Mailinglist Archive: opensuse-security (670 mails)
| < Previous | Next > |
Assuming closed box get attacked
- From: "Michael Appeldorn" <appeldorn@xxxxxxxxx>
- Date: Sat, 10 Nov 2001 09:41:01 +0100
- Message-id: <OPEGLGOFLLBEKGBCNOLAKEECCFAA.appeldorn@xxxxxxxxx>
Hi list -
last day I setup a new box with fix IP and one NIC to the
internet. (Newest 2.4.X kernel with actual netfilter).
Too keep it simple,the only thing I do on the internet is
to regulary ping a certain server to check its heartbeat.
I closed all incoming traffic (icmp,tcp,udp) which was not
initiated by my using "iptables -m state" flag.
netstat -an | grep -i listen | wc -l shows -> 0
Is it right, that the only way to comprise my system is to
hijack a session i initiate or to exploit vulnarabilities
in TCP/IP-stack/netfilter implementation
or - when not
where an attacker can hurt me too ?
Michael
| < Previous | Next > |