[Date Prev][Date Next][Thread Prev][Thread Next][Minivend by date ][Minivend by thread ]

Re: Looking for new MVEND ISP

To: MiniVend Users List <minivend-users@minivend.com>
Subject: Re: Looking for new MVEND ISP
From: Larry Leszczynski <larryl@furph.com>
Date: Sat, 24 Jul 1999 11:27:24 -0400 (EDT)
In-Reply-To: <3798AE9D.8CFC2C2B@korksoft.com>
Organization: furph Inc. - ChargeNow.com
Reply-To: Larry Leszczynski <larryl@furph.com>

Hi All -

> I think you all may be forgetting the downside of a DSL line...

I've been following the discussion of ISP vs dedicated line but I noticed
a major concern was *not* being addressed: SECURITY.  Running your own
site is a much bigger job than a lot of people realize.

(Sweeping generalizations follow, so please no flames on particulars -
just trying to make a general point and promote some awareness here...) 

Most are us are running MiniVend to do commerce - so we're dealing with
our own money, our shopkeepers' money, and our customers' money.  Having
your own dedicated line can be a great solution, whatever the physical
connection might be, but remember the responsibility for security falls on
you!

If you're considering doing your own setup, *please* consider first
whether you're skilled enough to secure it.  Yes, you can install MiniVend
on a Win95 box and hook it to a cable modem and it will run, but that's
far from enough.

Just keep in mind that there are a lot of things your ISP may be doing on
your behalf (or you hope that they are doing!) that you might take for
granted.  Do you have a firewall between yourself and the Internet? 
Regular automated backups?  Backup power supply?  Virus checking? 

Probably most important, is your version of operating system, web server
software, sendmail, bind, etc., updated to the latest and greatest version
so that the hacker scripts at places like rootshell.com won't work on you? 
And by latest and greatest, I mean the patch that might literally have
come out yesterday?  Would you know where to get it?  Would you even know
it had been released?

Not trying to sound paranoid, but don't think you'll never be targeted by
a hack just because you're a small site and you think they won't notice
you - sometimes smaller sites are targeted simply because they tend to
be less secured and less vigilant than a site tended by a full-time staff.


Larry Leszczynski
larryl@furph.com
--
  furph, Inc.	WWW/Unix/Windows Solutions	734-513-7763 (voice)
info@furph.com	   http://www.furph.com		734-513-7759 (FAX)

References:
- Re: Looking for new MVEND ISP
  - From: Jason Korkin <jkorkin@korksoft.com>

Prev by Date: Re: Looking for new MVEND ISP
Next by Date: Re: expire
Prev by thread: Re: Looking for new MVEND ISP
Next by thread: Search engine driving me crazy
Index(es):
- Date
- Thread