Web Hosting Talk : Web Hosting Main Forums : Hosting Software and Control Panels : HELM : Feedback needed on security concerns

[nipl]

I need feedback from hosts that are using HELM regarding some security concerns I have. I don't need biased feedback from HELM resellers/partners, but a response from owners/developers would be good.

I installed HELM on a server for a client and after it didn't work, a ticket was raised and we were informed about these 2 requirements...

1] Remote Registry service
2] File sharing

On a Windows server, both these services are security risks. What do HELM server owners feel about this ?

I'm no expert of Windows internals but couldn't HELM have used SOAP instead of these 2 services...isn't use of SOAP for system level remote calls a safer approach ?

[Ole Kristian]

If you have a firewall in front of the server/s it's no problem. However, many dedicated server suppliers has just one firewall in front of the whole farm. Then you might have a problem with bad people renting servers in the same location. Anyway, you should use secure passwords, lock down your server as much as possible and keep your server up to date with the latest patches. I also think that IPSEC could be configured to ease this problem. As with any other public systems, proper security configuration is important .

I think WHA is going to make a more secure form of communication between servers. That will enable easier communication to servers in other locations. I am not that familiar with SOAP, but I think that would be one standard that could be used.

- Ole Kristian