On 5 Jun 2001, Abdulkareem Kusai wrote:
> I share the same concern; can the inbound services we offer via the
> internet using Sun iPlanet be penetrated without being detected since
> the attack is transported within SSL? For example
> IMAP/HTTP/SSL/TCP/IP. I would like for someone to convince me that my
> concern is unfounded. Any takers?
Netscape Web servers have had their share of security issues over time
(perhaps more than their share), so I don't think I can give you much
comfort there.
What I will say is that on the whole, the large majority of exploits are
more than 1 quarter old, so if you're updating/patching once a quarter (OS
and applications like Web servers, you're probably better than the 90th
percentile. Heck, that's probably true of patching annually. Once a
quarter is my current recommendation though, very few vulns are newer than
that.
As far as detection goes, without host-based IDS, I'm not sure that SSL is
all that bad uneless you're relying on NIDs (I think a poor choice, but
that's another story) -- if your Web servers are exposed, they're what you
need to worry about, no matter what protocol hits them. Your protocol
list doesn't include any protocol that isn't actively exploited these
days.
Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
[EMAIL PROTECTED] which may have no basis whatsoever in fact."
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
