[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-security] Should I be worried?

Subject: RE: [cobalt-security] Should I be worried?
From: "Drage, Nicholas" <nickd@xxxxxxxxx>
Date: Thu, 28 Jun 2001 10:39:21 +0100
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

> > > block their networks... either at the router, ipchains or 
> > > hosts.deny (although the last one won't protect against dns, ssh, http

> > > and everything outside inetd.conf...)
> > 
> > Not quite true IIRC, OpenSSH as built by Cobalt does support use of
> > tcp-wrappers, which is very useful and so worth noting.

<snip>

> I meant the defaults... 

Fair enough, and a good point.

> the general idea was that it doesn't entirely block everything (and
> from all the list, ssh has the least chance to be a problem, i think)

I should agree, but that has a "famous last words" ring about it :)

-- 
Nick Drage - Security Architecture - Demon Internet - Thus PLC
"A chieftain who asks the wrong questions always
 hears the wrong answers"
Leadership Secrets of Attila the Hun

Follow-Ups:
- [cobalt-security] Port scan activity site
  - From: MikeM

Prev by Date: RE: [cobalt-security] crow is tasty.
Next by Date: [cobalt-security] Port scan activity site
Previous by thread: RE: [cobalt-security] Should I be worried?
Next by thread: [cobalt-security] Port scan activity site

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index