Dave Watts wrote:
Simply because I can do it other places, or that it's done for me already in
other places. I think that it's inefficient to do on the host, compared to
doing it at the network's point of entry. It doesn't really matter how
significant the performance hit is, if it is
BlackICE Server Protection - $299.95
http://shop.softwaresupermall.com/dr/v2/ec_MAIN.Entry17c?CID=34263SID=3
3655SP=10007PN=5PID=313036DSP=CUR=840PGRP=0CACHE_ID=34263
-Original Message-
From: Andy Lynch [mailto:[EMAIL PROTECTED]]
Sent: Monday, June 24, 2002 2:00 PM
To: CF-Talk
the built in firewall in Windows XP
it rocks.
tony
-Original Message-
From: Andy Lynch [mailto:[EMAIL PROTECTED]]
Sent: Monday, June 24, 2002 3:00 PM
To: CF-Talk
Subject: OT: CF Server Firewall
Sorry for the Off Topic but does anyone know of a good server firewall
program for Cold
I like BlackIce from Internet Security Systems (www.iss.com) approx $399 per
server
Duane
-Original Message-
From: Andy Lynch [mailto:[EMAIL PROTECTED]]
Sent: Monday, June 24, 2002 3:00 PM
To: CF-Talk
Subject: OT: CF Server Firewall
Sorry for the Off Topic but does anyone know of a
I would look at getting a sonicWall, you can see them here
http://www.firewalls.com/sonicwall.asp
Douglas Brown
Email: [EMAIL PROTECTED]
- Original Message -
From: Andy Lynch [EMAIL PROTECTED]
To: CF-Talk [EMAIL PROTECTED]
Sent: Monday, June 24, 2002 12:00 PM
Subject: OT: CF Server
Developer Extraordinaire
Dixon Ticonderoga Company
http://www.dixonusa.com
-Original Message-
From: Tony Weeg [mailto:[EMAIL PROTECTED]]
Sent: Monday, June 24, 2002 3:03 PM
To: CF-Talk
Subject: RE: CF Server Firewall
the built in firewall in Windows XP
it rocks.
tony
-Original Message
Sorry that link was split, here you go:
http://tinyclick.com/?SERVER
-Original Message-
From: Jim Vosika [mailto:[EMAIL PROTECTED]]
Sent: Monday, June 24, 2002 2:02 PM
To: CF-Talk
Subject: RE: CF Server Firewall
BlackICE Server Protection - $299.95
http://shop.softwaresupermall.com
Unfortunately, we're running WIN2K...
From: Tony Weeg [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
To: CF-Talk [EMAIL PROTECTED]
Subject: RE: CF Server Firewall
Date: Mon, 24 Jun 2002 15:03:02 -0400
the built in firewall in Windows XP
it rocks.
tony
-Original Message-
From: Andy
Don't mean to self promote but we sell it for $299.95
http://tinyclick.com/?SERVER
-Original Message-
From: Duane Boudreau [mailto:[EMAIL PROTECTED]]
Sent: Monday, June 24, 2002 2:06 PM
To: CF-Talk
Subject: RE: CF Server Firewall
I like BlackIce from Internet Security Systems
A firewall for CF? Not sure what you are talking about there, but a good
firewall for under 1k you may want to look at is Gnatbox. Gets better
the more money you can spend. If you are using IIS, check out the IIS
lockdown tool from MS that sets up and configures URLScan as well as a
host of other
.
Andy Lynch
Applications Developer
WebPort, Inc
From: Robert Bailey [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
To: CF-Talk [EMAIL PROTECTED]
Subject: RE: CF Server Firewall
Date: Mon, 24 Jun 2002 12:09:07 -0700
A firewall for CF? Not sure what you are talking about there, but a good
firewall
Has anyone had problems with IIS Lockdown? I am investigating its use and
saw that it was mentioned here.
Thanks
Mike
-Original Message-
From: Robert Bailey [mailto:[EMAIL PROTECTED]]
Sent: Monday, June 24, 2002 2:09 PM
To: CF-Talk
Subject: RE: CF Server Firewall
A firewall for CF
Sorry for the Off Topic but does anyone know of a good
server firewall program for Cold Fusion servers? It's
seems as if some hackers are getting past our routers
and I want to look into all options to lock it down more.
My boss said I have to keep it under $1,000.
Or just use IP
]
Subject: RE: CF Server Firewall
Date: Mon, 24 Jun 2002 12:09:07 -0700
A firewall for CF? Not sure what you are talking about there, but a good
firewall for under 1k you may want to look at is Gnatbox. Gets better
the more money you can spend. If you are using IIS, check out the IIS
lockdown
Tony Weeg wrote:
the built in firewall in Windows XP
Didn't know XP server was out.
Jochem
__
Your ad could be here. Monies from ads go to support these lists and provide more
resources for the community.
no problems with IIS Lockdown at all.
-Original Message-
From: Mike Byers [mailto:[EMAIL PROTECTED]]
Sent: Monday, June 24, 2002 3:31 PM
To: CF-Talk
Subject: RE: CF Server Firewall
Has anyone had problems with IIS Lockdown? I am investigating its use
and saw that it was mentioned
windows XP professional
is what I use. on my dev box
running cfmx and everything I have
come across works 100%
tw
-Original Message-
From: Jochem van Dieten [mailto:[EMAIL PROTECTED]]
Sent: Monday, June 24, 2002 3:32 PM
To: CF-Talk
Subject: Re: CF Server Firewall
Tony Weeg wrote
suggestions.
