Firewall Wizards mailing list archives
Re: [FW1] OT - How risky is it?
From: H D Moore <hdm () secureaustin com>
Date: Sun, 21 May 2000 15:00:34 -0500
Ivan Fox wrote: There are NT-based ftp, http and https servers running in the DMZ behind a FW-1 firewall. In other words, ports 21, 80, 443 are opened on the firewall to allow incoming traffic. Can competitors/intruders hijacked sessions, hack data, ip spoofing, etc. on these servers?
Microsoft FTP service is fairly instable and has had more than a few bugs in the past, restricting access to anonymous only or a specific FTP root directory and keeping atop of updates/patches should minimize your risk. IIS is crap. You are more likely to be hacked through some misconfiguration or vulnerability in IIS (443 & 80) than anything else. -HD www.secureaustin.com
Current thread:
- Re: [FW1] OT - How risky is it? H D Moore (May 21)