View Single Post
  #9   (View Single Post)  
Old 11th September 2012
barti barti is offline
Shell Scout
 
Join Date: Jul 2012
Posts: 122
Default I now think jail is useless

Because if attacker can still easily go to the database then everything is doomed.


Jail can protect only the main server but the web service is in deep problems.
Attacker can replace the files in /var/www/html and then what?



--------------------
The protection is only between the main server and the web application, not between the
attacker and the web application, therefore the web application is not protected.
--------------------


What do you think, my conclusion is true?



Other means like DMZ maybe.




Thanks.


-

Last edited by barti; 11th September 2012 at 07:33 AM.
Reply With Quote