[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-developers] Server Access Parameters

Subject: RE: [cobalt-developers] Server Access Parameters
From: "Malcolm Wild" <cobaltsec@xxxxxxxxxxx>
Date: Fri Feb 16 02:23:00 2001
List-id: Discussion Forum for developers on Cobalt Networks products <cobalt-developers.list.cobalt.com>

the best way to secure a box is to pull it out of the wall and switch it
off,
however the that's no answer, its a risk limitation exercise
EVER system on the web is vulnerable and there are people with enough,
knowledge, skill, luck, persistence, privileges to abuse the other peoples
systems

simply blocking a range of IPs only reduces the risk, but doesn't stop it
xxx.xxx.xxx.xxx

if your boss thinks that this is a long term security solutions he's
mistaken. Ensuring your systems runs the minimum number of services and have
the minimum number to users is a simple way to reduce what exploits people
can run.
90% of hacks come from inside the organisation, so what's your internal
network security like???
Simple daily cores such as checking the logs, keeping the patches up to
date, reading posting on new exploits and vulnerabilities, backup(and test!)
the servers as often as you can, so its easy to do a format and reinstall +
patch quickly.
If he's into spending money there are some pretty gone hardware firewalls
around that don't cost the earth but again limit what people can do. But
never trust or rely on one solution, this is why most sysadmins have grey
hair and die at 45 ! :)

hope this provides some guidance, feel free to email if you need more help
that's what this list is for :)

malc@xxxxxxxxxxx


-----Original Message-----
From: cobalt-developers-admin@xxxxxxxxxxxxxxx
[mailto:cobalt-developers-admin@xxxxxxxxxxxxxxx]On Behalf Of Eric
Marcussen
Sent: 14 February 2001 16:26
To: cobalt-developers@xxxxxxxxxxxxxxx
Subject: Re: [cobalt-developers] Server Access Parameters


  Good Afternoon All,

A couple of weeks ago, our server was hijack.  My boss would like to some
how create a list of IPs and/or Domains that would be allowed to access our
server.  All others not listed would be blocked.

Is this possible??

Thanx,
<<Eric>>

............................................
Eric Marcussen
System Administrator/Webmaster
S P H E R E S L L C   U S A
E-Commerce, Web Site Design
Site Hosting, Marketing & Management
...
Tel: 1.732.339.0700 . ideas@xxxxxxxxxxx
http://www.spheres.net
.
VERIO Authorized Solutions Provider
...
Official Advisor: Int'l Agency for
Economic Development, working with
the United Nations
............................................





_______________________________________________
cobalt-developers mailing list
cobalt-developers@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-developers

References:
- Re: [cobalt-developers] Server Access Parameters
  - From: Eric Marcussen

Prev by Date: Re: [cobalt-developers] Cannot install the MIPS Kernel Update 1.0 on my RaQ2
Next by Date: RE: [cobalt-developers] Raq3i OS 4.0 - catch all mbx, problem ??
Previous by thread: RE: [cobalt-developers] Server Access Parameters
Next by thread: [cobalt-developers] [RAQ4]Tripwire policy file

Sun Cobalt Developers Message Index

Sun Cobalt Developers Thread Index