On 5 Jun 2001, Abdulkareem Kusai wrote: > I share the same concern; can the inbound services we offer via the > internet using Sun iPlanet be penetrated without being detected since > the attack is transported within SSL? For example > IMAP/HTTP/SSL/TCP/IP. I would like for someone to convince me that my > concern is unfounded. Any takers? Netscape Web servers have had their share of security issues over time (perhaps more than their share), so I don't think I can give you much comfort there. What I will say is that on the whole, the large majority of exploits are more than 1 quarter old, so if you're updating/patching once a quarter (OS and applications like Web servers, you're probably better than the 90th percentile. Heck, that's probably true of patching annually. Once a quarter is my current recommendation though, very few vulns are newer than that. As far as detection goes, without host-based IDS, I'm not sure that SSL is all that bad uneless you're relying on NIDs (I think a poor choice, but that's another story) -- if your Web servers are exposed, they're what you need to worry about, no matter what protocol hits them. Your protocol list doesn't include any protocol that isn't actively exploited these days. Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions proberts@patriot.net which may have no basis whatsoever in fact." - [To unsubscribe, send mail to majordomo@lists.gnac.net with "unsubscribe firewalls" in the body of the message.]