Is there an established way to classify network services by risk level?
I noticed that I seem to think of network services in three categories wrt the risk of exposing one to the internet (or a hostile network):
"Low risk" services are extensively hardened. If a bad guy gets access to one, nothing h…