nanog mailing list archives
Re: OT: Xen
From: "Christopher L. Morrow" <christopher.morrow () verizonbusiness com>
Date: Tue, 04 Apr 2006 04:57:12 +0000 (GMT)
On Tue, 4 Apr 2006 Valdis.Kletnieks () vt edu wrote:
On Mon, 03 Apr 2006 23:16:40 +0200, Peter Dambier said:Best is: You dont run anything that is not needed. If you run only a single application, your system is not worth the time it takes to hack it :)For the benefit of people reading the archives in search of clue: There's a smiley on that, because Peter knows full well that the single biggest security problem on the Internet is boxes that are running one application, or end-user boxes, that aren't run in a secure manner because there's nothing of interest on the box.
though one application means a very simple host, firewall, audit: 1) its running smtp 2) its filtered to permit any -> tcp/25 tcp/25 -> any 3) its log auditor (offline on the log host of course) flags anything NOT smtp presume that smtpd is, of course, hardened and patched and looked-after properly... Sean is right, anything with an ip address is a target, perhaps not a focused target, but a target none-the-less. If it's on the internet take proper precautions.
If the box has an IP address, and an Internet connection, it's *always* of interest, if only as a zombie or a steppingstone box to launder a connection.
oh zombies... where would we be without thee?
Current thread:
- Re: OT: Xen, (continued)
- Re: OT: Xen Chris Adams (Apr 03)
- Re: OT: Xen Todd Vierling (Apr 03)
- Re: OT: Xen Eric Frazier (Apr 03)
- Re: OT: Xen Valdis . Kletnieks (Apr 03)
- Re: OT: Xen Todd Vierling (Apr 03)
- Re: OT: Xen Michael . Dillon (Apr 03)
- Message not available
- Re: OT: Xen Eric Frazier (Apr 03)
- Re: OT: Xen Todd Vierling (Apr 03)
- Re: OT: Xen Peter Dambier (Apr 03)
- Re: OT: Xen Valdis . Kletnieks (Apr 03)
- Re: OT: Xen Christopher L. Morrow (Apr 03)
- Re: OT: Xen Chris Adams (Apr 03)
- Re: OT: Xen Matthew Palmer (Apr 03)
- Re: OT: Xen Stephane Bortzmeyer (Apr 04)
- Re: OT: Xen Matthew Palmer (Apr 03)