On Wed, Feb 13, 2002 at 10:05:15AM -0600, Brian wrote: > On Wed, 13 Feb 2002, Jason Lohrenz wrote: > Something I would suggest is what my ISP does.. keep the accounting > info on a worksation tucked away on the corner with NO network access. > Once a month, download the radius/xfer log data to a floppy and > sneakernet it to the accounting machine. That way even in a complete > server comprimise, customer data is locked away tightly. Then write > import scripts into your favorite accounting package to sort the data > and bill appropriately. Very good advice. A little draconic, but good advice none-the-less. I wouldn't be too jumpy about keeping the usage accounting statistics on net-accessible machines, as long as the data is redundantly spread across a couple machines (at least), and as long as you've secured down the box as much as possible. (i.e. Only run the software you need to complete the task at hand, do your development on another box. Shut off all services except those that are absolutely needed. etc.) Personal information, such as Names, credit card numbers, account numbers, financial information, etc, should certainly be kept on a private network, not accessible via the net or as Brian put, not connected at all. Again, only install the software that is necessary to complete said task. Make sure your printer is local. -- Chad Walstrom <chewie at wookimus.net> | a.k.a. ^chewie http://www.wookimus.net/ | s.k.a. gunnarr Get my public key, ICQ#, etc. $(mailx -s 'get info' chewie at wookimus.net) -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available Url : http://shadowknight.real-time.com/pipermail/tclug-list/attachments/20020213/5fed12b1/attachment.pgp