Short answer, how secure RDS is or isn't is really not the issue. What is more important is that security fundamentals demand that you don't run anything not completely necessary on production boxes. Your HTTP server is necessary, remote access services (be it RDS or FTP or ...) are generally not necessary and therefore should not be running. Now on a development box, sure, go ahead, but on production boxes, nope, don't.
--- Ben -----Original Message----- From: Bryan Stevenson [mailto:[email protected]] Sent: Sunday, February 27, 2011 2:07 PM To: cf-talk Subject: How secure is RDS let's try that again... ;-) Hi All, Way back in the day I was told RDS was horribly insecure and I wrote it off and never looked back. Well now I'm into Flex and it uses RDS in order to use CF data services (or I can use webservices). So how safe is having RDS enabled? Any good tutorials on setting it up right? I have done some searching, but there is a lot of noise given the long life of CF and the huge volume of old articles talking about RDS being insecure ;-) TIA Cheers -- Bryan Stevenson B.Comm. VP & Director of E-Commerce Development Electric Edge Systems Group Inc. phone: 250.480.0642 fax: 250.480.1264 cell: 250.920.8830 e-mail: [email protected] web: www.electricedgesystems.com Notice: This message, including any attachments, is confidential and may contain information that is privileged or exempt from disclosure. It is intended only for the person to whom it is addressed unless expressly authorized otherwise by the sender. If you are not an authorized recipient, please notify the sender immediately and permanently destroy all copies of this message and attachments. Please consider the environment before printing this e-mail ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:342609 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
