[sf-lug] Prince Ciao & Master Sun

jim stockford jim at well.com
Sun Jul 22 17:40:57 PDT 2007


    i'd love to know how to evaluate software with
respect to security features. is there a well-known
suite of tests that detects crappy software?

    one approach to security is to have sensitive
data on a machine that's not connected to any
network; i worked in one such shop. another might
be to set up iptable rules to allow no inbound
traffic and then push data out at some particular
time of day. tho'ts?



On Jul 22, 2007, at 5:19 PM, Alex Kleider wrote:

> Rick: I read the content of
> http://www.ranum.com/security/computer_security/editorials/master-tzu/
> per your recommendation. It's cleverly written and it does make the
> point that not exposing oneself is the best approach. I didn't find
> that there were any useful suggestions in the context of our
> discussions.
> "Don't use crappy software" certainly sounds like good advice but not
> being (yet?) able to write software of my own, I can only hope that
> something coming from Debian (substitute your favorite distro) is as
> safe as it can be. With study and advice from you and others here I'm
> hoping to broaden my understanding of how things work and configure
> things as securely as possible. So again, thanks for your input (which
> I am slowly processing- there is a lot there to process!)
> alex
>
> alex at kleider.net
>
>
>
> _______________________________________________________________________ 
> _____________
> Be a better Globetrotter. Get better travel answers from someone who  
> knows. Yahoo! Answers - Check it out.
> http://answers.yahoo.com/dir/?link=list&sid=396545469
>
> _______________________________________________
> sf-lug mailing list
> sf-lug at linuxmafia.com
> http://linuxmafia.com/mailman/listinfo/sf-lug
>





More information about the sf-lug mailing list