Date: Sat, 23 Aug 2003 01:08:28 +0100 From: Lewis Thompson <purple@lewiz.net> To: FreeBSD-questions <questions@freebsd.org> Subject: Security question (simple). Message-ID: <20030823000827.GA1281@lewiz.org>
next in thread | raw e-mail | index | archive | help
--HcAYCG3uE/tztfnV Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi, I'm fairly new to network/machine security (but I know enough to write some firewall rules, just the basics. I guess I'm getting on for novice, or something ;) I'm running two jails on my box, which has a dialup connection to the 'net. It's all firewalled off and only certain things are available =66rom outside. For incoming WWW I have some port-forwarding going on (natd), which bounces it to the httpd running in the jail. Am I right in thinking if I am running some inherently insecure application there is ABSOLUTELY NO WAY anybody can exploit it if it's not listening on the dial-up interface? I mean, without rooting the host system first. Or, if it's not, it's still pretty hard, right? -lewiz. --=20 I was so much older then, I'm younger than that now. --Bob Dylan, 1964. ------------------------------------------------------------------------ -| msn:purple@lewiz.net | jab:lewiz@jabber.org | url:http://lewiz.net |- --HcAYCG3uE/tztfnV Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE/RrB7Itq0KFQv7T8RAvQ8AJ44g7mn1xP3GLW0vggj6QkOuNTUowCg9TTI 2yOeKsujzQH4C9zyxS64gf4= =yriU -----END PGP SIGNATURE----- --HcAYCG3uE/tztfnV--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030823000827.GA1281>