[Gllug] Net outages caused by worm possibly

Doug Winter doug at pigeonhold.com
Mon Jan 27 11:21:01 UTC 2003


On Mon 27 Jan John Winters wrote:
> At the very least I would expect such ports to be opened at the firewall
> only to nominated outside addresses.  Even better would be to set up a
> VPN and do the database access across that.

ssh is your friend. 

if you must provide unfiltered access to something like a database, put
in a proxy that performs application-level security tests.

leaving a database open to the world is just stupid.

doug.

-- 
<fourstar> sigmata - being scarred from a particularly poor .sig
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 240 bytes
Desc: not available
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20030127/7a5886da/attachment.pgp>


More information about the GLLUG mailing list