On Wednesday 13 February 2002 01:59 pm, Chad C. Walstrom wrote: > On Wed, Feb 13, 2002 at 10:05:15AM -0600, Brian wrote: > > On Wed, 13 Feb 2002, Jason Lohrenz wrote: > > Something I would suggest is what my ISP does.. keep the accounting > > info on a worksation tucked away on the corner with NO network access. > > Once a month, download the radius/xfer log data to a floppy and > > sneakernet it to the accounting machine. That way even in a complete > > server comprimise, customer data is locked away tightly. Then write > > import scripts into your favorite accounting package to sort the data > > and bill appropriately. > > Very good advice. A little draconic, but good advice none-the-less. I > wouldn't be too jumpy about keeping the usage accounting statistics on > net-accessible machines, as long as the data is redundantly spread > across a couple machines (at least), and as long as you've secured down > the box as much as possible. (i.e. Only run the software you need to > complete the task at hand, do your development on another box. Shut off > all services except those that are absolutely needed. etc.) > > Personal information, such as Names, credit card numbers, account > numbers, financial information, etc, should certainly be kept on a > private network, not accessible via the net or as Brian put, not > connected at all. Again, only install the software that is necessary to > complete said task. Make sure your printer is local. Probably worthwhile advice in general; after installed Mandrake, I went through and shut down all the services that I don't use. (I'm not, for example, running ftp or a website or a mailing list or a database, so I shut down all those services. The only thing that I'm at all concerned about -- perhaps, as opposed to "should be concerned about" -- is SMTP, and I *think* I've got access restricted to local addresses, as I'm running fetchmail to fetch my mail, and don't need a full mailserver locally.) If somebody wants to, at some point, see if they can get into my system (without hurting it), I'd love to see if it's possible. -- ------------------------------------- There's a widow in sleepy Chester Who weeps for her only son; There's a grave on the Pabeng River, A grave that the Burmans shun, And there's Subadar Prag Tewarri Who tells how the work was done. -------------------------------------