Andy Lynch
Applications Developer
WebPort, Inc
From: Robert Bailey [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
To: CF-Talk [EMAIL PROTECTED]
Subject: RE: CF Server Firewall
Date: Mon, 24 Jun 2002 12:09:07 -0700
A firewall for CF? Not sure what you are talking about there, but a good
Applications Developer
WebPort, Inc
From: Robert Bailey [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
To: CF-Talk [EMAIL PROTECTED]
Subject: RE: CF Server Firewall
Date: Mon, 24 Jun 2002 12:09:07 -0700
A firewall for CF? Not sure what you are talking about there, but a good
Just be aware that under heavy load it will be. :P
Give me a break,
~Todd
On Mon, 24 Jun 2002, Alex wrote:
Just be aware the nanoseconds that the firewall slows you down will not be
noticeable.
On Mon, 24 Jun 2002 [EMAIL PROTECTED] wrote:
Just be aware that software firewalls will
you are doing IP filtering/routing with them - not true firewalling.
firewalling is a collection of policies implemented variously, and
packet filtering routers and router ACL's are clearly, and truly, within
that definition.
Len
www.menandmice.com/DNS-training : DNS Training
I just ment a good server firewall, for my cf server. We
have linksys routers but my boss seems to think hackers
are getting past those which I suppose is possible... So
he wanted my to find a software firewall to run in addition
to our routers firewall.
Your boss seems to think there's
any day - S flexible, from a routing
view point, AND a security viewpoint)
-Original Message-
From: Len Conrad [mailto:[EMAIL PROTECTED]]
Sent: Monday, June 24, 2002 2:57 PM
To: CF-Talk
Subject: RE: CF Server Firewall
you are doing IP filtering/routing with them - not true
SecureIIS from Eeye is pretty cool
www.secureIIS.com
Kirk
-Original Message-
From: Andy Lynch [mailto:[EMAIL PROTECTED]]
Sent: Monday, June 24, 2002 12:00 PM
To: CF-Talk
Subject: OT: CF Server Firewall
Sorry for the Off Topic but does anyone know of a good server firewall
program for
SecureIIS from Eeye is pretty cool
www.secureIIS.com
While it is pretty cool (I'm evaluating the 2.0 beta right now), it's not a
firewall, it's an input filter for IIS. It won't do anything to stop someone
from connecting to any other services on the machine.
Dave Watts, CTO, Fig Leaf
Message-
From: Duane Boudreau [mailto:[EMAIL PROTECTED]] Sent: Monday, June 24,
2002 2:06 PM
To: CF-Talk
Subject: RE: CF Server Firewall
I like BlackIce from Internet Security Systems (www.iss.com) approx $399
per server
Duane
-Original Message-
From: Andy Lynch [mailto:[EMAIL PROTECTED
Tony Weeg wrote:
windows XP professional
is what I use. on my dev box
running cfmx and everything I have
come across works 100%
It works for me too on test machines. But in production? No way.
Jochem
__
This list and all
Dave Watts wrote:
I have to say, I agree with Robert here, in that if you want to control
traffic at your server itself (host security), rather than or in addition to
controlling traffic at the router and firewall, the OS provides all the
tools you need. Windows NT 4 and higher allow you to
I have to say, I agree with Robert here, in that if you
want to control traffic at your server itself (host security),
rather than or in addition to controlling traffic at the
router and firewall, the OS provides all the tools you need.
Windows NT 4 and higher allow you to block
Dave Watts wrote:
Nope. That's what external firewalls are for. My approach to host-based
security is generally just to disallow as much traffic as I can; I don't
know what kind of performance hit you'd take with doing that on each host,
and I don't want to find out.
Why not? If you don't
Nope. That's what external firewalls are for. My approach
to host-based security is generally just to disallow as
much traffic as I can; I don't know what kind of performance
hit you'd take with doing that on each host, and I don't
want to find out.
Why not? If you don't know
Dave Watts wrote:
Nope. That's what external firewalls are for. My approach
to host-based security is generally just to disallow as
much traffic as I can; I don't know what kind of performance
hit you'd take with doing that on each host, and I don't
want to find out.
Why not? If you don't
settings
will go unmessed with.
'Course, that's a little too DIY for most people, but it does work quite
well.
-- jon
-Original Message-
From: Dave Watts [mailto:[EMAIL PROTECTED]]
Sent: Monday, June 24, 2002 6:15 PM
To: CF-Talk
Subject: RE: CF Server Firewall
I have to say, I
Snort is rad... but is it a firewall? I use it on my linux
machines as an intrusion detection system.
No, it's not a firewall, it's an IDS, as you mention. However, combined with
host-based IP security filters to stop traffic, and application input
filters like URLScan and SecureIIS, it
From: Dave Watts [EMAIL PROTECTED]
I have to say, I agree with Robert here, in that if you
want to control traffic at your server itself (host security),
rather than or in addition to controlling traffic at the
router and firewall, the OS provides all the tools you need.
Windows
Snort does not do any filtering. It's an IDS that logs
scans.
Yes. I realize that. Jochem's complaint about using TCP/IP Filtering and IP
security policies in Windows 2000 was that it didn't do stateful inspection.
My response to that, assuming that Jochem's concern was primarily that these
But the point is, that I really don't understand why you
wouldn't want to know what the performance hit is. How
can you make an informed decision (not) to do statefull
filtering, if you don't even know that?
Simply because I can do it other places, or that it's done for me already in
37 matches
Mail list logo
