Re: 99.9 % of Software/Hardware Firewalls DO-NOT.....
From: Lars M. Hansen (badnews@hansenonline.net)Date: 01/01/02
- Next message: Lars M. Hansen: "Re: PORTS necessary for surfing?"
- Previous message: Daniel Smith: "SMC Wireless (7004AWBR) vs. Sonicwall?"
- In reply to: Patrick Farrell: "Re: 99.9 % of Software/Hardware Firewalls DO-NOT....."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Lars M. Hansen <badnews@hansenonline.net> Date: Tue, 01 Jan 2002 02:19:41 GMT
On Mon, 31 Dec 2001 19:21:10 -0600, Patrick Farrell spoketh
>Ric Griffy wrote:
>>
>> I, for one do not have any internal dns servers. The reason? It is an easy
>> security hole. Our DMZ uses only our ISP's dns servers. Our firewalls will
>> only allow OUTGOING to those specific dns servers.
>> Yes, the dangers of dns have been obvious to me for a long time. Until a
>> better method is developed, I will continue to let this be handled by our
>> ISP.
>> Thank you,
>> Ric Griffy
>
>Would you care to illustrate what you perceive to be the dangers?
Linux/Un*x DNS servers have had numerous exploits giving hackers ways to
gain root access to these servers...
Lars M. Hansen
http://www.hansenonline.net
(replace 'badnews' with 'lars' in e-mail address)
- Next message: Lars M. Hansen: "Re: PORTS necessary for surfing?"
- Previous message: Daniel Smith: "SMC Wireless (7004AWBR) vs. Sonicwall?"
- In reply to: Patrick Farrell: "Re: 99.9 % of Software/Hardware Firewalls DO-NOT....."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
