Re: OT: Host a website at home!

Joel Koltner wrote:

"Paul Hovnanian P.E." <paul@xxxxxxxxxxxxx> wrote in message
news:4A3C1EBB.E457A1E4@xxxxxxxxxxxxxxxx
Consider the administration responsibilities one must accept in order
not to have your 'home PC' taken over as a part of a botnet.

I don't think it's quite the same... from reading that article, it appears
that you're running a client on your PC that uses some particular protocol
the Opera guys cooked up (perhaps just straight HTTP with lots of
scripting), and that client accepts requests to send files or whatever,
but the entire process is "supervised" by centralized servers.

The whole point is to reduce the requirements for "administration
responsibilities" that one incurs if they install, e.g., Apache.

Of course, the Opera Unite service might have plenty of security holes of
its own -- the comments seem to indicate that, at least as of right now,
the service is more about getting things functional than exhaustively
trying to ensure security.

An Apache installation is a well known quantity. Still, its not a task for a
beginner. In my opinion, no service on the Internet is and none should be
installed unless one is willing to take responsibility for security.

Also, check
your ISP's terms of service.

It's a kinda borderline case here... it's clearly not a "regular" web or
FTP server.

I guess I don't understand how this differs from a 'real' web server. It
listens on port 80 and sends out files.

I think most of the ISP "terms of service" restrictions on
"servers" is only so that the ISP has cause to terminate your account if
it is clear you're running a "real" web server or whatever over your
"consumer grade" connection -- realistically it's pretty much impossible
to precisely delineate exactly what is a "server" and what isn't.

When some joker posts your URL on Slashdot, it becomes a 'real web server'.

(There are plenty of people
remotely connecting to their machines from the office, for instance, using
LogMeIn or SSH or Remote Desktop of whatever, and strictly speaking these
are servers every bit as much as port 80 or 21 are.)

But the traffic to these sorts of servers is restricted by the need for some
sort of login/authentication process.

--
Paul Hovnanian paul@xxxxxxxxxxxxx
----------------------------------------------------------------------
Have gnu, will travel.
.

Relevant Pages

  • RE: Should webservers, eg. IIS 6 have anti--virus installed on them?
    ... I take a more community mind approach to security. ... As much as I don't want my server infected, ... wouldn't load either one on the same system as the web server. ... Let's say Joe SysAdmin does install the A/V software ...
    (Focus-Microsoft)
  • <<<< SBS News of the week ended March 28th, 2004>>>>
    ... I've tested it on my home server. ... A whole bunch of KB articles courtesy of Marie McFadden SBS Community Lead ... Run setup - install on IIS is generally the only selection available. ... Most computer security experts agree that the ...
    (microsoft.public.backoffice.smallbiz)
  • <<<< SBS News of the week ended March 28th, 2004>>>>
    ... I've tested it on my home server. ... A whole bunch of KB articles courtesy of Marie McFadden SBS Community Lead ... Run setup - install on IIS is generally the only selection available. ... Most computer security experts agree that the ...
    (microsoft.public.backoffice.smallbiz2000)
  • <<<< SBS News of the week ended March 28th, 2004>>>>
    ... I've tested it on my home server. ... A whole bunch of KB articles courtesy of Marie McFadden SBS Community Lead ... Run setup - install on IIS is generally the only selection available. ... Most computer security experts agree that the ...
    (microsoft.public.windows.server.sbs)
  • Re: Assigning a Permission Set to an Assembly
    ... to use it you'll need to install the SDK. ... server with any form of .Net on it will have the compilers. ... Please do not send email directly to this alias, ... >> This has to be the most frustrating experience with any security ...
    (microsoft.public.dotnet.security)