RE: NT/2000 vs Unix based Web Servers
From: Steve Bremer (steveb@nebcoinc.com)Date: 07/15/02
- Previous message: Tom Stowell: "Re: FW: Tracing physical machines on DHCP networks"
- In reply to: zcat@themall.co.nz: "RE: NT/2000 vs Unix based Web Servers"
- Next in thread: Garcia, Nicholas A: "RE: NT/2000 vs Unix based Web Servers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Steve Bremer" <steveb@nebcoinc.com> To: <zcat@themall.co.nz> Date: Mon, 15 Jul 2002 07:58:56 -0500
> If your firewall doesn't allow outbound http requests they can't fetch
> the backdoor program. If you don't allow inbound connections on any
> port other than 80, they they can't get to a shell even if they did
> install and run their backdoor program. The same script flaw is still
> there, but behind a strict firewall it's almost impossible to do
> anything with it.
This is a very good point and highlights why egress filtering is just as
important and ingress.
Steve Bremer
NEBCO, Inc.
- Previous message: Tom Stowell: "Re: FW: Tracing physical machines on DHCP networks"
- In reply to: zcat@themall.co.nz: "RE: NT/2000 vs Unix based Web Servers"
- Next in thread: Garcia, Nicholas A: "RE: NT/2000 vs Unix based Web Servers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
