Re: [Exim] eximon usage

Pàgina inicial
Delete this message
Reply to this message
Autor: Richard Welty
Data:  
A: exim-users
Assumpte: Re: [Exim] eximon usage
On Thu, 29 Jan 2004 09:15:28 -0500 Blaine Simpson <blaine.simpson@???> wrote:

> Any web server or app server I've ever used (about 25) has source ip and
> many methods of username/password restrictions, all of which have been
> tested in thousands of production, commercial environments. All of largest
> IT companies in the world depend on this security. These mechanisms are
> proven by a user base much larger than Exim has ever had.


oh come now. i from time to time do security audits of web applications
for customers, and time and time again i've found systems in production
with some real howlers in them.

just because it's deployed doesn't mean it's secure.

one which is well known (_not_ one that i found) is the session id problem
with the verizon wireless web site.

geez,
  richard
--
Richard Welty                                         rwelty@???
Averill Park Networking                                         518-573-7592
    Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security