• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Remote file inclusion protection

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> UNIX // GNU/Linux

View previous topic :: View next topic  
Author Message
etusha
Just Arrived
Just Arrived


Joined: 22 Oct 2006
Posts: 0


Offline

PostPosted: Sun Oct 22, 2006 7:32 pm    Post subject: Remote file inclusion protection Reply with quote

How can i protect my linux or unix server from remote file inclusion
Back to top
View user's profile Send private message Visit poster's website MSN Messenger
heba
Just Arrived
Just Arrived


Joined: 09 Jan 2006
Posts: 4
Location: Cremona (Italy)

Offline

PostPosted: Mon Oct 30, 2006 12:05 pm    Post subject: Reply with quote

Second me, use a setting firewall more restrict.
Set iptables or use shorewall that set the iptables rules automatically.
Back to top
View user's profile Send private message
zzycatch
Just Arrived
Just Arrived


Joined: 30 Aug 2006
Posts: 0


Offline

PostPosted: Mon Oct 30, 2006 2:20 pm    Post subject: Reply with quote

A firewall such as iptables is insufficient to protect against such a leverage of access. Your best bet is to rely on the operating system's security policy to minimize the level of access services have. Ideally this will prevent attackers from gaining access to local tools required to acquire/manipulate objects or better yet will prevent attackers from ever gaining write access to your system in any but the most limited capacity, if at all.

A proxying firewall like Sidewinder or even FWTK if you can dig it up can be configured to address many file inclusion issues, but controlling the potential access is your best bet.

cheers,

catch
Back to top
View user's profile Send private message
heba
Just Arrived
Just Arrived


Joined: 09 Jan 2006
Posts: 4
Location: Cremona (Italy)

Offline

PostPosted: Mon Oct 30, 2006 5:50 pm    Post subject: Reply with quote

zzycatch wrote:
A firewall such as iptables is insufficient to protect against such a leverage of access. Your best bet is to rely on the operating system's security policy to minimize the level of access services have.
A proxying firewall like Sidewinder or even FWTK if you can dig it up can be configured to address many file inclusion issues, but controlling the potential access is your best bet.



this, in linux do it iptables that is the command to set the firewall, but if he/she want use a firewall shorewall is a firewall... Rolling Eyes
Back to top
View user's profile Send private message
zzycatch
Just Arrived
Just Arrived


Joined: 30 Aug 2006
Posts: 0


Offline

PostPosted: Tue Oct 31, 2006 12:32 am    Post subject: Reply with quote

Quote:
The Shoreline Firewall, more commonly known as "Shorewall", is a high-level tool for configuring Netfilter.
- http://www.shorewall.net/

Quote:
While technically iptables is merely the tool which controls the packet filtering and NAT components within the kernel, the name iptables is often used to refer to the entire infrastructure, including netfilter, connection tracking and NAT, as well as the tool itself.
- http://en.wikipedia.org/wiki/Iptables

In any event, it cannot do what you are claiming.

cheers,

catch
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> UNIX // GNU/Linux All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register