Firewall policy

From ProgClub
Revision as of 10:59, 11 August 2011 by John (talk | contribs) (Protected "Firewall policy": Policies can only be updated by an Administrator ([edit=sysop] (indefinite) [move=sysop] (indefinite)))
Jump to: navigation, search

This page details the ProgClub firewall policy. For other policies and information about the service of notices see the terms and conditions.

Firewall policy

ProgClub has no plans to be terribly secure. I mean, we published our firewall rules. See our privacy policy if you need clarification. Although some effort is made to ensure we are a professional organisation, openness and freedom of information are core to our beliefs. As such, we are willing to punch holes through our firewalls so that you can get access to our network services from your home. You will need a static IP address in order for this to be feasible, of course.

Particularly we will open up the firewall for MySQL database access to user machines. MySQL database logins allow for logins from any host, so you won't have a problem there. If you need to get access to your MySQL database and the firewall hasn't been opened up for some reason, you should be able to use an SSH tunnel to solve your connectivity woes. This can be a bit of a hassle to setup every time you need it, so for the longer term you might like to talk to us about opening up the firewall for you.

Bear in mind that if we open up the MySQL database port for your host, and you connect to it, then your connection credentials will be sent in-the-clear over the wire. Of course, if the CIA is really tapping your line, then you have problems that point-to-point encryption doesn't solve. And if they're not, then not only is that good for you, but you don't have to worry about the fact that someone might be stealing your precious data.

Seriously though, don't use ProgClub facilities to store sensitive information. Other users who are clever can probably get at your database, and administrators definitely can. And at ProgClub we let pretty much anyone be an administrator -- so that might be a bit of a problem for you.

If you would like the firewall opened up, please get in contact with us. You will need to tell us what IP address you need the firewall opened for.