Re: ColdFusion Security Tool

[Harry Hoffman <00000033be3f81d5-dmarc-request () LISTSERV EDUCAUSE EDU>]

I don’t mean this in a cheeky way, but the only guidance around Cold Fusion
should be to find something different.

There have been so many areas of compromise around Cold Fusion that the
risk/reward evaluation is almost always 100%/0%

If they do decide to use it anyway make sure it’s on a stand-alone system
that isn’t tied into something like AD or LDAP. And firewall it off from
any systems that you deem valuable.

Cheers,
Harry

On Fri, Jan 31, 2020 at 4:14 PM Matt Hall <matthew.hall () chemeketa edu>
wrote:

> We are curious if anyone uses or has used Fixinator (or a similar
> product)?   https://fixinator.app/
>
> We are looking for a tool to help guide a group of employees that want to
> use ColdFusion.
>
> *Matthew Hall*
> Information Security Analyst
> *Chemeketa Community College*
> *Phone*: (503) 584-7586
> *Email:* Matthew.Hall () chemeketa edu
>
> **********
> Replies to EDUCAUSE Community Group emails are sent to the entire
> community list. If you want to reply only to the person who sent the
> message, copy and paste their email address and forward the email reply.
> Additional participation and subscription information can be found at
> https://www.educause.edu/community

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community