I'm fairly new to network/machine security (but I know enough to write
some firewall rules, just the basics.  I guess I'm getting on for
novice, or something ;)

  I'm running two jails on my box, which has a dialup connection to the
'net.  It's all firewalled off and only certain things are available
from outside.  For incoming WWW I have some port-forwarding going on
(natd), which bounces it to the httpd running in the jail.  Am I right
in thinking if I am running some inherently insecure application there
is ABSOLUTELY NO WAY anybody can exploit it if it's not listening on the
dial-up interface?  I mean, without rooting the host system first.  Or,
if it's not, it's still pretty hard, right?


I was so much older then, I'm younger than that now.  --Bob Dylan, 1964.
-| msn:[EMAIL PROTECTED] | jab:[EMAIL PROTECTED] | url:http://lewiz.net |-

Attachment: pgp00000.pgp
Description: PGP signature

Reply via email to