Hi there! One of my clients, an MSP, has developed a "Proposal Creator" software using Claude AI, and they want to deploy it on a file server. Before we go ahead with that, I'm wondering if anyone here has any tips on how to effectively test this software, or if it's even worth the effort. The AI provided a quick five-minute setup guide for our IT team, which includes making a DNS A record, so the software can be accessed via the web. I'd appreciate any insights or advice! Thanks!
5 Answers
First things first, make sure the firewall is disabled for easier connectivity—just don’t let IT get too carried away with their controls! Also, make sure the necessary ports are already open; you really only need to set up that DNS record. And don't forget to disable Windows updates during the installation if you're using any Microsoft servers!
Can’t have stupid IT always trying to slow down their genius!
Honestly, if this is going to be reached via the web from an internal file server, that setup is just not going to work. Are you sure you're handling this as a sysadmin would? Remember to think about how applications interact with servers!
I mean, is this software even signed? I doubt it. If it's running on Linux, you're in luck since it doesn't typically use signed binaries. But look into security modules like AppArmor or SELinux for better security if that’s the case.
Thankfully, Linux doesn't normally use signed binaries.
Make sure you're following proper procedures! Get written approval from your superiors for any asks related to this software, especially since things could go sideways. Clear responsibilities are key, so ensure you have that covered!
Depending on your position/level, you're not the one who gets to make policy.
Who’s responsible for regular vulnerability testing on this software? And how will you patch it once it's deployed? You definitely need security measures in place; don't just trust the AI for setup instructions!
It'll obviously do that itself. No reason not to trust it implicitly, right?
There’s a guy on YouTube using Openclaw who understands the risk and only runs the automations on Tailscale instances.
Only need to create a DNS record, ports must already be open.