[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-security] Portsentry, ipchains and pmfirewall
- Subject: RE: [cobalt-security] Portsentry, ipchains and pmfirewall
- From: "Jim Carey" <ozbcoz@xxxxxxxxxxxxxxxx>
- Date: Thu, 24 Jan 2002 07:09:46 +1100
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
> >Ooooh yeah <double-sigh>. Webmin is a nice example (and ripe
> target) >for
> >the dangers of falling prey to an UDP attack. As much as I
> love(d) >Webmin,
> >it's a dire security risk these days.
>
> Michael,
>
> I removed WebMin for this reason. However, it seems like it'd be an
> excellent backup should SSH ever fail or be unavailable for
> whatever reason.
> How could you go about (safely) creating a HTML page, accessable via SSL,
> that once you supplied the proper credentials, could fire up the WebMin
> application? Effectively, allowing one to trigger the process at
> will? Your
> thoughts?
>
> Brandon
Dont understand - why is Webmin considered to be unsafe. I run it under Net::SSLeay - and login via https://domain:10000 - is that an insecure access - thought that gave me encrypted passwords etc - or am I missing something ??
cheers
Jim Carey
www.OZbcoz.com discount domain registration
www.iluvoz.com affordable hosting services> http://list.cobalt.com/mailman/listinfo/cobalt-security