Re: running httpd in chroot jail

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

This has been enlightening, thanks!


On Fri, Jan 18, 2013 at 2:47 PM, P Fudd <pfudd@xxxxxxxxxxxx> wrote:

> Zachary Stern <zs@xxxxxxxxxxxxxxxxx> wrote:
> Does it make sense to block outgoing connections for a web server? There
> are some cases where our apps do connect to things like external APIs, and
> they do it on the backend, not necessarily in-browser.

Block outgoing connections to anything apart from the machines you want
and need to connect to.  It means the hacker can connect to them too, but
at least they can't connect to the other 99.9999% of the internet to hack
and cause further problems, using your ip address and reputation when
doing it.

Cheers

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx

[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux