From owner-freebsd-questions@FreeBSD.ORG  Sat May  2 14:03:50 2009
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id E592A1065673
	for <freebsd-questions@freebsd.org>;
	Sat,  2 May 2009 14:03:50 +0000 (UTC)
	(envelope-from jalmberg@identry.com)
Received: from mx1.identry.com (on.identry.com [66.111.0.194])
	by mx1.freebsd.org (Postfix) with ESMTP id 7C68D8FC13
	for <freebsd-questions@freebsd.org>;
	Sat,  2 May 2009 14:03:50 +0000 (UTC)
	(envelope-from jalmberg@identry.com)
Received: (qmail 92080 invoked by uid 89); 2 May 2009 14:04:21 -0000
Received: from unknown (HELO ?192.168.1.110?) (jalmberg@75.127.142.66)
	by mx1.identry.com with ESMTPA; 2 May 2009 14:04:21 -0000
Mime-Version: 1.0 (Apple Message framework v753.1)
In-Reply-To: <20090502125055.GB15913@pureftpd.org>
References: <sfid-H20090501-165528-+054.95-1@osbf.c9x.org>
	<20090501085510.18a830e9@prokofiev.trutwins.homeip.net>
	<20090502125055.GB15913@pureftpd.org>
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
Message-Id: <CD48054D-81EF-4D34-8D03-2D11F6E657FD@identry.com>
Content-Transfer-Encoding: 7bit
From: John Almberg <jalmberg@identry.com>
Date: Sat, 2 May 2009 10:03:43 -0400
To: freebsd-questions@freebsd.org
X-Mailer: Apple Mail (2.753.1)
Subject: Re: [pure-ftpd] Security Scan question
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 02 May 2009 14:03:51 -0000


On May 2, 2009, at 8:50 AM, Frank Denis wrote:

>   Hello Josh,
>
> Le Fri, May 01, 2009 at 08:55:10AM -0500, Josh Trutwin ecrivait :
>> Because I programmed a custom cart solution for one of my customers,
>> their merchant account is doing a monthly server scan to check for
>> known vulnerabilities.
>
>   Great.

I've had to endure these scans, myself, and I must say that they  
helped a lot. The scans are pretty thorough and they made me re-think  
some things I was doing... particularly limiting access to ports that  
I thought 'needed' to be open, but actually just needed to be open to  
a small number of outside addresses. Thank goodness for PF... would  
hate to try to pass one of those scans without a flexible firewall.

-- John