Security memo
From Drafts
Revision as of 09:25, 10 April 2006 by 81.241.199.117 (talk)
'Unsecure' protocols
- FTP, when possible use sftp (available in gftp, fugu and filezilla)
- SMTP and webmails without https
- in general, open wifi connections
We have to start using gpg keys. How about a key-signing party? How to secure wifi?
Spam
- constant's news is regularily spammed.
- subscription forms for the mailing list.
- map of stitch-and-split
- wiki, see recent changes.
'Unsecure' software
- wiki needs upgrade.
- wordpress needs upgrade.
- regular updates on server + router.
User management in irisnet
- at the moment, the weblogs share the same database. It means if one is cracked all the oters will fall. the same for the wiki. We need to create user accounts for irisnet, it will involve changes in urls, etc. We need to secure contract with irisnet, too.