On Friday 24 February 2006 09:20, Juergen Fiedler wrote: >On Thu, Feb 23, 2006 at 08:36:03PM -0500, Gene Heskett wrote: >> On Thursday 23 February 2006 16:46, Sergio Cu?llar Vald?s wrote: >> >> There is Snort, but I don't know whether it will do all you ask. >> > >> >Remote network security auditor != Flexible Network Intrusion >> > Detection System >> >> Agreed. Portsentry and tcpwrappers, along with iptables, has kept >> me safe and invisible for the last 4 years, hooked to a dsl >> 24/7/365. > >My problem is that I do expose certain services (SMTP, IMAP, HTTP, >etc.) to the outside world and would like to make sure that I am doing >that as safely as possible - which more often than not means that not >only the firewall rules but also the application configuration has to >be adjusted. >For example, Nessus made me aware that my default Apache installation >served up an index of /usr/share/doc, making the versions of all >software I have installed on my system known to everyone who cared to >look - not something that I necessarily need.
Well, in my case since I'm a slave to vz, thats not a worry as vz blocks port 80 to ensure no one runs their own web servers at home. fscking jerks. > --j -- Cheers, Gene People having trouble with vz bouncing email to me should add the word 'online' between the 'verizon', and the dot which bypasses vz's stupid bounce rules. I do use spamassassin too. :-) Yahoo.com and AOL/TW attorneys please note, additions to the above message by Gene Heskett are: Copyright 2006 by Maurice Eugene Heskett, all rights reserved. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]