Re: what percent of time are there unpatched exploits against default config?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Sun, Jan 1, 2012 at 11:45 AM, Timothy Murphy <gayleard@xxxxxxxx> wrote:
> Les Mikesell wrote:
>
>> Someone cracked my gmail password and sent what seemed like an oddly
>> small amount of spam from it.
>
> gmail and hotmail must be very easy to crack,
> or is there some check apart from the password?
>
>> That doesn't work for web services open to the public.  You need
>> firewalls that can work at wire speed filtering the inbound URLs for
>> known attack patterns, plus of course, updating the software as
>> quickly as possible to fix the vulnerabilities.
>
> Yes, I'm more worried about attacks through port 80.
> Can anyone point me to documentation on protecting a web-server?
>
A server serving just static pages on port 80 would be pretty much
safe. A server that provides dynamic pages (eg script-generated with a
database backend) can never be completely safe. A book like this is
probably what you are looking for:

http://www.wilyhacker.com/

Cheers,

Cliff
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos



[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux