At 12:54 PM 11/10/03, Booth Martin wrote:
That is a good point Walden. By putting the proper non-Windows protections
in front of the Windows servers the servers are generally immune.
This is not true. Putting a firewall in front of a server only prevents
unwanted access to ports that may be open on the server, but are not meant
to be public.
In the case of a web server like IIS, or a mail transfer agent like
SendMail, those ports are open and accessible to the world, and it must be
so for them to function at all. Firewalls do not protect such 'open'
ports. There has been report after report of buffer overflow
vulnerabilities in both of these products, and many more like them. In the
case of an Intel class machine, the vulnerability generally allows complete
root or administrator access to the machine once it's compromised.
I've not heard of a buffer overflow vulnerability on the iSeries, even
though it runs ports of programs like the Apache web server.
Regards,
Rich
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact
[javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
