[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: package for security advice

The only way to achieve real security is through knowledge. Pressing a shiny automated button is just going to implement what somebody else thinks is good for the system they assume you're running. Find the security websites, podcasts, newsletters, books. Learn what you really need to do for your actual case, not what somebody else thinks you should do. Learn what is superstitious paranoia that will never even come close to a private personal system.

If you're going to run a public web server, mail server, or whatever, one run of a script is not going to keep you secure. You need to know what the actual attack vectors can be, and need to be prepared for a threat that nobody's thought of yet.

Microsoft tells you all you have to do is click the little check box that turns on the security they've built and you're all safe.

Microsoft lies.



Reply to: