VanLUG Email Archive
Traduisez - Übersetzen - Traduzca - Traduza - Tradurre - Translate
Andrew Daviel (andrew@andrew.triumf.ca)
Fri, 19 Jan 2001 23:53:03 -0800 (PST)
On Thu, 18 Jan 2001, Rob Bos wrote:
> Of course, a large quantity of potential security holes can be stopped simply
> by running a firewall.
When everyone encrypts everything, and everything is Web-enabled, and
everyone has gone to switched networks instead of shared segment, all
attacks will go right through the firewall on port 443 and external
intrusion detection systems will be useless. Ditto for email. (actually, I
recall somewhere a port monitor that can read https traffic if given the
server keys)
> *wince* again. More accurately, it attacks the wu-ftpd and rpc.statd
> combination, and those are not necessarily Red Hat. Disabling either or both
> of those services should workaround it. proftpd is a good FTP server, I think.
Well, the scripts include "start62.sh" which targets ftpd and "start70.sh"
which targets LPRng. So, I'd say it is targeting unpatched RedHat distros.
If you buy a CD in a shrinkwrap box, rather than downloading it off the
Net, do the standard install, and set it up as e.g. a print server without
getting involved with the Linux community, you might easily fall into the
trap of running a "new" yet vulnerable system. LPRng was patched in
October, I think.
Andrew
-- This message came to you via the Vancouver Linux Users Group mailing list. For unsubscription instructions do not email the list, but rather send mail to <vanlug-request@gweep.bc.ca>.
This archive was generated by hypermail 2.0b3 on Tue 03 Jul 2001 - 18:31:59