«

Steve wrote:
> Without opening port 80 on your router, and pointing it at your desktop
> machine, the risk of getting hacked is, to all intents and purposes, zero.
> However, once that port is opened, the risk is, by definition, infinitely
> greater. If this is your desktop machine, then do you really want to take
> that chance? Wouldn't you rather they hacked into a separate machine which
> doesn't contain your bank details? Opening ports is a big risk: what I'm
> talking about is minimising that risk.
>
> Trust me, I do it for a living (:

Apparently not very well. You clearly don't understand the separation
between kernel and user tasks, and where the vulnerabilities are most
likely to be. If you did, you would know that, "by definition", you are
wrong with your risk assessment when comparing environments and embedded
routers.

Both Linux and Windows manipulate TCP packets in kernel space. A
vulnerability in either would provide equal, unrestricted acess to the host.

Once you go beyond kernel space, the vulnerabilities have nothing to do
with the OS. So why is it that you wouldn't open up port 80 to XP, yet
you'd do so willingly to a Linux box?

Opening ports by itself has bugger all risk associated with it. The main
risk comes from poor applications. Sounds like you're starting to
believe the crap you sell to your clients,

The Other Guy

Tony wrote:
>> It will cost more then nothing though....
>>
>> If i was willing to spend money i would just use any given hosting
>> company, However i just want this to put a simple html page up so that
>> i can quickly host an odd file or picture that i dont want to email to
>> someone
>>
>
> The built in XPPro web server will be entirely appropriate for your
> purpose then. Just add-remove programs, windows components and select
> IIS. Do make sure the machine is fully patched though.
Awesome

I didnt know it had one

Thanks

In article <>,
d says...
> On Tue, 17 Jan 2006 08:11:36 +1300, XPD wrote:
>
> >
> > "Steve" <> wrote in message
> > news...
> >
> >>>>I wouldn't start from here. The potential security problems in opening
> >>>>port 80 to an XP machine don't bear thinking about.
> >>>
> >>> Such as?
> >> Before then, nobody could directly access this machine. Now they can.
> >
> > Ive run web servers on and off for a few years now and NEVER had any
> > issues - all have run on the standard port 80.
> > If it was an issue, then the internet would be a pretty boring place with
> > people changing their http ports and noone knowing what they are :-p
>
> ...and you call me naive? I've run internet servers for a living
> constantly since 1997, and have never ( and know of nobody in their right
> mind who has ) used M$ products as hosts. And there really is a reason for
> that. SECURITY.

There are zillions of servers worldwide running on MS servers, drongo.

On Mon, 16 Jan 2006 19:03:31 +1300, Andrew <>
wrote:

>Looking for something very simple to host a webpage from my machine
>
>Does anyone have any suggestions for free software
>
>The machine is a Winxp pro system

Have a look at this one. They don't come much simpler.

http://www.analogx.com/contents/down...work/sswww.htm


--
Ray Greene

On Tue, 17 Jan 2006 17:25:25 +1300, The Other Guy wrote:

> Steve wrote:
>> Without opening port 80 on your router, and pointing it at your desktop
>> machine, the risk of getting hacked is, to all intents and purposes, zero.
>> However, once that port is opened, the risk is, by definition, infinitely
>> greater. If this is your desktop machine, then do you really want to take
>> that chance? Wouldn't you rather they hacked into a separate machine which
>> doesn't contain your bank details? Opening ports is a big risk: what I'm
>> talking about is minimising that risk.
>>
>> Trust me, I do it for a living (:
>
> Apparently not very well. You clearly don't understand the separation
> between kernel and user tasks, and where the vulnerabilities are most
> likely to be. If you did, you would know that, "by definition", you are
> wrong with your risk assessment when comparing environments and embedded
> routers.
Embedded routers? Who's attacking that? You're opening a route from the
internet to your desktop. A read about stateful firewalls will give you
some idea of what you're failing to grasp.
>
> Both Linux and Windows manipulate TCP packets in kernel space. A
> vulnerability in either would provide equal, unrestricted acess to the
> host.
Where's the application running? And how mature is it? And what's the
difference between your desktop and an old, 'sacrificial' machine? The
CONTENT.
>
> Once you go beyond kernel space, the vulnerabilities have nothing to do
> with the OS. So why is it that you wouldn't open up port 80 to XP, yet
> you'd do so willingly to a Linux box?
You mean an os that can be compromised by looking at an image, using an
alleged design feature(http://www.grc.com/sn/SN-022.htm)? What's the
difference between an OS designed for multiuser access from the outset,
and a desktop with security bolted on as an afterthought. Badly. From a
company that's having to release critical patches to not-yet-released
software that's years late
(http://www.eweek.com/article2/0,1895...1911406,00.asp
)
>
> Opening ports by itself has bugger all risk associated with it. The main
> risk comes from poor applications. Sounds like you're starting to
> believe the crap you sell to your clients,
They're happy, thankyou for asking. And un-hacked.
>
> The Other Guy

I can only assume that you've picked up a few buzzwords, and expect me to
be amazed by them.

The point I've made repeatedly, and I hope that at least the OP
understands, that it's far better to put a low risk machine onto the
internet than your desktop.

If it's there and visible, then it can be attacked. That's the risk.

