Re: Appropriate for webserver?


From: ao@morpork.shnet.org (A. Ott)
Subject: Re: Appropriate for webserver?
Date: 25 Feb 2000 11:12:00 +0100

Next Article (by Subject): auditing "Rockee W. Shi"
Previous Article (by Subject): Appropriate for webserver? Michael Mikkelsen
Top of Thread: Appropriate for webserver? Michael Mikkelsen
Articles sorted by: [Date] [Author] [Subject]


********* ***************** ********** ****  *****   ***** ************
  To subject Appropriate for webserver?
  mikk@microbsys.com (Michael Mikkelsen)  wrote:
********** ******************** ******  ********  ******* *************

> Is RSBAC appropriate for an e-commerce webserver?  I get port scanned
> and hacked at all the time.  I use the Abacus Project to help with
> portscan detection, login anomolies, and log checking but I still feel
> naked!

It could help you a lot. And RSBAC, because of a good load testing... ;)

In earnest, there are several RSBAC models which could encapsulate your  
server processes, so that even hacking them would give no system access  
apart from reading web pages. The actual setup much depends on your  
webserver setup. Currently, SMP is reported to hang on boot, but UP works  
fine - at least on my systems.

So, all of you are welcome to do some load testing.

> BTW:  I subscribed to the mailing list but have not received any kind
> of reply from majordomo; so I'm not sure if I'm actually on it or not.

You are. Unfortunately, this list still resides on a mailbox with regular  
polling. This makes responses a bit slow. I hope to move the list to a  
permanently connected site some day soon.

Amon.

--
Please remove second ao for E-Mail reply - no spam please!

-
To unsubscribe from the rsbac list, send a mail to
majordomo@morpork.shnet.org with
unsubscribe rsbac
as single line in the body.

Next Article (by Subject): auditing "Rockee W. Shi"
Previous Article (by Subject): Appropriate for webserver? Michael Mikkelsen
Top of Thread: Appropriate for webserver? Michael Mikkelsen
Articles sorted by: [Date] [Author] [Subject]


Go to Compuniverse LWGate Home Page.