Samba Authentication problem -- one machine only!!!
Mike McCarty
mike.mccarty at sbcglobal.net
Thu Jul 21 21:32:28 UTC 2005
Phil Schaffner wrote:
> On Thu, 2005-07-21 at 17:05 -0400, Tim Holmes wrote:
> ...
>
>>Hi phil -- the firewalls are shut off on all the machines -- we are
>>behind a hardware firewall and do not need the internal ones -- as a
>>result -- they do more harm than good
>
>
> Well, that's not the problem, but a bit of unsolicited/OT advice. Good
> security is built in layers. I'm behind a pretty robust center-level
> firewall also, but learned the hard way that it is not impervious.
> We've had several cases of bad guys getting through the main firewall
> and running rampant on the machines inside (mostly those foolish people
> that were not up-to-date on security patches, and/or Windoze boxes). I
> run local firewalls on each machine I'm responsible for. I like
> firestarter for the individual-machine firewalls. Makes it pretty
> painless.
>
> http://www.fs-security.com/
>
> Phil
Well, experiences vary. One thing to remember is that every
unneeded line of code is another place for a defect to hide.
One of the things I continually had to hammer into the
engineers under my lead is "If a feature is not in the
requirements spec, then it shouldn't be in the code!"
Installing one or two programs for security may be prudent.
Installing 50 programs for security is asking for troubles.
Somewhere in between is where most people would settle.
Taking one or two drugs may be prudent.
Taking 50 is asking for drug interactions and troubles.
Mike
--
p="p=%c%s%c;main(){printf(p,34,p,34);}";main(){printf(p,34,p,34);}
This message made from 100% recycled bits.
I can explain it for you, but I can't understand it for you.
I speak only for myself, and I am unanimous in that!
More information about the fedora-list
mailing list