Welcome to Pandora FMS Community › Forums › Community support › Welcome
-
Welcome
Posted by linux-guru on January 31, 2006 at 23:24Welcome at your new webspace. I hope it is useful for your needs and I can contribute a lot to your project.
May the force be with you! 🙂
Sancho replied 18 years, 3 months ago 3 Members · 7 Replies -
7 Replies
-
-
::
I am currently very surprised about this (UNB) piece of software. IMHO it is really good to use and _quite_ secure. Have a look at http://www.cve.mitre.org/cgi-bin/cvekey.cgi?keyword=unclassified for their security issues.
I think Drupal is overkill for this page. Ok, it’s even better than phpBB and its security problems, but have also a look at http://www.cve.mitre.org/cgi-bin/cvekey.cgi?keyword=drupal
If you compare UNB and Drupal only under the security-aspect and the entries at cve.mitre.org, UNB would be the winner for me.Now I am waiting for your arguments and suggestions 🙂
Cheers
linux-guru
-
::
I think in this case it only seems to be more secure because is more unknown in the community. I’m sure that Drupal is better, I’m simply use this piece of software: UNC, because it’s very small, and in forum management is much better than others. Really I think that UNC could be a good system in the future. I really like the concept of “simplicity” but with power. I think PHPBB is more for kids, with all of this icons, colors, big buttons and stuff like that :-P, really you need a forum to write text, read text and be informed, not to colorize your life.
I often value more funcionality than security 🙂
-
::
I agree with you. Most pieces of opensource-software get insecure because of their popularity. Getting insecure should be understood – in this special case – as the state that security holes become public and are used by attackers. Sure, they may exist at more unpopular software, too, but nobody cares about it and they are no target for attacks because you need to invest too much time to find this software somewhere installed. The amount of invested time does not stand in a context with the advantages an attacker could gain because of insecure software.
I personally never saw such an inuitive forum-software like UNB.
Will there be really that much content on this page in the future that the use of a CMS makes sense?
Ok. Maybe it makes sense to use a CMS for this page in general, but I’d suggest to use UNB for this forum as kind of implementation into a CMS.
If you like, we could also create a subdomain like forum.openideas.info which points exactly to this UNB installation. Then you are quite free to use a CMS for the rest of the page.IMHO security through obscurity is no real solution but I made the experience that it is better than offering a surface for possible attacks.
Believe me, I know what I am talking about after the mess with our servers. 🙁Cheers
linux-guru
-
::
Yep, security is now a bit complicated, and if you use a piece of software that is very common or worst, a piece of software very common and closed-source, you will be damm. With opensource like PHPNuke your ass is in danger too :D, I’ve experience with it, and really, there is no software without security problems, the key its you say about time to find the vulnerability. Not all vulnerabilities are in the known, but, people who expoit and develop new methods generally are not interested in your site, so, use “secure” apps it’s a good start.
The problem frecuently is to install a software that you doesn’t need and you doesnt have time to learn. I recomend to use only the software you need and want to know it. It’s more safe.
I don’t need more from this site, so there are no need for a CRM, using directories will be enought for me at this moment, but many thanks 🙂
-
::
Hi Everybody, this is Nikun here from India. To introduce myself, I am a hitch hiker and an explorer and I believe in giving back.
Yes, UNB definitely rocks, the whole idea of having this forum is good, and I m sure Pandora v1.2’s goinna be a smash hit.
I agree security can be a major concern with anything of this magnitude and popularity, but then guys, theres no software thats secure 100%. Security is an ongoing process and theres no end to it. We can use nikto and other cgi scanners to figure out vulnerabilites to some extent but cant make it 100% secure. Secondly my exp as a sysad tells me the best way to keep the servers safe is to be omini-aware of whats goin on on the servers, contantly study the logs, monitor acess, scrutinise errors, its not that hard after setting up some monitors (how about pandora monitoring all the logs and errors from the server here).
So I feel currently we can consider UNB safe enough and enjoy the luxary of having a forum 😀BTW, simple architecture is the most secure architecture. Troubles will come from crackers anyway, but with it, you can troubleshoot and fix an issue within no time, that is the reason I love pandora and that is the reason UNB is better then phpbb and drupal (I agree drupal will be a overdrain i have allready used and tried it on my website).
catch ya around guys
Spawn
-
::
Finally we moved to PHPBB because three mainly reasons:
– UNB was based on XHTML and render was VERY slow. In Konqueror browser it was killing 🙁
– UNB has no skins or themes. And I was very bored to have the same aspect that every other UNB site.
– UNB has several security updates. I see the code and I don’t like what I see. Author patch versions, but I usually don’t like one-man projects.
The bad news are that this version of PHPBB2 doesnt support attach 🙁
The good news are that now openideas is more beautiful and fast 😉