Frackin script kiddies!!
Jarod Wilson
jarod-ajLrJawYSntWk0Htik3J/w at public.gmane.org
Tue Aug 3 14:06:02 EDT 2010
On Tue, Aug 3, 2010 at 1:26 PM, Richard Pieri <richard.pieri-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org> wrote:
> On Aug 3, 2010, at 12:15 PM, Jarod Wilson wrote:
>>
>> Its not about feeling secure. Its about keeping out stupid idiots. SSL
>> + auth keeps stupid idiot vandals out. And to me, that's Good Enough
>> for a non-critical system like a mythtv box. The determined will
>> always find a way in if they really want to.
>
> See... this is where I see you feeling security rather than practicing security. You see keeping the vandals out of your MythTV box as the end of it, but it isn't. That's just the *start* of it. You see your Myth box as non-critical but if it is exposed to a public-facing network then it *is* critical, not in the way you see it used but in the ways that it can be used against you or someone else.
I have a public-facing web server. One of the things it serves up is
mythweb. I require access to mythweb to go over ssl with
authentication. What else would you propose that I do, short of not
running mythweb on a public-facing web server?
--
Jarod Wilson
jarod-ajLrJawYSntWk0Htik3J/w at public.gmane.org
More information about the Discuss
mailing list