[NTLUG:Discuss] A Vulnerability question
Richard Cobbe
cobbe at airmail.net
Mon Oct 8 15:46:17 CDT 2001
Lo, on Monday, October 8, Dennis Myhand did write:
> Okay, I realize this may be a very simplistic sounding question, BUT...
>
> Whenever there is a vulnerability announced, such as for BIND, or
> another such program (Like everything on my wife's Winderz machine), am
> I vulnerable if I,
>
> 1.) Am not running that program, like not even configured but on my
> system?,
Most likely not---at least, to the announced vulnerability. But if you're
not running it, why have it installed? Just get rid of it; that way you
KNOW you're not running it, and your system is simpler and thus easier to
maintain. (Granted, for a single package, the difference isn't much, but
it adds up.)
>
> 2.) Am running a firewall and not running that program, same situation
> as 1?,
Yeah, same as #1.
> 3.) Or am simply running a firewall with that program running?
Depends---does your firewall block external access to that program? If it
simply lets all network traffic through to that port (those ports), then
the firewall is pretty much completely irrelevant for this issue.
Richard
More information about the Discuss
mailing list