[Date Prev][Date Next][Thread Prev][Thread Next][Minivend by date ][Minivend by thread ]

RE: [mv] eWeek using Minivend in our openhack project

To: <minivend-users@minivend.com>
Subject: RE: [mv] eWeek using Minivend in our openhack project
From: "utomo" <utomopw@mitra.net.id>
Date: Fri, 30 Jun 2000 06:19:43 +0700
Cc: <Timothy_Dyck@zd.com>
Importance: Normal
In-Reply-To: <8525690E.001E2B3D.00@mailer.zd.com>
Reply-To: minivend-users@minivend.com
Sender: owner-minivend-users@minivend.com

******    message to minivend-users from "utomo" <utomopw@mitra.net.id>     ******

I hope the server is secure enough, so the testing will be fair to test the
minivend security.
Just if you forget, add .htpassword to the directory and close unused port,
and use the latest service pack from OS website.
Or better if you mention here what you have done to setup up the server an
minivend for testing.

And whatever the result I hope you post the result and the review  to this
list, so everybody will know and can comment it.

regards

Utomo


> -----Original Message-----
> From: owner-minivend-users@minivend.com
> [mailto:owner-minivend-users@minivend.com]On Behalf Of Timothy Dyck
> Sent: Friday, June 30, 2000 12:25 PM
> To: minivend-users@minivend.com
> Subject: [mv] eWeek using Minivend in our openhack project
>
>
> ******    message to minivend-users from Timothy Dyck
> <Timothy_Dyck@zd.com>     ******
>
>
>
>
> Hi all, I wanted to let the Minivend users group know that eWEEK Labs and
> the security consulting firm Guardent are using Minivend in a security
> test we are carrying out at www.openhack.com. The site is composed of a
> mix of Linux, OpenBSD, Solaris, Windows NT, Windows 2000 and appliance
> servers and Minivend was the application we choose as our online
> storefront. It's running on a dual Pentium III Compaq Proliant 3000 with
> 512MB of RAM running Mandrake Linux 7.1. I set up the storefront; we are
> using the "simple" store as the actual site and the entire site is running
> using SSL.
>
> Since we are paying money if anyone can crack into the store ($1,500),
> it's possible that someone is going to go through the code looking for
> ways to exploit any holes. Other than the advice in the FAQ on "Is
> MiniVend secure" and in the "MiniVend Security" section of the manual, are
> there any other security tips people can provide to keep our site locked
> down? Thanks very much.
>
> Regards,
> Tim Dyck
> eWEEK Labs
>
> ------------------------------------------------------------------
> ----------------------------------
>
> Timothy Dyck, Technical Director, eWEEK Labs (formerly PC Week Labs)
> e-mail: timothy_dyck@ziffdavis.com, phone/fax: 519-746-4241
>
>
> -
> To unsubscribe from the list, DO NOT REPLY to this message.  Instead, send
> email with 'UNSUBSCRIBE minivend-users' in the body to
> Majordomo@minivend.com.
> Archive of past messages: http://www.minivend.com/minivend/minivend-list
>

-
To unsubscribe from the list, DO NOT REPLY to this message.  Instead, send
email with 'UNSUBSCRIBE minivend-users' in the body to Majordomo@minivend.com.
Archive of past messages: http://www.minivend.com/minivend/minivend-list

References:
- [mv] eWeek using Minivend in our openhack project
  - From: Timothy Dyck <Timothy_Dyck@zd.com>

Prev by Date: Re: [mv] Databases .. GDBM and Flat File
Next by Date: [mv] nosy question
Prev by thread: [mv] eWeek using Minivend in our openhack project
Next by thread: Re: [mv] eWeek using Minivend in our openhack project
Index(es):
- Date
- Thread