inherently more secure than others out of the box but its the skill and intelligence of the sysadmin who makes the difference.
I deliberately use the word intelligence rather than knowledge. Intelligence is how you use your knowledge, no one, no matter how huge in the ego department is omniscient. It's entirely down to how you use the resources available to you, this site being one of those resources
June 20th, 2002, 10:24 PM
There is no such thing as a safe server. If your server is connected to the internet, it is not safe. Period. There is always a level of risk. That's just how the internet works. It's the admin's job to lower that risk as much as possible. He tries his best to reduce the number of services running on a server. He patches the box religiously. He administers the box with an iron fist and examines it with a microscope. And if he's lucky, the kiddies and the worms will pass him by for an easier target, but there's always someone out there better than him and smarter than him. If an attacker is smart enough and determined enough, he will get in.
June 20th, 2002, 10:44 PM
Apache is more secure than IIS...etc, but mostly it depends on the admin.