[nycphp-talk] Secure (XML-RPC) connection
jon baer
jonbaer at jonbaer.net
Wed Mar 24 14:44:36 EST 2004
> If I forward Firewall:80 to ProdnServer:80, that will let the web server
> in and everyone else on the Big Bad Internet. I can use SSH/SSL to
> encrypt the data from the Web Server to the Production Server but I need
> to minimize/remove all acapabilities for the Big Bad Internet to get to
> ProdnServer:80.
Have you tested your network with the latest nmap from the outside? Not to
say that security by obscurity is 100% (id be fired :-) but tweaking your
banners for those fingerprints reduce the risk somewhat (and tweaking ICMP,
SYN-ACK stuff). I really dont think you can expect much more when you are
connected to the Big Bad Internet.
- Jon
More information about the talk
mailing list