[Date Prev][Date Next][Thread Prev][Thread Next][Minivend by date
][Minivend by thread
]
[mv] eWeek using Minivend in our openhack project
****** message to minivend-users from Timothy Dyck <Timothy_Dyck@zd.com> ******
Hi all, I wanted to let the Minivend users group know that eWEEK Labs and
the security consulting firm Guardent are using Minivend in a security
test we are carrying out at www.openhack.com. The site is composed of a
mix of Linux, OpenBSD, Solaris, Windows NT, Windows 2000 and appliance
servers and Minivend was the application we choose as our online
storefront. It's running on a dual Pentium III Compaq Proliant 3000 with
512MB of RAM running Mandrake Linux 7.1. I set up the storefront; we are
using the "simple" store as the actual site and the entire site is running
using SSL.
Since we are paying money if anyone can crack into the store ($1,500),
it's possible that someone is going to go through the code looking for
ways to exploit any holes. Other than the advice in the FAQ on "Is
MiniVend secure" and in the "MiniVend Security" section of the manual, are
there any other security tips people can provide to keep our site locked
down? Thanks very much.
Regards,
Tim Dyck
eWEEK Labs
----------------------------------------------------------------------------------------------------
Timothy Dyck, Technical Director, eWEEK Labs (formerly PC Week Labs)
e-mail: timothy_dyck@ziffdavis.com, phone/fax: 519-746-4241
-
To unsubscribe from the list, DO NOT REPLY to this message. Instead, send
email with 'UNSUBSCRIBE minivend-users' in the body to Majordomo@minivend.com.
Archive of past messages: http://www.minivend.com/minivend/minivend-list
