SLUG Mailing List Archives
Re: [SLUG] Penetration Test
- To: slug <slug@xxxxxxxxxxx>
- Subject: Re: [SLUG] Penetration Test
- From: Rick Phillips <rick@xxxxxxxxxxxxx>
- Date: Sun, 01 Nov 2009 17:55:18 +1000
- Reply-to: rick@xxxxxxxxxxxxx
> First, let me say that I am sorry you didn't appreciate the response, and the
> implied criticism of your plan. It was absolutely not my intention to offend,
> but rather to continue to question my own assumptions in the face of someone
> who disagreed with me.
> I regret that my statements came across poorly, and left you feeling unhappy.
Nothing I have seen on the list that you said has made me the slightest
bit unhappy. Your comments are worthwhile and I appreciate them.
Amin made a comment last night which he later apologised for.
Apparently some drunken mate had his iPhone. The message did not make
it to the list - I thought it had - so you would not have seen it. I
will leave it to your imagination as to what it inferred.
I have a several occasions advised the department of our configuration
and security configuration but unfortunately, teachers get promoted into
technical positions and they freely admit they haven't a clue about what
I am saying. That adds to my difficulties as you can imagine and one
has to wonder what sort of technology decisions they are making.
A colleague of mine is helping me craft some IPtables which with further
tighten the internal one way mirror which currently lets the internal
network open access to the server. We are going to allow only ports 80
and 22 to access the server from inside and as he represents the
manufacturer of the firewall appliance (ePipe) we use, he will assist me
to turn off the factory opened ports (1723 and 2000).
I believe that when we make these changes, the system will be very tight
and as we use only pre-built software (Moodle, Joomla, Meeting Room
Booking Service and Gallery) which I keep very much up to date, we
should be OK. The Gallery is only viewable from inside the school
because of privacy issues.
Thanks again for your very valuable input and my apologies if I
insinuated that you had upset me. It was a reference to another's
comments (see above).