| Subject | Re: [firebird-support] Firbird Vulnerability To Exploits - Port 3050 |
|---|---|
| Author | Alexandre Benson Smith |
| Post date | 2008-07-31T21:56:26Z |
Steve Wiser wrote:
etc.) and don't open port 3050 direct.
Restrict the access to the tunneling port just to the "trusted" hosts
Use private keys in your tunnel software to accept connections.
see you !
--
Alexandre Benson Smith
Development
THOR Software e Comercial Ltda
Santo Andre - Sao Paulo - Brazil
www.thorsoftware.com.br
> Is this a webapp (I assume so since you mention a webmaster)? If so whyBesides that, use some kind of tuneling software (zebedee, stunnel, ssh,
> don't you restrict the firebird port so only your web application can
> talk to the database server instead of having 3050 sitting wide open on
> the internet?
>
> It won't solve all of the problems, but it eliminates a few.
>
> We have our database servers firewalled away from our web application
> servers (which are firewalled away from the internet).
>
> -steve
>
etc.) and don't open port 3050 direct.
Restrict the access to the tunneling port just to the "trusted" hosts
Use private keys in your tunnel software to accept connections.
see you !
--
Alexandre Benson Smith
Development
THOR Software e Comercial Ltda
Santo Andre - Sao Paulo - Brazil
www.thorsoftware.com.br