[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Antw: [suse-security] Problems Understanding SuSEfirewall2

To: <remote@xxxxxxxxxxxxxxxxxxxxxxx>, <suse-security@xxxxxxxx>
Subject: Antw: [suse-security] Problems Understanding SuSEfirewall2
From: "petry" <petry@xxxxxxxxxxxxx>
Date: Mon, 19 May 2003 13:55:19 +0200
Delivered-to: mailing list suse-security@xxxxxxxx
Delivery-date: Mon, 19 May 2003 13:57:16 +0200
Envelope-to: suse@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
List-help: <mailto:suse-security-help@suse.com>
List-post: <mailto:suse-security@suse.com>
List-subscribe: <mailto:suse-security-subscribe@suse.com>
List-unsubscribe: <mailto:suse-security-unsubscribe-suse=archive.cert.uni-stuttgart.de@suse.com>
Mailing-list: contact suse-security-help@xxxxxxxx; run by ezmlm

Hello,

as I recognize so far you use active ftp (port 20, ftp-data). IMHO it is a quite large security hole. We only allow passive ftp connections. Try http://slacksite.com/other/ftp.html for some explanation.

Greetings
Olaf


____________________________________________________
Fa. Prof. Dr. G. Hellberg EDV-Beratung & Softwareengineering
Dipl.-Ing. Olaf Petry
Sonnenweg 7
D-30171 Hannover
Germany

Fon: +49 (0)511 / 288 25 90
Fax: +49 (0)511 / 288 25 89
Mobil: +49 (0)177 / 230 22 65
Web: www.DrHellberg.de 
E-Mail: info@xxxxxxxxxxxxx

>>> "remote" <remote@xxxxxxxxxxxxxxxxxxxxxxx> 19.05.2003 08:31 >>>
Hi !

LAN except for the following protocols/ports : pop3, pop3s, http, https,
ftp,
ftps, smtp, ssh, domain. 
...
FW_SERVICES_EXT_TCP="20 21 22 25 53 80 110 995"


--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here

Prev by Date: Re: [suse-security] Problems Understanding SuSEfirewall2
Next by Date: Re: [suse-security] IMAP and 8.2
Previous by thread: Re: [suse-security] Problems Understanding SuSEfirewall2
Next by thread: [suse-security] FW_FORWARD_MASQ
Index(es):
- Date
- Thread