[nycphp-talk] Secure (XML-RPC) connection
Chris Bielanski
Cbielanski at inta.org
Wed Mar 24 14:49:43 EST 2004
Right along side that is, once you've masked your handshakes a smidgeon,
translate them to "non-standard" ports - HTTP on port 1080, SSL on 1443,
etc.
~C
> -----Original Message-----
> From: jon baer [mailto:jonbaer at jonbaer.net]
> Sent: Wednesday, March 24, 2004 2:45 PM
> To: NYPHP Talk
> Subject: Re: [nycphp-talk] Secure (XML-RPC) connection
>
>
> > If I forward Firewall:80 to ProdnServer:80, that will let
> the web server
> > in and everyone else on the Big Bad Internet. I can use SSH/SSL to
> > encrypt the data from the Web Server to the Production
> Server but I need
> > to minimize/remove all acapabilities for the Big Bad
> Internet to get to
> > ProdnServer:80.
>
> Have you tested your network with the latest nmap from the
> outside? Not to
> say that security by obscurity is 100% (id be fired :-) but
> tweaking your
> banners for those fingerprints reduce the risk somewhat (and
> tweaking ICMP,
> SYN-ACK stuff). I really dont think you can expect much more
> when you are
> connected to the Big Bad Internet.
>
> - Jon
>
> _______________________________________________
> talk mailing list
> talk at lists.nyphp.org
> http://lists.nyphp.org/mailman/listinfo/talk
>
More information about the talk
mailing list