Forgot your password?
typodupeerror

Comment: Use standard software and keep it up to date (Score 4, Insightful) 116

by quinto2000 (#43282477) Attached to: Ask Slashdot: Do-It-Yourself Security Auditing Tools?
From the way you describe your goal, you are building mostly one-off websites. For small companies and the like? You'll be best off just using popular open source products like Drupal, WordPress, or ModX and keeping up to date with security updates. Many of these will automatically notify you of security updates and you can apply them right away. Don't try to host the websites on your own server either. Get a hosting product from a company that will keep the underlying OS, Apache, and PHP up to date and secure. This will reduce your exposure quite a bit. You still need to make sure to choose good passwords. Nessus or OpenVAS are also an option.

Comment: Re:When do we get compression? (Score 1) 803

by quinto2000 (#37935030) Attached to: Fedora Aims To Simplify Linux Filesystem
This does solve an important problem in the Windows server space. Windows generates big log files, and there's no good log rotation built in. I do routinely end up compressing the log directories on many of my Windows servers. However, Linux has several good standard log rotators, so it's less of a concern. I've actually never run into the problem of a log directory filling up on Linux. What's the other use case where you have 1 TB of text files, other than logs?
Android

+ - Open Source alternative to Dropbox?

Submitted by garry_g
garry_g (106621) writes "While "the cloud" may be one of the major buzzwords of the Internet industry, anybody concerned with security and privacy will most likely not touch it with a 10-foot pole. While I am guilty of using Dropbox for occasional data storage or quick picture snaps with my Android phone, I do watch out not to store anything important on there (or inciminating), no matter what the "privacy policy" may be.
As someone that has been running his personal mail server and MTA for years, stores Firefox profile information not on either Xmarks or FF Sync public server but my own, I was wondering: what useful alternative is there to Dropbox on the FOSS market, which will allow access by both windows/linux boxes, but also mobile devices (specifically Android). I know there are frontend addons for Windows (and linux tools of course) e.g. for SVN, but most likely no implementations for mobile use as far as I can tell...
And, of course, the backend should run on a Linux box ;)"
Apple

+ - New Apple Technology Stops iPhones From Filming Li->

Submitted by Anonymous Coward
An anonymous reader writes ""A patent application filed by Apple, and obtained by the Times, reveals how the software would work. If a person were to hold up their iPhone, the device would trigger the attention of infra-red sensors installed at the venue. These sensors would then instruct the iPhone to disable its camera.""
Link to Original Source

Comment: Re:Should have used vsftpd (Score 1) 152

by quinto2000 (#34548176) Attached to: ProFTPD.org Compromised, Backdoor Distributed
You're saying it's possible to secure a known username. Who cares? Suppose 90% of attacks are on those known usernames (I don't have actual figures, but that seems plausible, based on my own experience with publicly accessible Linux machines). Just eliminate 90% of the attacks (and the chance of brute force breaking through) by eliminating those known accounts from remote login.

Why wouldn't you do this? You can still secure the rest of your accounts. Hackers, botnets and script kiddies go after the low-hanging fruit. Reduce your attack surface, and you are clearly better off. There's almost no hassle to having to su to root once you log in with a normal user account.

By the way--logging in to a console in public is completely different from remote root access. If someone can see over your shoulder--there are lots of other ways for them to engineer an attack. But we all have to be aware of the greater risk of unknown users on the Internet just scanning IP ranges and trying to login. If you've ever had a public web server, you will see that this happens to every machine. Much more common than someone we know trying to crack into our box.

Comment: Offer custom maps (Score 1) 304

by quinto2000 (#33406918) Attached to: Can an Open Source Map Project Make Money?
When I got married, I decided I wanted to make maps for my guests, none of whom lived in our small exurb. It turns out this is a pretty common task. I didn't want ugly, low resolution mapquest printout maps though. I wanted to be able to put in points of interest, I wanted a high level of street detail and I wanted some control over the rendering. I was excited to find out about OSM. It turns out, the Open Street Map website allows you to download a section of the map as SVG. Great! However, one problem: it has a pretty small limit on how big it can be, which limits either map size or level of detail. I ended up downloading the entire map, the rendering software and Mapnik style sheets, and having to compile the renderer myself. Then I edited the map in Inkscape, but there are some boundary issues when you just want a small segment of a big map. It was a pretty complicated project, but I think ultimately worth it.

If OSM offered a paid or advertising supported service to help make custom maps, I think it would be pretty popular. I've toyed around with the idea myself of offering this service, but I don't have the time.

Life's the same, except for the shoes. - The Cars

Working...