Try to find out exactly which ports are needed, allowing all IP is dangerous. In terms of what the vendor said about only that box being affected- the hacker can gain control of that box and possibly have his way with your network from there or use you to spread his treachery. Key is to find out exaclty what is needed and allow nothing else to even reach the box.
Jeff >From: "Brown, M" >Reply-To: "Brown, M" >To: [EMAIL PROTECTED] >Subject: Security advice - opening ports other than 80 and 443 in the >[7:42333] >Date: Tue, 23 Apr 2002 11:59:48 -0400 > >Certain application requires port other than 80 or 443 opened in the >firewall for inbound and outbound traffic. The firewall was configured to >allow traffic to that specific server ip address. > >The software vendor argues "that the worst scenario could be that hackers >could bring the server down. No other significant would be possible. " > > Is that true ? > >How risky is that to my network ? I would like to secure that connection >using CA from the company and IPSec. The software vendor argues that is not >necessary. _________________________________________________________________ Chat with friends online, try MSN Messenger: http://messenger.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=42336&t=42336 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
