Michael Dillon wrote
> The best thing your could do would be to maintain a master copy of your
> website elsewhere, and perhaps run something like tripwire regularily if
> you think your websites might be a target for hacking.
> In fact, if the CIA and DOJ would just set up a server with an automatic
> tamper detection system, they could easily detect and fix such tampering
> without lifting a finger.
Actually, I'm kind of surprised that more people don't have their web
pages on filesystems mounted read only, or on devices physically write
protected. I know this isn't possible for all pages, and that a cgi-bin
directory wouldn't work in this configuration, but for the bulk of pages
that are just data being served it seems like an obvious thing to do.
Mike Jones
Sr. Network Computing Advisor
Unified Technologies
|
|
