Howdy, Umm, use SSL? ;) And assuming that you're asking us because you're going to use tomcat, run with a SecurityManager with as strict a policy as possible. Don't expose any services or ports you don't need. Audit your system periodically with tools like port scanners, checks your logs, run behind a firewall is possible, etc. etc etc.
Yoav Shapira Millennium ChemInformatics >-----Original Message----- >From: Sergey.Livanov [mailto:[EMAIL PROTECTED] >Sent: Monday, November 24, 2003 5:19 PM >To: Tomcat Users List >Subject: Security > > >I'm launching a SSL technology portal. Would appreciate if you could give >me >a tip on what should be done to secure the portal. >Do you have any recommendations ? > > >Best regards, > Sergey.Livanov mailto:[EMAIL PROTECTED] > > >--------------------------------------------------------------------- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
