> Put an ipchains rule in place which will allow only TCP connections to your > Webmin port. Obscure the port by not using 10000 but use another port > instead. Configure Webmin to react only to queries from a specific IP-address > or IP-address ranges as well. This combination of efforts lowers the threat > somewhat, but not totally.
Ohhh...good idea > Another option, derived from the earlier discussion: Use the above methods, > but as addition launch a small shell script from /etc/rc.d/rc.local which > issues a shutdown of Webmin a few minutes after the server rebooted. That way > you have Webmin accessible for a few minutes after each server reboot. Even better. Good example of creative thinking. Thanks for taking the time to share Michael! Brandon _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
