Am 10.08.2013 12:10, schrieb Gichuki John Chuksjonia: > One thing u gotta remember most of the Admins who handle webservers in > a network are also developers since most of the organizations will > always need to cut on expenses, and as we know, most of the developers > will just look into finishing work and making it work. So if something > doesn't run due to httpd.conf, you will find these guys loosening > server security, therefore opening holes to the infrastructure. i am one of the developers who are admin why? because maintaining servers where only internal developed software gives you the power to make security as tighten as possible - and yes security is *always* first not the admins which are developers are the problem crap like wordpress, joomla, phpBB is the problem because these developers have no idea how to secure maintain a server and try to develop software which can be installed by any random fool on whatever webserver without understand the implications thats's why these applications are *strictly* forbidden on any machine i am responsible for, it's enough to write abuse mails each time one of these installations outside got hacked and is starting attacks on 3rd parties
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/