[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] PortSentry

Subject: RE: [cobalt-users] PortSentry
From: Rodolfo Paiz <rpaiz@xxxxxxxxxxxxxx>
Date: Tue Mar 13 20:18:05 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

> 	Servers are not hacked through ports. They're most commonly
> hacked through insecure passwords, configuration errors (or lack
> thereof) and known exploitable holes in services which may or may
> not be accessible through a port. As some who lurk this list have
> learned the hard way, a working portsentry installation will not
> prevent a server from being exploited by either of the two exploits
> which have been discussed on this list during the past few days and
> which have long been known to problematic.
> 
> 	I mean no one, particularly you Rodolfo, any insult but
> portsentry is most certainly not a means to an end. With the low
> level of technical expertise on this list it simply is not right to
> even inadvertently lull someone into a false sense of security.
> At best portsentry is a slick way of keeping one informed about what
> goes in their little corner of the electronic haze of cyberspace. At
> worst it's a toy that, if misconfigured, can and very often is used
> to lock one out of their own server.

Lessons well taken. Keep 'em coming! <grin>

-- 
Rodolfo J. Paiz
rpaiz@xxxxxxxxxxxxxx <mailto:rpaiz@xxxxxxxxxxxxxx>

References:
- RE: [cobalt-users] PortSentry
  - From: elmer

Prev by Date: RE: [cobalt-users] qpopper exploit?
Next by Date: Re: [cobalt-users] forms
Previous by thread: RE: [cobalt-users] PortSentry
Next by thread: [cobalt-users] portsentry

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index