Re: webmin replacement?
-----BEGIN PGP SIGNED MESSAGE-----
I don''t have webmin open on the net, so I'm not so concerned with security. I suggest you consider your own needs relative to the value of your assets, the openness of the system, etc. Sounds like you'll be fine, as long as you keep it LAN side.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
-----END PGP SIGNATURE-----
On 8/20/07, email@example.com <firstname.lastname@example.org> wrote:
Quoting Mike Bird <email@example.com>:
> On Monday 20 August 2007 16:27, firstname.lastname@example.org wrote:
>> Quoting Sam <
>> > -----BEGIN PGP SIGNED MESSAGE-----
>> > Hash: SHA1
>> > Hi Mike,
>> > I just grab the .deb from the webmin site and use dpkg -i to install it.
>> Thanks! I will try that.
>> Do you ever worry about security updates and such?
>> or do you just keep a close eye on the webmin site and upgrade
>> according to their releases?
>> I have all the .debs from sarge (version 1.18) and I only use parts of
>> it. The small parts I use work great, but I worry that a security hole
>> may pop up and I won't notice until its too late.
> That's the big thing with webmin: security problems occur fairly
> often and are quickly exploited. We check for webmin updates daily.
> If you're using webmin 1.18 on a system that's accessible from the
> internet then I'd be very surprised if your system isn't rooted.
Good to know, and will start to follow that method.
Fortuntely, we've kept webmin accessible only by the lan side and
also on a different port than the default.