Re: Feedback solicited - best way to harden a mail/web server?

From: Alan Frame (alan.frame@acm.org)
Date: 12/29/02

Next message: Alan Frame: "Re: linux router/firewall"
Previous message: Alan Frame: "Re: Feedback solicited - best way to harden a mail/web server?"
In reply to: Jared: "Re: Feedback solicited - best way to harden a mail/web server?"
Next in thread: Jared: "Re: Feedback solicited - best way to harden a mail/web server?"
Reply: Jared: "Re: Feedback solicited - best way to harden a mail/web server?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: alan.frame@acm.org (Alan Frame)
Date: Sun, 29 Dec 2002 11:20:26 +0000

Jared <jared@hwai.com> wrote:
[]
> Not sure what you mean by the first sentence. The firewall has to
> route, has to run bind and iptables at least; but that is true of my
> current fw/gty machine, which some script kiddie managed to get a
> trojan on anyway.

Betcha the firewall doesn't have to run BIND listening on the *outside*
interface/IP address.

rgds, Alan

-- 
99 Ducati 748BP, 95 Ducati 600SS, 81 Guzzi Monza, 74 MV Agusta 350
"Ride to Work, Work to Ride" SI# 7.067 DoD#1930 PGP Key 0xBDED56C5

Next message: Alan Frame: "Re: linux router/firewall"
Previous message: Alan Frame: "Re: Feedback solicited - best way to harden a mail/web server?"
In reply to: Jared: "Re: Feedback solicited - best way to harden a mail/web server?"
Next in thread: Jared: "Re: Feedback solicited - best way to harden a mail/web server?"
Reply: Jared: "Re: Feedback solicited - best way to harden a mail/web server?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

RE: pushing exploits through the Firewall
... BIND, some vuln in recursion I think...anyway go Google. ... Subject: AW: pushing exploits through the Firewall ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Up to 75% of cyber attacks are launched on shopping ...
(Pen-Test)
Re: Bind and Postfix
... from other systems to your smtp or b) postfix bind on 127.0.0.1 only. ... There is no firewall running. ... Any way to test if your mail server software only bind to 127.0.0.1? ...
(comp.os.linux.networking)
Re: Blocking undesirable domains using BIND
... I'm currently setting up a new firewall for my home network using ... The firewall will also act as our local name server ... to have a separate BIND config file which is included in the main one. ...
(freebsd-questions)
RE: Make popa3d listen on specific interface
... > However, you can't bind to an interface that easily, ... depending on the firewall for the real security. ... anyone wanting to crack into the pop server on this machine ...
(freebsd-questions)
Re: Netzwerklaufwerke nicht erreichbar: Konfigurationseinstellungen konnten vom DC..
... Wobei mir der Sicherheitsgewinn bei einem Bind mit dynamischer ... Was macht ein Bind 8 auf einer Firewall? ... dynamischer Änderung einsetzen. ...
(microsoft.public.de.german.win2000.networking)