[fw-wiz] webtrends, serving publically:
From: R. DuFresne (dufresne_at_sysinfo.com)
To: "'email@example.com'" <firstname.lastname@example.org> Date: Mon, 23 Jun 2003 14:34:13 -0400 (EDT)
netIQ has a web analysis product, webtrends, which is also known as their
e-business reporting center. I'm sure some on the list have seen.used/and
evaluated the product. Large applications like this worry me, when they
are exposed to the websurfing public, or the public at large. We are
evaluating such a possible placement of the system hosting the service.
The bugtraq archives list two older, 1999 and 2001, if I recall
corrrectly, issues with the product in an exposed or 'open' environment.
We'd be using a newer version of the product, so the particular issues
documented at bugtraq should not be our worry. But, do others have the
same misgivings about exposing such a system to public pounding?
Has anyone used such a system in an exposed environment, successfully,
meaning that the system has remained unhacked/cracked and secure for a
decent period of time, or have others that use|ed the product used it only
in a protected environment?
-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ admin & senior security consultant: sysinfo.com http://sysinfo.com "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart testing, only testing, and damn good at it too! _______________________________________________ firewall-wizards mailing list email@example.com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards