Re: Smoothwall website hacked

From: stephane nasdrovisky (stephane.nasdrovisky_at_uniway.be)
Date: 11/24/04


Date: Wed, 24 Nov 2004 18:17:09 +0100


>> Mike <honey@michaelmoyse.co.uk> writes:
>>> Missed point alert!
>>>
>>> compromised due to a security hole in the PHP web forum code. I fail to see how any firewall
>>
>> The phrase you're looking for is `application firewall'.
>>
> point me in the direction that can protect against unkown exploits in PHP
> code/applications or sloppy coding in the same.
>
www.bee-ware.net 's intelliwall, www.ubizen.be 's dmz-shield,
www.checkpoint.com 's vpn-1 (with application intelligence /
smartdefense), www.symantec.com 's sef, apache config (security is not a
product or a sum of products, it's more a process), marcus ranum's best
firewall
(www.ranum.com/security/computer_security/papers/a1-firewall/index.html)