[Techtalk] Server was broken into ... what good tools are there to probe vulnerabilities?

jennyw jennyw at dangerousideas.com
Wed Nov 21 15:38:59 EST 2001

Yeah, the hosting at home option is looking better and better. If I was sure
where I was staying put for the next year, I would definitely go that way. I
may go that way even without knowing whether I'm moving (Infinology still
hasn't gotten back to me).

Currently, my home network isn't being scanned frequently, but I figure if I
have a Web site up, it'll get hit more often. Also, I'm running NAT and am
blocking *all* incoming traffic right now. It's a bit of a different story
if I have a Web site setup. I have a SonicWall DMZ*, so I guess I could put
a server on the DMZ. I guess I was always under the impression that a Web
host was a better solution because a) they'd have some support (which
Infinology doesn't); b) they have better (faster, more reliable)
connectivity; and c) I'm not a Linux expert (yet) so I figured having
someone around to provide disaster recovery support, etc., would be good (of
course I now have my doubts about Infinology).

I guess my hope was to avoid being a sysadmin and focus on programming and
other projects. I guess it can't be avoided, though!


* Why a SonicWall instead of a Linux firewall? One issue with running a
firewall at home is the cost of electricity.  For example, I had two
firewall computers, and if they each pulled 100W, that's about $30/month in
electricity. Plus whatever's needed for the Web/mail servers. Of course, if
there are low-power consumption distributions of linux firewalls (running
off a floppy and CD-ROM, for example), I'd love to hear about them!

More information about the Techtalk mailing list