Jump to content

Cool Security Solution!?! (Mac)


This topic is 7462 days old. Please don't post here. Open a new topic instead.

Recommended Posts

(longish, tedious message, but please read to the end)

I recently bagged my perfectly adequate FMPro4.1 server set-up to acheive the additional security benefits of running FMPro5u'ltd behind my Webstar server via the web server connector. I intended to use the IP restriction feature to limit requests to FM to only those passing through the server machine (see previous post). I was dismayed to find out that the IP restriction applied only to the client IP address, even though the FM access logger clearly specifies that it thinks all requests are coming from the IP of the server machine. (so why couldn't FMI make the IP restriction feature responsive to this information?? mad.gif" border="0 )

Anyway, when I started my server I immediately got hit by Nimda and code red. I asked for help with this and was told to look into a program call IPNetSentry.

"IPNetSentry from http://www.sustworks.com will stop these 'Nimda' hits."

It's a cool little program that monitors and filters all incoming network requests (all protocols all ports). It easily solved my worm problem (though the default is that it shuts down tcp when it detectes an attack- this can be disabled).

Here's the cool part. IPSentry's IP restriction feature DOES ACT LIKE FMPRO'S SHOULD!! laugh.gif" border="0 I have just started screwing around with it, but as of this moment it seems to be working to deny direct requests to the machine running FMP5, and is allowing all requests coming from the webstar box via the web server connector.

I will leave it to more experienced administrators/programmers to evaluate this solution, and I look forward to their feedback. It seems very promising though. I am particularly excited that this security arrangement can be executed with machines running copies of FM4.x

[ December 20, 2001: Message edited by: Dr.J. ]

Link to comment
Share on other sites

This topic is 7462 days old. Please don't post here. Open a new topic instead.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Create New...

Important Information

By using this site, you agree to our Terms of Use.