Firewall Wizards mailing list archives
Re: Code Red: What security specialist don't mention in warnings
From: "R. DuFresne" <dufresne () sysinfo com>
Date: Thu, 2 Aug 2001 16:13:33 -0400 (EDT)
And of course, one should not forget proper host hardening, which seems to be so seldom done as everyone seems to think they might be missing out on something if they do not keep each and every service installed running, nt matter how many exploits on it might have been produced for how many versions in the past year or three. As Frank stated, it's all in the layering of the defenses. Thanks, Ron DuFresne On Thu, 2 Aug 2001, Vladimir Parkhaev wrote:
You are absolutely correct. I'd like to point out that 'proper firewalling' should include blocking (and sending alerts) any outgoing http, ftp and tftp traffic from web servers. Let unlucky Win Admins know that they have been hacked :) _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ admin & senior consultant: darkstar.sysinfo.com http://darkstar.sysinfo.com "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart testing, only testing, and damn good at it too! _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Code Red: What security specialist don't mention in warnings Frank Knobbe (Aug 02)
- Re: Code Red: What security specialist don't mention in warnings Vladimir Parkhaev (Aug 02)
- Re: Code Red: What security specialist don't mention in warnings R. DuFresne (Aug 04)
- <Possible follow-ups>
- RE: Code Red: What security specialist don't mention in warnings mark . wiater (Aug 04)
- Re: Code Red: What security specialist don't mention in warnings Nate Campi (Aug 05)
- RE: Code Red: What security specialist don't mention in warnings David Lang (Aug 05)
- Re: Code Red: What security specialist don't mention in warnings Vladimir Parkhaev (Aug 02)