Security question (simple).

Lewis Thompson purple at
Fri Aug 22 17:08:49 PDT 2003


  I'm fairly new to network/machine security (but I know enough to write
some firewall rules, just the basics.  I guess I'm getting on for
novice, or something ;)

  I'm running two jails on my box, which has a dialup connection to the
'net.  It's all firewalled off and only certain things are available
from outside.  For incoming WWW I have some port-forwarding going on
(natd), which bounces it to the httpd running in the jail.  Am I right
in thinking if I am running some inherently insecure application there
is ABSOLUTELY NO WAY anybody can exploit it if it's not listening on the
dial-up interface?  I mean, without rooting the host system first.  Or,
if it's not, it's still pretty hard, right?


I was so much older then, I'm younger than that now.  --Bob Dylan, 1964.
-| msn:purple at | jab:lewiz at | url: |-
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url :

More information about the freebsd-questions mailing list