Re: Notes Domino Server Platform for e-commerce?

[andrej () KTU EDU (andrej () KTU EDU)]

        Hi,

    Generally any system are potentially vulnerable,
many thing depends on administrator, who take care
on the system. If administrator have very little or no
experience with system and system securing, the server
WILL be vulnerable. Anyway, for good results, You must
have really good knowledge about system and this system
support, securing, etc.

   Sincerely,

--Andrejus Stavickis (MCP, MCP+I, MCSE, MCSD, MCDBA)
KTU SC UESM
Studentu 48a-203
Kaunas, 3028
LITHUANIA
phone: +370 7 300633
Cellular phone: +370 87 15664
fax: +370 7 352995
ICQ: 2402709

> -----Original Message-----
> From: Baasner, Frank [mailto: 
> Sent: Monday, February 07, 2000 3:24 PM
> To: VULN-DEV () SECURITYFOCUS COM
> Subject: Notes Domino Server Platform for e-commerce?
>
>
> Hi there,
>
> some folks in my company would like to install an e-commerce
> web-server based on Lotus Domino 5.0. Does anybody have concerns
> about the vulnerability of Notes/Domino regarding this purpose?
>
> I have heart that it should be possible for *bad* people to get
> the admin password out of a notes database through a web inter-
> face. Is there anybody who can confirm this? If so, is there
> anybody who knows whether I can suppress this kind of hacking
> with a firewall?
>
> Any kind of suggestions expected to be helpful!
>
> Frank Baasner
> Aral Germany
>
>
> (originally I sent this message to the bugtraq list but got the
>  reply fomr Elias Levy, <owner-bugtraq () securityfocus com>:
>  "This type of messages should be sent to vuln-dev at
>   vuln-dev () securityfocus com." Here I am.)