From owner-freebsd-questions@FreeBSD.ORG Tue Sep 7 21:37:45 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 01CB016A4CE for ; Tue, 7 Sep 2004 21:37:45 +0000 (GMT) Received: from o2.hostbaby.com (o2.hostbaby.com [208.187.29.121]) by mx1.FreeBSD.org (Postfix) with SMTP id B3C2943D4C for ; Tue, 7 Sep 2004 21:37:44 +0000 (GMT) (envelope-from ceo@l-i-e.com) Received: (qmail 91602 invoked by uid 1001); 7 Sep 2004 21:37:48 -0000 Received: from 66.243.5.202 (SquirrelMail authenticated user ceo@l-i-e.com); by www.l-i-e.com with HTTP; Tue, 7 Sep 2004 14:37:48 -0700 (PDT) Message-ID: <33558.66.243.5.202.1094593068.squirrel@www.l-i-e.com> In-Reply-To: <6ef4c2b8eb37d954d7b887c5e1f45810@untoldfaith.com> References: <6ef4c2b8eb37d954d7b887c5e1f45810@untoldfaith.com> Date: Tue, 7 Sep 2004 14:37:48 -0700 (PDT) From: "Richard Lynch" To: "FreeBSD Mail Lists" User-Agent: Hostbaby Webmail X-Mailer: Hostbaby Webmail MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal cc: freebsd-questions@freebsd.org Subject: Re: Update Databases from Webserver X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: ceo@l-i-e.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Sep 2004 21:37:45 -0000 FreeBSD Mail Lists wrote: > Richard, > Thanks for your reply. I thought there was something terribly wrong with > that logic. So I thought I would ask in this mail list since people have > been great here in the past about everything else I wanted to know. > Are there any security lists in relation to ecommerce that you would > recommend? So I can stop annoying everyone else here. I just don't want > to make anymore mistakes than I have to starting down this road. I don't really know of any good security list... I'd sure be happy to HEAR of one, mind you. To be honest, I suspect there isn't really a good security list, because this is simply the kind of thing that so *FEW* people actually do, that there isn't a critical mass of people doing it and needing help for a good mailing list to exist. Please don't take my "tone" as being annoyed. I basically just wanted to "scare" you into *NOT* doing what you plan to do. It's incredibly dangerous, and carries an inordinate amount of risk. If you absolutely *MUST* do this, hire a security expert to help you design/program it. It's just not a good idea to do what you said you wanted to do on your own your first time. If your boss/manage won't accept that, tell them you'll need all their personal credit cards for testing purposes until you're SURE the system is secure and safe from thieves. They may change their tune at that point. -- Like Music? http://l-i-e.com/artists.htm