Firewall Wizards mailing list archives
Re: Protecting publicly reacheable servers (e.g. HTTP)?
From: Frederick M Avolio <fred () avolio com>
Date: Sat, 24 Nov 2001 08:11:49 -0500
At 02:28 PM 11/22/01 +0100, Patrick M. Hausen wrote:
My reasoning has always been that - given the state of firewall products today - a static packet filter that blocks all but port 80 would be the most appropriate solution to offer some sort of protection to the server machine.
I agree, plus disable all services running on the webserver except for httpd. Fred _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Protecting publicly reacheable servers (e.g. HTTP)? Patrick M. Hausen (Nov 23)
- Re: Protecting publicly reacheable servers (e.g. HTTP)? ark (Nov 25)
- Re: Protecting publicly reacheable servers (e.g. HTTP)? Emmanuel Adeline (Nov 25)
- Re: Protecting publicly reacheable servers (e.g. HTTP)? Marcus J. Ranum (Nov 25)
- Re: Protecting publicly reacheable servers (e.g. HTTP)? Adam Shostack (Nov 26)
- Re: Protecting publicly reacheable servers (e.g. HTTP)? Stephen P. Berry (Nov 27)
- Re: Protecting publicly reacheable servers (e.g. HTTP)? ark (Nov 25)
- Re: Protecting publicly reacheable servers (e.g. HTTP)? Predrag Zivic (Nov 25)
- Re: Protecting publicly reacheable servers (e.g. HTTP)? Frederick M Avolio (Nov 25)
- RE: Protecting publicly reacheable servers (e.g. HTTP)? Jason Lewis (Nov 27)
- <Possible follow-ups>
- Re: Protecting publicly reacheable servers (e.g. HTTP)? Steven M. Bellovin (Nov 25)
- Re: Protecting publicly reacheable servers (e.g. HTTP)? Yehavi Bourvine +972-2-6585684 (Nov 25)
- Re: Protecting publicly reacheable servers (e.g. HTTP)? Stephane Nasdrovisky (Nov 25)
- Re: Protecting publicly reacheable servers (e.g. HTTP)? ark (Nov 26)
- Re: Protecting publicly reacheable servers (e.g. HTTP)? TDyson (Nov 26)
- Re: Protecting publicly reacheable servers (e.g. HTTP)? Steven M. Bellovin (Nov 26)