cachemgr.cgi and port scanning

From: Adrian Chadd <adrian@dont-contact.us>
Date: Sat, 10 Jun 2006 20:32:39 +0800

I'm sure this has popped up before, but:

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=133131

An example of someone using cachemgr.cgi to portscan arbitrary hosts.
What do you all think about adding in some basic configuration
to lock down which port/host the installed cachemgr.cgi is permitted
to look at?

Adrian
Received on Sat Jun 10 2006 - 14:55:02 MDT

This message: [ Message body ]
Next message: Henrik Nordstrom: "Re: cachemgr.cgi and port scanning"
Previous message: Henrik Nordstrom: "Re: Stateful helpers broken in 2.6 ?"
Next in thread: Henrik Nordstrom: "Re: cachemgr.cgi and port scanning"
Reply: Henrik Nordstrom: "Re: cachemgr.cgi and port scanning"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

This archive was generated by hypermail pre-2.1.9 : Fri Jun 30 2006 - 12:00:02 MDT