Re: Connection to Webmin

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
Subject: Re: Connection to Webmin
From: Nathaniel Hall <halln@xxxxxxx>
Date: Mon, 13 Dec 2004 15:25:35 -0600
In-reply-to: <[email protected]>
Organization: Ozarks Technical Community College
References: <[email protected]> <[email protected]> <[email protected]>
Reply-to: halln@xxxxxxx, For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
User-agent: Mozilla Thunderbird 1.0 (Windows/20041206)

True, webmin does use the loopback interface. However, every read or change must be transmitted two and from the client machine, including the username and password used to access it. Anybody on the inside of the network could easily sniff all of the information they need.

Nathaniel Hall, GSEC
Intrusion Detection and Firewall Technician
Ozarks Technical Community College -- Office of Computer Networking

halln@xxxxxxx
417-447-7535

James Wilkinson wrote:

In this particular example, it's merely bad practice. It's safe enough
in that example because the data never leaves the machine (it will go
over the loopback interface).  And if the computer is properly
firewalled, no-one can get at port 10000 from outside. And the standard
Fedora firewall will do this.

Follow-Ups:
- Re: Connection to Webmin
  - From: James Wilkinson

References:
- Connection to Webmin
  - From: antonio montagnani
- Re: Connection to Webmin
  - From: Alexander Dalloz
- Re: Connection to Webmin
  - From: James Wilkinson

Prev by Date: Re: Nautilus in Browser mode by default?
Next by Date: GPG.conf missing
Previous by thread: Re: Connection to Webmin
Next by thread: Re: Connection to Webmin
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]

Powered by Linux