fredmobach.nl

• Next message: Stefan Becker: "AW: [suse-security] Web server security holes ?"
• Previous message: Francisco M. Marzoa Alonso: "Re: [suse-security] Cracking passwd file on suse systems"
• In reply to: Markus Schaber: "RE: [suse-security] Web server security holes ?"
• Next in thread: Stefan Becker: "AW: [suse-security] Web server security holes ?"
• Next in thread: Oliver Grube: "RE: [suse-security] Web server security holes ?"
• Reply: Fred Mobach: "Re: [suse-security] Web server security holes ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Markus Schaber wrote:

> On Wed, 5 Apr 2000, Oliver Grube wrote:
>
> > >PS: I do NOT need the machine beeing accessible by
> > external machines in HTTP
> > If you don't need your HTTP... just switch it off by
> > editing /etc/rc.config "start_httpd=no"
> > or stop it by typeing /sbin/init.d/apache stop
>
> Well, I think he still needs internal access for SuSE help
> system etc. So he could specifically deny access to port
> 80 for all hosts except his own.

Perhaps you might consider to change your default policy to REJECT and
only open those ports to the outside world which you really need. At
least this policy works great for me.

Regards,

Fred Mobach
fred at mobach.nl

---------------------------------------------------------------------
To unsubscribe, e-mail: suse-security-unsubscribesuse.com
For additional commands, e-mail: suse-security-helpsuse.com

• Next message: Stefan Becker: "AW: [suse-security] Web server security holes ?"
• Previous message: Francisco M. Marzoa Alonso: "Re: [suse-security] Cracking passwd file on suse systems"
• In reply to: Markus Schaber: "RE: [suse-security] Web server security holes ?"
• Next in thread: Stefan Becker: "AW: [suse-security] Web server security holes ?"
• Next in thread: Oliver Grube: "RE: [suse-security] Web server security holes ?"
• Reply: Fred Mobach: "Re: [suse-security] Web server security holes ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]