OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: [suse-security] Web server security holes ?
From: engelbert gruber (engelbert.gruberssg.co.at)
Date: Wed Apr 05 2000 - 03:27:57 CDT

Am Mit, 05 Apr 2000 schrieb Francisco M. Marzoa Alonso:
>
> Oliver Grube wrote:
>
> > Hello Marc,
> >
> > >PS: I do NOT need the machine beeing accessible by
> > external machines in HTTP
> > If you don't need your HTTP... just switch it off by
> > editing /etc/rc.config "start_httpd=no"
> > or stop it by typeing /sbin/init.d/apache stop
>
> Sorry, i've read too fast.
>
> Think that Marc means that he *NEED* the HTTP server running for
> *INTERNAL* machines only. So stop apache is not a solution.
maybe let apache bind only to the internal ip.

or run it via inetd and let tcpd check if it is a valid ip. 

-- 
 --- Engelbert Gruber ---
 SSG Fintl,Gruber,Lassnig
 A6140 Telfs Untermarkt 9
 Tel. ++43-5262-64727 ---

---------------------------------------------------------------------
To unsubscribe, e-mail: suse-security-unsubscribesuse.com
For additional commands, e-mail: suse-security-helpsuse.com