Metasploit mailing list archives
Spam: RE: Spam: How safe is a hardware firewall?
From: joxeankoret at yahoo.es (Joxean Koret)
Date: Mon, 05 Nov 2007 20:19:46 +0100
Hi Robin, It depends in the servers/applications you have opened to internet. If you have any private web application (specially if they are coded in PHP and ASP) you should start auditing it. If you have databases, ftp servers, mail servers, etc... You will need specific tools to see what can be done. If you're using only standard applications (i.e., widely deployed) you should check any news regarding these applications in security related mailing lists (Bugtraq, Full Disclosure, Milw0rm, etc...). When using standard software but not widely deployed (i.e., not too tested...) you should audit yourself to known if there is any vuln. Anyway, even if you're using only fully patched very widely deployed software you must be aware that 90% of the time a vulnerable server/application is a badly configured one. BTW, did you tried to launch a vulnerability assesment tool? As, for example, Nessus? Joxean Koret On lun, 2007-11-05 at 19:53 +0100, Robin Kipp wrote:
Hi Kim, OK, thanks for your deteiled reply. Well, the problem is that I had to allow all outbound traffic because not only the server, but also my other computers are behind the firewall. However, the firewall scans all incoming and outgoing traffic for malicious code and the firewall keeps on sending me email messages telling me about all the intrusions and viruses that were blocked. Is there maybe a tool available that I can use to try to hack my own server? The problem is that all the Metasploit exploits don't seem to work :-( Thanks! Robin
-------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 191 bytes Desc: This is a digitally signed message part URL: <http://mail.metasploit.com/pipermail/framework/attachments/20071105/05135889/attachment.pgp>
Current thread:
- Windows Server 2008 - Thoughts on security?qQaa Martinez, Tino (Nov 05)
- Spam: How safe is a hardware firewall? Robin Kipp (Nov 05)
- Spam: How safe is a hardware firewall? Kim Guldberg (Nov 05)
- Spam: RE: Spam: How safe is a hardware firewall? Robin Kipp (Nov 05)
- Spam: RE: Spam: How safe is a hardware firewall? Joxean Koret (Nov 05)
- Spam: RE: Spam: How safe is a hardware firewall? Kim Guldberg (Nov 05)
- Spam: RE: Spam: RE: Spam: How safe is a hardware firewall? Robin Kipp (Nov 05)
- Spam: How safe is a hardware firewall? Kim Guldberg (Nov 05)
- Spam: How safe is a hardware firewall? Robin Kipp (Nov 05)