I do not see any real problems with that. As long as they aer doing it
safely. Sendmail .8.8.5 has no, well that I know of..., remote exploits in
it. If rhey removed the stock cgi's for the webserver then I see no problme
with that either. Although the Remote commands are not good, but only under
certin OS's are they buggy. Filtering is not really important either. It all
matters as to what the lan is holding and how secure the machines behind
this gateway are. If the adminstrator just install the software and plugged
in the network, then his job should be evaluated. Although if he went
through the box and un-suid stuff and did some sort of security on the
services the box is running, I see no problem with it.
-----Original Message-----
From: Norman Widders <winspace @
geko .
net .
au>
To: firewalls @
GreatCircle .
COM <firewalls @
GreatCircle .
COM>
Date: Monday, October 27, 1997 12:21 PM
Subject: Security Evaluation
Just wondered what most of you guys/gals think of a gateway box
connected to the Internet with the following which I found in a
rather urgent security evaluation...
running _all_ the R-commands
telneting in from the net... no SSH
no Filter Rules or blocking hosts/IP's
running a Webserver on it..
sendmail 8.8.5 (not the latest 8.8.7)
Please any feedback as this has to go before management
for review....
--
Wheres my valium....
|
|
