Re: Why not NT?

Sun, 20 Jun 1999 18:24:24 -0700 

Of course good security measures don't stop with putting up a firewall. If
the admin is responsible enough, certain steps would be performed on the
webserver (as well as with any type of public server) to insure that these
types of attacks are not possible.

For webservers, start with "The World Wide Web Security FAQ" at
http://www.w3.org/Security

Best Regards, Donald Kelloway
http://www.commodon.com

-----Original Message-----
From: Adam Shostack <[EMAIL PROTECTED]>
To: Don Kelloway <[EMAIL PROTECTED]>
Cc: [EMAIL PROTECTED] <[EMAIL PROTECTED]>; Peter da Silva
<[EMAIL PROTECTED]>
Date: Sunday, June 20, 1999 5:52 PM
Subject: Re: Why not NT?


>Yeah, GET /cgi-bin/phf?q=;cat%20/etc/passwd is harmless.  So is GET
>/isadmin/passwd.htr?...
>
>
>Adam
>
>
>On Sun, Jun 20, 1999 at 04:26:07PM -0400, Don Kelloway wrote:
>| If the firewall *only* allows the GET command through, there shouldn't be
>| anything to worry about. Right?
>|
>| Best Regards, Donald Kelloway
>| http://www.commodon.com
>|
>| -----Original Message-----
>| From: Peter da Silva <[EMAIL PROTECTED]>
>| Newsgroups: mail.firewalls
>| To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
>| Date: Sunday, June 20, 1999 4:15 PM
>| Subject: Re: Why not NT?
>|
>|
>| >In article <004801bebb2a$5a1811e0$[EMAIL PROTECTED]>,
>| >Don Kelloway <[EMAIL PROTECTED]> wrote:
>| >>>Where goes your web server, mail server, etc.? In front or behind the
>| >>>firewall?
>| >
>| >>Behind the firewall, preferably on the DMZ...
>| >
>| >I would tie the web server down just as tightly as the firewall, and put
>| >it outside, if I didn't have a DMZ. HTTP is the most likely source of
>| attacks
>| >so the firewall won't help protect it that much, and if it's broken you
>| >definitely don't want it to be on your internal network.
>| >
>| >--
>| >In hoc signo hack, Peter da Silva <[EMAIL PROTECTED]>
>| > `-_-'   Ar rug t� barr�g ar do mhact�re inniu?
>| >  'U`    "Be vewy vewy quiet...I'm hunting Jedi." -- Darth Fudd
>| >
>| >-
>| >[To unsubscribe, send mail to [EMAIL PROTECTED] with
>| >"unsubscribe firewalls" in the body of the message.]
>| >
>|
>| -
>| [To unsubscribe, send mail to [EMAIL PROTECTED] with
>| "unsubscribe firewalls" in the body of the message.]
>
>--
>"It is seldom that liberty of any kind is lost all at once."
>                -Hume
>
>
>

-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]

Reply via email to