> Firewalls don't even come near the top of my security list. Much more > important are: > - procedures / paranoia (don't email passwords, call back on the > agreed phone number) > - configuration (no null-sessions, no remote registry service etc.) > - patches > - services (no unencrypted protocols) > - discipline (don't log in as root, don't check email from the > server) >
Process is key, I agree. I will admit to a bad habit, which is that I occasionally browse the Web from a server if I am working on the server and looking for an solution to some problem. I generally use Firefox, but some sites are still IE only. I mostly did that when I was getting set up, but it's something that just shouldn't be done at all if you can help it. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Find out how CFTicket can increase your company's customer support efficiency by 100% http://www.houseoffusion.com/banners/view.cfm?bannerid=49 Message: http://www.houseoffusion.com/lists.cfm/link=i:5:145916 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/5 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:5 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.5 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54