Date: Wed, 10 Dec 1997 15:25:07 -0800 (PST) From: "J. Weatherbee - Senior Systems Architect" <jamil@acroal.com> To: Adam Turoff <AdamT@smginc.com> Cc: hackers <hackers@freebsd.org> Subject: Re: FW: Why so many steps to build new kernel? Message-ID: <Pine.BSF.3.96.971210152258.25555A-100000@acroal.com> In-Reply-To: <348F48D3@smginc.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This makes no damn difference, obscurity is NOT security. See /usr/ports/net/strobe. > If you're interested in going town this path, I'd strongly recommend > taking a page from Netscape. Their servers use an admin server > to administer all instances of their httpd on a box. When installing > the server package, the install program picks a random port > 1024 > to use for running the admin server. The sysadmin can change > this port to something useful, but the idea here is that the > administration is not running on any "standard" port. > I certainly wouldn't want anything like kernel configs or sysadmin > type stuff happening over a standard port like 80 or 8080 with > clear text passwords. If I could use SSL on some bizzaro > port number, that would be really worth having. :-) > > -- Adam > > PS: Setting two servers to talk to each other so that they can > replicate configurations is left as an exercise for the reader. >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.971210152258.25555A-100000>