Webapps denying all outside access by default?
Reindl Harald
h.reindl at thelounge.net
Sun Jul 21 20:21:51 UTC 2013
Am 21.07.2013 19:39, schrieb drago01:
> On Sun, Jul 21, 2013 at 6:47 PM, Jared K. Smith
> <jsmith at fedoraproject.org> wrote:
>> On Sat, Jul 20, 2013 at 12:53 PM, Adam Williamson <awilliam at redhat.com>
>> wrote:
>>>
>>> I'm not sure if I'm missing anything here, but is it intended that
>>> webapps should not be accessible from anywhere but localhost by default?
>>
>>
>> That's my understanding, yes. It follows from the general understanding
>> that network-accessible daemons (with perhaps the exception of sshd) should
>> not be accessible from outside of localhost by default.
>>
>> Now I'm curious... do you have a particularly strong reason why web apps
>> should be different than any other network daemon?
>
> Because they aren't. The daemon in this case is httpd, not the webapps
but the danger is not a up-to-date httpd
the danger is blindly installed and not proper configured
web-apps on default path's - it takes *minutes* before the
first bot will find your application
what attack should happen to a naked httpd?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 263 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20130721/00bb32cf/attachment.sig>
More information about the devel
mailing list