[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-security] Portsentry, ipchains and pmfirewall

Subject: RE: [cobalt-security] Portsentry, ipchains and pmfirewall
From: "Jim Carey" <ozbcoz@xxxxxxxxxxxxxxxx>
Date: Thu, 24 Jan 2002 07:09:46 +1100
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

> >Ooooh yeah <double-sigh>. Webmin is a nice example (and ripe 
> target) >for 
> >the dangers of falling prey to an UDP attack. As much as I 
> love(d) >Webmin, 
> >it's a dire security risk these days.
> 
> Michael,
> 
> I removed WebMin for this reason. However, it seems like it'd be an 
> excellent backup should SSH ever fail or be unavailable for 
> whatever reason. 
> How could you go about (safely) creating a HTML page, accessable via SSL, 
> that once you supplied the proper credentials, could fire up the WebMin 
> application? Effectively, allowing one to trigger the process at 
> will? Your 
> thoughts?
> 
> Brandon

Dont understand - why is Webmin considered to be unsafe. I run it under Net::SSLeay - and login via https://domain:10000  - is that an insecure access - thought that gave me encrypted passwords etc - or am I missing something ??

cheers

Jim Carey
www.OZbcoz.com discount domain registration
www.iluvoz.com affordable hosting services> http://list.cobalt.com/mailman/listinfo/cobalt-security

Follow-Ups:
- Re: [cobalt-security] Portsentry, ipchains and pmfirewall
  - From: Michael Stauber

References:
- Re: [cobalt-security] Portsentry, ipchains and pmfirewall
  - From: _ cbtrussell _

Prev by Date: Re: [cobalt-security] Portsentry, ipchains and pmfirewall
Next by Date: [cobalt-security] ns in.proftpd[17902]: warning: /etc/hosts.deny
Previous by thread: Re: [cobalt-security] Portsentry, ipchains and pmfirewall
Next by thread: Re: [cobalt-security] Portsentry, ipchains and pmfirewall

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index