RE: CF is vulnerable

Wed, 01 Nov 2000 04:40:41 -0800 

Mike,

As I said that article is particularly old - I wouldn't recommend using it
as a guide for insuring the security of a webserver.  I vaguely remember
looking at that very same page upto a year ago.

You and I both know that that is far too long a time for anything to be
valid on the internet.

>From what I've heard about your servers I don't think there is much more you
really could do to them, without switching them off and unpluging them from
the power and the network... ;o)

Regards

Stephen

> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On
> Behalf Of Mike Connolly
> Sent: Wednesday, 01 November 2000 12:13
> To: 'CF-Talk'; '[EMAIL PROTECTED]'
> Subject: CF is vulnerable
>
>
> I appreciate all of the comments made...
>
> I agree...
> 1. 'remove sample applications' is a really old security issue
> 2. The Number 2 slot really goes to CGI as a whole.
>
> My main concern was if we apply of the CGI patches as suggested in this
> article (provided by a customer of ours who won't allow us to develop with
> CF) will it affect the running of the CFAS (CGI) ?
>
> Regards
>
> Mike Connolly
>
> PS. Len you really must get out more.... or at least tidy your CF-Talk
> mailbox once in a while.
>
>
> -----------------------------------------------
> Any opinions expressed in this message are those of the
> individual and not necessarily the company.  This message and any
> files transmitted with it are confidential and solely for the use
> of the intended recipient.  If you are not the intended recipient
> or the person responsible for delivering to the intended
> recipient, be advised that you have received this message in
> error and that any use is strictly prohibited.
>
> Sapphire Technologies Ltd
> http://www.sapphire.net
>

------------------------------------------------------------------------------------------------
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message 
with 'unsubscribe' in the body to [EMAIL PROTECTED]

Reply via email to