[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-security] Should I be worried?

Subject: RE: [cobalt-security] Should I be worried?
From: shimi <shimi@xxxxxxxxxxxxxxxx>
Date: Wed, 27 Jun 2001 06:31:56 -0700 (PDT)
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

On Wed, 27 Jun 2001, Drage, Nicholas wrote:

> > > We also get heavily probed by Wanadoo is there nothing we 
> > > can do about it?
> > 
> > block their networks... either at the router, ipchains or hosts.deny
> > (although the last one won't protect against dns, ssh, http 
> > and everything outside inetd.conf...)
> 
> Not quite true IIRC, OpenSSH as built by Cobalt does support use of
> tcp-wrappers, which is very useful and so worth noting.
> 
> ( can't speak for RaQ4's, users are urged to test limiting SSH access by
> using tcpdcheck or a very open ruleset before they lock themselves out of
> their RaQs, I am not speaking on behalf of my employer, accept no liability,
> and so on )
> 
> -- 
> Nick Drage - Security Architecture - Demon Internet - Thus PLC
> "A chieftain who asks the wrong questions always
>  hears the wrong answers"
> Leadership Secrets of Attila the Hun

I meant the defaults... the general idea was that it doesn't entirely
block everything (and from all the list, ssh has the least chance to be a
problem, i think)

- shimi.

References:
- RE: [cobalt-security] Should I be worried?
  - From: Drage, Nicholas

Prev by Date: RE: [cobalt-security] Should I be worried?
Next by Date: [cobalt-security] crow is tasty.
Previous by thread: RE: [cobalt-security] Should I be worried?
Next by thread: RE: [cobalt-security] Should I be worried?

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index