undefined | Better HN

0 pointsvegardx11y ago0 comments

I was just using MySQL as a hypothetical example, as they listen on all interfaces by default with packages supplied by Oracle. Next time you're on a tech conference, do a scan on the local network.

My point was that by his standard he would just let it listen on all interfaces because in his own word, nobody would find it. Which sounds very naive.

0 comments

ay11y ago

Okay then I think we were in violent agreement.

I was arguing the whole "listen on all interfaces by default" is wrong - if one needs to expose the app, they should do so explicitly, and you did the same.

j / k navigate · click thread line to collapse

0 pointsvegardx11y ago0 comments

I was just using MySQL as a hypothetical example, as they listen on all interfaces by default with packages supplied by Oracle. Next time you're on a tech conference, do a scan on the local network.

My point was that by his standard he would just let it listen on all interfaces because in his own word, nobody would find it. Which sounds very naive.

0 comments

ay11y ago

Okay then I think we were in violent agreement.

I was arguing the whole "listen on all interfaces by default" is wrong - if one needs to expose the app, they should do so explicitly, and you did the same.

j / k navigate · click thread line to collapse