Yeah, GET /cgi-bin/phf?q=;cat%20/etc/passwd is harmless. So is GET
/isadmin/passwd.htr?...
Adam
On Sun, Jun 20, 1999 at 04:26:07PM -0400, Don Kelloway wrote:
| If the firewall *only* allows the GET command through, there shouldn't be
| anything to worry about. Right?
|
| Best Regards, Donald Kelloway
| http://www.commodon.com
|
| -----Original Message-----
| From: Peter da Silva <[EMAIL PROTECTED]>
| Newsgroups: mail.firewalls
| To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
| Date: Sunday, June 20, 1999 4:15 PM
| Subject: Re: Why not NT?
|
|
| >In article <004801bebb2a$5a1811e0$[EMAIL PROTECTED]>,
| >Don Kelloway <[EMAIL PROTECTED]> wrote:
| >>>Where goes your web server, mail server, etc.? In front or behind the
| >>>firewall?
| >
| >>Behind the firewall, preferably on the DMZ...
| >
| >I would tie the web server down just as tightly as the firewall, and put
| >it outside, if I didn't have a DMZ. HTTP is the most likely source of
| attacks
| >so the firewall won't help protect it that much, and if it's broken you
| >definitely don't want it to be on your internal network.
| >
| >--
| >In hoc signo hack, Peter da Silva <[EMAIL PROTECTED]>
| > `-_-' Ar rug t� barr�g ar do mhact�re inniu?
| > 'U` "Be vewy vewy quiet...I'm hunting Jedi." -- Darth Fudd
| >
| >-
| >[To unsubscribe, send mail to [EMAIL PROTECTED] with
| >"unsubscribe firewalls" in the body of the message.]
| >
|
| -
| [To unsubscribe, send mail to [EMAIL PROTECTED] with
| "unsubscribe firewalls" in the body of the message.]
--
"It is seldom that liberty of any kind is lost all at once."
-Hume
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