Steve wrote:
> On Tue, 17 Jan 2006 17:25:25 +1300, The Other Guy wrote:
>>Apparently not very well. You clearly don't understand the separation
>>between kernel and user tasks, and where the vulnerabilities are most
>>likely to be. If you did, you would know that, "by definition", you are
>>wrong with your risk assessment when comparing environments and embedded
>>routers.
>
> Embedded routers? Who's attacking that? You're opening a route from the
> internet to your desktop. A read about stateful firewalls will give you
> some idea of what you're failing to grasp.

You didn't attack embedded routers, you claimed they were entirely secure.

"Without opening port 80 on your router, and pointing it at your desktop
machine, the risk of getting hacked is, to all intents and purposes,
zero. However, once that port is opened, the risk is, by definition,
infinitely greater."

Do you know what "infinite" means? The only way the risk can be 'by
definition' infinitely greater, is if there is NO risk in the first
place. I.e. the router is 100% secure.

>>Both Linux and Windows manipulate TCP packets in kernel space. A
>>vulnerability in either would provide equal, unrestricted acess to the
>>host.
>
> Where's the application running? And how mature is it? And what's the
> difference between your desktop and an old, 'sacrificial' machine? The
> CONTENT.

WAKE UP! The above relates to the KERNEL ONLY!

>>Once you go beyond kernel space, the vulnerabilities have nothing to do
>>with the OS. So why is it that you wouldn't open up port 80 to XP, yet
>>you'd do so willingly to a Linux box?
>
> You mean an os that can be compromised by looking at an image, using an
> alleged design feature(http://www.grc.com/sn/SN-022.htm)? What's the

NO! What the hell does that have to do with opening up a port on a
server? That is a client idiocy, and it makes no difference if the
server runs on Linux or XP.

>>Opening ports by itself has bugger all risk associated with it. The main
>>risk comes from poor applications. Sounds like you're starting to
>>believe the crap you sell to your clients,
>
> They're happy, thankyou for asking. And un-hacked.

No wonder, you're paranoid.

Tell me, are you one of these people who blindly blocks all ICMP packets
too?

> I can only assume that you've picked up a few buzzwords, and expect me to
> be amazed by them.

As far as I can tell, you pretend to be some sort of security expert,
yet apparently you know absolutely nothing about authoring network
software, otherwise you would know at least the basics like where your
responsibilitys as an application programmer take over from the kernel.

> If it's there and visible, then it can be attacked. That's the risk.

And once again, no evidence that XP itself, anywhere in the lower level
networking layers, is any more or less secure than Linux.

Note, I hate XP, so I think I am in a fair position to be critical of it
if it deserves the critism.

The Other Guy

T'was the Mon, 16 Jan 2006 23:13:45 +1300 when I remembered Steve
<> saying something like this:

>I wouldn't start from here. The potential security problems in opening
>port 80 to an XP machine don't bear thinking about.

Such as?
--
Cheers,

Waylon Kenning.

Andrew wrote:
> Looking for something very simple to host a webpage from my machine
>
> Does anyone have any suggestions for free software
>
> The machine is a Winxp pro system
>
See all the other options others mentioned. XP Pro will also run one
site under IIS.

Cheers,

Cliff

Nathan Mercer wrote:
> -=rjh=- wrote:
>
>
>>Andrew wrote:
>>
>>>Looking for something very simple to host a webpage from my machine
>>>
>>>Does anyone have any suggestions for free software
>>>
>>>The machine is a Winxp pro system
>>
>>Doesn't Pro include IIS already? (I don't know, I'm just guessing here,
>>but I think it does).
>
>
> Yes it does - its installable under the Add/Remove Programs Control
> Panel
>
Yes, but it will only run one site. Which would suit the OP, of course.

Cheers,

Cliff

Andrew wrote:
> Steve wrote:
>> On Mon, 16 Jan 2006 19:03:31 +1300, Andrew wrote:
>>
>>> Looking for something very simple to host a webpage from my machine
>>>
>>> Does anyone have any suggestions for free software
>>>
>>> The machine is a Winxp pro system
>>
>> I wouldn't start from here. The potential security problems in opening
>> port 80 to an XP machine don't bear thinking about.
>>
>> Go and get yourself an old P3 server and run linux on it. It won't cost
>> much at all. I use an 800 MHz P3. Since there's a fair chance that you'll
>> be hosting over adsl, then server performance will be the last of your
>> worries.
>>
>> $0.02,
>>
>> Steve
>>
>>
> It will cost more then nothing though....
>
> If i was willing to spend money i would just use any given hosting
> company, However i just want this to put a simple html page up so that i
> can quickly host an odd file or picture that i dont want to email to
> someone
>

If that is all you want, why not either use your ISP's free hosting if
available, or one of the free services available online?

Blogger/blogspot has to be one of the easiest ways to put together
reasonably complex but easily updated sites for free - you can even do
it by email; protopage is even easier but for simple pages. Checkout
hindesite.co.nz (mine) which redirects to a protopage at present. Image
hosting is free at flickr, and file hosting is available for free at
openomy.com, and soon will also be available at omnidrive.com

Openomy and flickr are both quite interesting in that because your
content is available as RSS feeds, it is going to possible to imitate
the photocasting functionality of iPhoto as demonstrated at the MacWorld
last week.

For temporary images, why not use tinypic? There are similar services
for files.

There is *so* much free stuff available, and excellent tools to go with
them - RSS available pretty much everywhere, these days.

I've run webservers in the past, and it really isn't worth the hassle -
the free services are just so good. Spend your time putting your content
online, let others run the server.