Bitcoin Forum

Economy => Marketplace => Topic started by: frontlineassembly on April 20, 2011, 09:59:05 PM



Title: (jerb) Quick Debian/Drupal security audit for VPS
Post by: frontlineassembly on April 20, 2011, 09:59:05 PM
Normally I use OpenBSD/pf and am somewhat clueless when it comes to Debian iptables. I would be doing this on OpenBSD if there was a host that accepted bitcoins :)

Anybody want to audit my VPS for security? Will pay in BTC for a one-time audit to make sure I haven't left open giant security holes. It's a tor hidden service running drupal w/bitcoind. Calls to bitcoind are done localhost via HTTP (risk? should this be https? I can always generate a new cert)

Will pay up front, give you id_rsa to ssh into the box. Just need a second opinion to double check iptables/Debian setup for security holes. If you had a handy debian backup script i'd pay for that too

PM me with offer, thkx







Title: Re: (jerb) Quick Debian/Drupal security audit for VPS
Post by: Vasco on April 21, 2011, 09:28:47 AM
PM'd :)


Title: Re: (jerb) Quick Debian/Drupal security audit for VPS
Post by: greggles on April 23, 2011, 12:12:13 AM
For Drupal I suggest installing and running http://drupal.org/project/security_review

It will tell you if you have made any of the most common and dangerous mistakes in your configuration of Drupal.