From: Chris Hoogendyk (choogend@library.umass.edu)
Date: Thu May 13 2004 - 10:38:52 EDT
The world is getting nastier, and it seems that even with removing
almost everything from inetd.conf, using tcp_wrappers, using ssh and
turning off ordinary telnet and ftp, keeping up patches, etc., servers
are still getting hacked.
So, I'm wondering how many sysadmins go to
http://coombs.anu.edu.au/~avalon/
set up ipfilter, and get really strict, putting up rules to block
virtually everything, whether it is coming or going. this on top of
removing unused services that might be listening on ports.
most of my servers are:
SUNW,Ultra-250
Solaris 8 1/01 s28s_u3wos_08 SPARC
they vary significantly, with some webservers, an oracle server, a
SunRay server, an ezproxy server, etc.
I'm in an academic environment, so traditionally we have not had network
based perimeter firewalls.
---------------
Chris Hoogendyk
-
O__ ---- Network Specialist & Unix Systems Administrator
c/ /'_ --- Library Information Systems & Technology Services
(*) \(*) -- W.E.B. Du Bois Library
~~~~~~~~~~ - University of Massachusetts, Amherst
---------------
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:28:39 EDT