[NTLUG:Discuss] A Vulnerability question
Randall Gibson
wabbit at tvec.net
Mon Oct 8 09:34:32 CDT 2001
On 2001.10.08 07:14 Dennis Myhand wrote:
> Okay, I realize this may be a very simplistic sounding question, BUT...
>
> Whenever there is a vulnerability announced, such as for BIND, or
> another such program (Like everything on my wife's Winderz machine), am
> I vulnerable if I,
>
> 1.) Am not running that program, like not even configured but on my
> system?,
Not running, no. Not configured yes. Uninstall it, and dont run it if you dont use it. Unconfigures services are security holes.
>
> 2.) Am running a firewall and not running that program, same situation
> as 1?,
Firewalls are only as good as your rulesets. If you havent configured and fully tested it, dont count on it. Things like ip spoofing may easily get around a poorly configured firewall. A default firewall script may be setup to allow in services that someone thought you might like to run ....
>
> 3.) Or am simply running a firewall with that program running?
If the firewall is thouroughly blocking access to the system, it is relatively safe. Be safer and patch any security holes anyways, even if no-one should be able to access them.
HTH,
Randall Gibson
>
> TNX, Dennis in Victoria
>
> _______________________________________________
> http://www.ntlug.org/mailman/listinfo/discuss
>
>
More information about the Discuss
mailing list