Difference between revisions of "Firewall policy"

From ProgClub
Jump to: navigation, search
(Created page with "ProgClub has no plans to be terribly secure. See our privacy policy if you need clarification. Although some effort is made to ensure we are a profess...")
 
Line 1: Line 1:
ProgClub has no plans to be terribly secure. See our [[ProgClub:Privacy_policy|privacy policy]] if you need clarification. Although some effort is made to ensure we are a professional organisation, openness and freedom of information are core to our beliefs. As such, we are willing to punch holes through our firewalls so that you can get access to our network services from your home. You will need a static IP address in order for this to be feasible, of course.
+
ProgClub has no plans to be terribly secure. I mean, we [[Charity_admin#John_2011-07-30_17:15 published our firewall rules]]. See our [[ProgClub:Privacy_policy|privacy policy]] if you need clarification. Although some effort is made to ensure we are a professional organisation, openness and freedom of information are core to our beliefs. As such, we are willing to punch holes through our firewalls so that you can get access to our network services from your home. You will need a static IP address in order for this to be feasible, of course.
  
 
Particularly we will open up the firewall for MySQL database access to user machines. MySQL database logins allow for logins from any host, so you won't have a problem there. If you need to get access to your MySQL database and the firewall hasn't been opened up for some reason, you should be able to use an [[John's_Linux_page#Tunneling_over_SSH SSH tunnel]] to solve your connectivity woes. This can be a bit of a hassle to setup every time you need it, so for the longer term you might like to talk to us about opening up the firewall for you.
 
Particularly we will open up the firewall for MySQL database access to user machines. MySQL database logins allow for logins from any host, so you won't have a problem there. If you need to get access to your MySQL database and the firewall hasn't been opened up for some reason, you should be able to use an [[John's_Linux_page#Tunneling_over_SSH SSH tunnel]] to solve your connectivity woes. This can be a bit of a hassle to setup every time you need it, so for the longer term you might like to talk to us about opening up the firewall for you.

Revision as of 09:06, 1 August 2011

ProgClub has no plans to be terribly secure. I mean, we Charity_admin#John_2011-07-30_17:15 published our firewall rules. See our privacy policy if you need clarification. Although some effort is made to ensure we are a professional organisation, openness and freedom of information are core to our beliefs. As such, we are willing to punch holes through our firewalls so that you can get access to our network services from your home. You will need a static IP address in order for this to be feasible, of course.

Particularly we will open up the firewall for MySQL database access to user machines. MySQL database logins allow for logins from any host, so you won't have a problem there. If you need to get access to your MySQL database and the firewall hasn't been opened up for some reason, you should be able to use an John's_Linux_page#Tunneling_over_SSH SSH tunnel to solve your connectivity woes. This can be a bit of a hassle to setup every time you need it, so for the longer term you might like to talk to us about opening up the firewall for you.

Bear in mind that if we open up the MySQL database port for your host, and you connect to it, then your connection credentials will be sent in-the-clear over the wire. Of course, if the CIA is really tapping your line, then you have problems that point-to-point encryption doesn't solve. And if they're not, then not only is that good for you, but you don't have to worry about the fact that someone might be stealing your precious data.

Seriously though, don't use ProgClub facilities to store sensitive information. Other users who are clever can probably get at your database, and administrators definitely can. And at ProgClub we let pretty much anyone be an administrator -- so that might be a bit of a problem for you.