North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: OT: Xen

  • From: Christopher L. Morrow
  • Date: Tue Apr 04 00:58:28 2006

On Tue, 4 Apr 2006 [email protected] wrote:

> On Mon, 03 Apr 2006 23:16:40 +0200, Peter Dambier said:
> > Best is: You dont run anything that is not needed. If you run only a
> > single application, your system is not worth the time it takes to hack it :)
> For the benefit of people reading the archives in search of clue: There's
> a smiley on that, because Peter knows full well that the single biggest
> security problem on the Internet is boxes that are running one application,
> or end-user boxes, that aren't run in a secure manner because there's nothing
> of interest on the box.

though one application means a very simple host, firewall, audit:
1) its running smtp
2) its filtered to permit any -> tcp/25 tcp/25 -> any
3) its log auditor (offline on the log host of course) flags anything NOT

presume that smtpd is, of course, hardened and patched and looked-after
properly... Sean is right, anything with an ip address is a target,
perhaps not a focused target, but a target none-the-less.

If it's on the internet take proper precautions.

> If the box has an IP address, and an Internet connection, it's *always* of
> interest, if only as a zombie or a steppingstone box to launder a connection.

oh zombies... where would we be without thee?