webtrends, serving publically:

["R. DuFresne" <dufresne () sysinfo com>]

Folks,

netIQ has a web analysis product, webtrends, which is also known as their
e-business reporting center.  I'm sure some on the list have seen.used/and
evaluated the product.  Large applications like this worry me, when they
are exposed to the websurfing public, or the public at large.  We are
evaluating such a possible placement of the system hosting the service.

The bugtraq archives list two older, 1999 and 2001, if I recall
corrrectly, issues with the product in an exposed or 'open' environment.
We'd be using a newer version of the product, so the particular issues
documented at bugtraq should not be our worry.  But, do others have the
same misgivings about exposing such a system to public pounding?

Has anyone used such a system in an exposed environment, successfully,
meaning that the system has remained unhacked/cracked and secure for a
decent period of time, or have others that use|ed the product used it only
in a protected environment?


Thanks,

Ron DuFresne
-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com

"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart

testing, only testing, and damn good at it too!

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards