20 Sep
2001
20 Sep
'01
11:16 p.m.
On Thu, Sep 20, 2001 at 12:44:46PM -0400, Leigh David Heyman wrote:
80, regardless of whatever webserver (or lack thereof) is at the other end. The risk is Denial of service, not exploitation, and being able to simply close the port is the best way to mitigate this problem.
In the meantime you could, of course, filter at nearby routers.
Though I'm rather surprised that you're letting a filer be reachable from outside of your internal network anyway. You do at least filter NFS and RPC traffic to only legitimate hosts and networks, right?
(I thought it was accepted & best common practice to make NFS services accessible via private networks, and CIFS restricted to your site only.)
James.