stuff (was Re: Talks (was: Re: [YLUG] A basic question))

[Arthur Clune]

On 28 Dec 2007, at 19:22, Steve Kemp wrote:

> On Fri Dec 28, 2007 at 18:54:08 +0000, Alex Howells wrote:
>
>>  *  Scalable spam prevention  -  anyone with a working solution
>>      capable of handling *lots* of mails per day?  What software are
>>      you using to accomplish it?

Mail Scanner is used by a lot of .ac.uk sites with high volumes
of traffic. http://www.mailscanner.info/

At work, we've outsourced to MessageLabs. Spam filtering is a
good fit for outsourcing for many organisations: it's technically
tricky and you need a fair chunk of infrastructure to be able to
deal with the spikes in load.


>>  Firewalls are a panacea for 90% of users who neither know what they
> protect against or how to use them correctly.  ("Oooh I have a  
> firewall
> I'm protectored!")

True, but that's 99.99% of my users, and probably yours as well
(only 90%? You've got a better user base than most :). Which
makes them very useful indeed.

Protecting things like printers (and yes, they will get hacked if on
the open net) is rather hard if they are not firewalled off. They're
not usually the most configurable of devices. Ditto tape libraries,
multi-function copies and more

Per-server firewalls? I can see a use in some cases (vendor
won't support FooSoft unless RPC is on or whatever) but in
general, you're right, minimising services is the way to go.

Except, as I mention above, when you've trying to protect
stuff run my other people. Or (wisper it), you're running a
mixed environment with MS Windows stuff in there as well.

Then, once you've done all this, someone goes and installs
a php server :)

Finally, back to the talk theme. I did a talk on firewalls for
ylug a few years ago. Various notes, code and slides are
online at http://www.clune.org/firewalls/

Arthur


-- 
Do you know why Unix was a success and MULTICS a failure? It's because  
Unix had mode bits and MULTICS had ACLs - Casey Schaufler