Hi Rob, > Perhaps the "ideal" solution is to remove "local" network support from a > default install, and the allow installing it from a blade? > > For my money, VPN'ing in seems to be more secure, particularly if the user > manager screen had a flag that can be used to turn on/off VPN access. (Yes, > I know you can do it from the command line, but the point is that it's by > default enabled for *everyone*... not really a good idea...)
Or perhaps have a "private" option for the VPN connection in order to specify which IP adresses should be allowed through the hosts allow/deny files. Kind Regards, Peder Lauridsen PGP key on request. -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
