The only traffic I allow into the machine is from other machines on the network on the 192.168.0.X range. My Port 80 is open but it has been bound to 127.0.0.1.
N -----Original Message----- From: Dave Watts [mailto:[EMAIL PROTECTED]] Sent: 22 January 2003 10:31 To: CF-Talk Subject: RE: Goodbye cruel world > I can see EVERY ip/traffic coming in.... if I dont like > it, I lock it down but the firewall does that automatically > anyhow....it auto-blocks by default How do you differentiate between "good" and "bad" traffic? For example, if you run a web server, you open port 80, and it's open to the world, typically. Beyond using a generic input filter like URLScan, how do you differentiate between well-formed requests from legitimate clients and malformed requests intended to exploit some web server vulnerability? That's just one example. The fact is, if you allow any legitimate traffic to your machine, a software firewall will allow all traffic that fits the same template - from specified sockets on the remote machine to specified sockets on your machine, basically. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ voice: (202) 797-5496 fax: (202) 797-5444 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Get the mailserver that powers this list at http://www.coolfusion.com Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
