Firewall Wizards mailing list archives
Re: Re: Code Red: What security specialist don't mention in warnings (Frank Knobbe)
From: "Dustin D. Trammell" <dtrammell () cautech com>
Date: Thu, 2 Aug 2001 14:45:03 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: MD5 Thursday, August 02, 2001, 11:23:11 AM, Joseph Steinberg wrote: JS> Depends on the application and the location of the web server -- JS> it may need to access content from the internet... That would be an exception to the previous suggestions as far as firewalling goes. (: If the outbound access can be done through a proxy, you could redirect this through an existing internal proxy and thus not be required to make any network policy changes, but of course that would not work well with any type of connections or data retrieval that could not be performed via proxy server. JS> Also, what if your web server needs to send outbound email (confirmation JS> messages, etc.)... With this, I usually forward all e-mail to the network's internal smtp gateway, who has proper access to send outbound mail to the Internet. Works well since there's minimal configuration on the webserver, and no additional configurations to my network policies. I rarely run into networks that do not have a designated internal smtp gateway or proxy of some form. JS> BTW: The generic Code Red worm may just deface and connect outward, but the JS> same vulnerability could have been exploited to steal the information on the JS> web server, or turn it into a host for a staged attack against other JS> DMZ/internal machines. As the vulnerability is at the application-level, a JS> firewall will not likely mitigate against this. And that's where diligent administration and security patches come in. What a tangled web we weave... - --- Dustin D. Trammell Information Security Analyst CAU Technologies, Inc. 214.392.7903 - http://www.cautech.com -----BEGIN PGP SIGNATURE----- Version: 2.6 iQEVAwUAO2mtw/+CyKiIr8NJAQG9Igf9GRxBqgTxmpR43TmRyez4iMoqEFW30tZX IRQBZCJiqlhl4PDX5m7pv8cKjw2lb9OYadBRWoE/JNp83CwzxrFy8tQvhe1FJdV1 htEjugLa/U2XHAuL3QNBkLMJszTMesn73g0EeaPubA9ZLmVBJ+4x5rMonW07g/hW T82pMyLvJ4M3PEoJ7P4/5n2XMpVddL5XquxxDGYqaotuCi54vRiSi2bNE0AfsZTD /H10Ed0mqJXQZui9a7ZBVhINANkMY3FliYNaXHQKt53h+m9vgZHJEYFzqDdiaHjc b0GFAwspPEzrPJg9x3I8tCZLgHotZ2HtBP+Fx5JpratS9Q2CUc+msA== =Dv3a -----END PGP SIGNATURE----- _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Code Red: What security specialist don't mention in warnings (Frank Knobbe) Joseph Steinberg (Aug 02)
- Re: Re: Code Red: What security specialist don't mention in warnings(Frank Knobbe) Bob Washburne (Aug 04)
- Re: Re: Code Red: What security specialist don't mention in warnings (Frank Knobbe) Dustin D. Trammell (Aug 04)
- Re: Re: Code Red: What security specialist don't mention in warnings (Frank Knobbe) R. DuFresne (Aug 05)
- Re[2]: Re: Code Red: What security specialist don't mention in warnings (Frank Knobbe) Dustin D. Trammell (Aug 05)
- Re: Re: Code Red: What security specialist don't mention in warnings (Frank Knobbe) R. DuFresne (Aug 05)