Quote:
Originally Posted by DWB
Ray, you should offer a security audit service where you point out to the site owner any vulnerabilities you find. Most of us don't know such things.
|
We do that occasionally for people.
To make it a standard "product" we're formalizing a couple of procedures for a basic check and an indepth check.
We're working up a LAMP specific checklist right now. We have the DOD, PCI, and DISA lists but they aren't specific to what we see everyday with the webmasters we work with.
More interestingly, to me, we're testing a more "outside the box" solution that makes a server truly unhackable. We may post FTP information here to show that even if the bad guy had the FTP password he STILL can't mess up the site.
__________________
For historical display only. This information is not current:
support@bettercgi.com ICQ 7208627
Strongbox - The next generation in site security
Throttlebox - The next generation in bandwidth control
Clonebox - Backup and disaster recovery on steroids