Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Code Red: What security specialist don't mention in warnings

From: "R. DuFresne" <dufresne () sysinfo com>
Date: Thu, 2 Aug 2001 16:13:33 -0400 (EDT)

And of course, one should not forget proper host hardening, which seems to
be so seldom done as everyone seems to think they might be missing out on
something if they do not keep each and every service installed running, nt
matter how many exploits on it might have been produced for how many
versions in the past year or three.  As Frank stated, it's all in the
layering of the defenses.

Thanks,

Ron DuFresne

On Thu, 2 Aug 2001, Vladimir Parkhaev wrote:



You are absolutely correct. I'd like to point out that 'proper firewalling' 
should include blocking (and sending alerts) any outgoing http, ftp and 
tftp traffic from web servers. Let unlucky Win Admins know that they 
have been hacked :) 
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards



-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior consultant:  darkstar.sysinfo.com
                  http://darkstar.sysinfo.com

"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart

testing, only testing, and damn good at it too!

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: