Security

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
11 messages Options
Reply | Threaded
Open this post in threaded view
|

Security

Bill Slack
I'm changing my security software and when I load Nbs I'm alerted to "Java(TM}2
Platform Standard Edition binary" trying to act as a internet sever set to
"inbound".

Is anyone familiar with this?  I can only assume that it is for updates, or
something along those lines!  The IDE works, so far, when set to "disallowed".

Regards,
Bill

Reply | Threaded
Open this post in threaded view
|

Re: Security

Brian Cook

Ummm... Ya.  That would be normal.  The primary application the JDK is
used for after all is to run web apps and web services.  So it is not
really that surprising that it acts as a server.




Bill Slack wrote:

> I'm changing my security software and when I load Nbs I'm alerted to
> "Java(TM}2 Platform Standard Edition binary" trying to act as a internet
> sever set to "inbound".
>
> Is anyone familiar with this?  I can only assume that it is for updates,
> or something along those lines!  The IDE works, so far, when set to
> "disallowed".
>
> Regards,
> Bill
>

--
Brian Cook
Digital Services Analyst
Print Time Inc.
[hidden email]
913.345.8900
Reply | Threaded
Open this post in threaded view
|

Re: Security

Bill Slack
Really, I thought the primary application was desktop applications and J2EE was
for web apps and web services.

----- Original Message -----
From: "Brian Cook" <[hidden email]>
To: <[hidden email]>
Sent: Friday, August 12, 2005 2:54 PM
Subject: Re: [nbusers] Security


>
> Ummm... Ya.  That would be normal.  The primary application the JDK is
> used for after all is to run web apps and web services.  So it is not
> really that surprising that it acts as a server.
>
>
>
>
> Bill Slack wrote:
>> I'm changing my security software and when I load Nbs I'm alerted to
>> "Java(TM}2 Platform Standard Edition binary" trying to act as a internet
>> sever set to "inbound".
>>
>> Is anyone familiar with this?  I can only assume that it is for updates,
>> or something along those lines!  The IDE works, so far, when set to
>> "disallowed".
>>
>> Regards,
>> Bill
>>
>
>
> --
> Brian Cook
> Digital Services Analyst
> Print Time Inc.
> [hidden email]
> 913.345.8900
>

Reply | Threaded
Open this post in threaded view
|

Re: Security

Brian Cook

That would be J2SE not the JDK.  And in point of fact you can build web
apps on just J2SE.  It is just a lot easier to build them on J2EE when
they are complicated.  And these days most are.

Either way that is a mute point since I said JDK not J2SE.  J2SE and
J2EE are just APIs.  The JDK is what builds and runs them.  And it has
to be able to do things like running Tomcat which requires it to be able
to act as a server.


Bill Slack wrote:

> Really, I thought the primary application was desktop applications and
> J2EE was for web apps and web services.
>
> ----- Original Message ----- From: "Brian Cook" <[hidden email]>
> To: <[hidden email]>
> Sent: Friday, August 12, 2005 2:54 PM
> Subject: Re: [nbusers] Security
>
>
>>
>> Ummm... Ya.  That would be normal.  The primary application the JDK is
>> used for after all is to run web apps and web services.  So it is not
>> really that surprising that it acts as a server.
>>
>>
>>
>>
>> Bill Slack wrote:
>>
>>> I'm changing my security software and when I load Nbs I'm alerted to
>>> "Java(TM}2 Platform Standard Edition binary" trying to act as a internet
>>> sever set to "inbound".
>>>
>>> Is anyone familiar with this?  I can only assume that it is for updates,
>>> or something along those lines!  The IDE works, so far, when set to
>>> "disallowed".
>>>
>>> Regards,
>>> Bill
>>>
>>
>>
>> --
>> Brian Cook
>> Digital Services Analyst
>> Print Time Inc.
>> [hidden email]
>> 913.345.8900
>>
>
>

--
Brian Cook
Digital Services Analyst
Print Time Inc.
[hidden email]
913.345.8900
Reply | Threaded
Open this post in threaded view
|

Re: Security

Bill Slack

I understand that; however, my original message didn't say SDK, it said
"Java(TM)2 Platform Standard Edition binary", which I take to be J2SE.  Please
enlighten me if they are not the same things.

Bill

----- Original Message -----
From: "Brian Cook" <[hidden email]>
To: <[hidden email]>
Sent: Friday, August 12, 2005 3:33 PM
Subject: Re: [nbusers] Security


>
> That would be J2SE not the JDK.  And in point of fact you can build web
> apps on just J2SE.  It is just a lot easier to build them on J2EE when
> they are complicated.  And these days most are.
>
> Either way that is a mute point since I said JDK not J2SE.  J2SE and
> J2EE are just APIs.  The JDK is what builds and runs them.  And it has
> to be able to do things like running Tomcat which requires it to be able
> to act as a server.
>
>
> Bill Slack wrote:
>> Really, I thought the primary application was desktop applications and
>> J2EE was for web apps and web services.
>>
>> ----- Original Message ----- From: "Brian Cook" <[hidden email]>
>> To: <[hidden email]>
>> Sent: Friday, August 12, 2005 2:54 PM
>> Subject: Re: [nbusers] Security
>>
>>
>>>
>>> Ummm... Ya.  That would be normal.  The primary application the JDK is
>>> used for after all is to run web apps and web services.  So it is not
>>> really that surprising that it acts as a server.
>>>
>>>
>>>
>>>
>>> Bill Slack wrote:
>>>
>>>> I'm changing my security software and when I load Nbs I'm alerted to
>>>> "Java(TM}2 Platform Standard Edition binary" trying to act as a internet
>>>> sever set to "inbound".
>>>>
>>>> Is anyone familiar with this?  I can only assume that it is for updates,
>>>> or something along those lines!  The IDE works, so far, when set to
>>>> "disallowed".
>>>>
>>>> Regards,
>>>> Bill
>>>>
>>>
>>>
>>> --
>>> Brian Cook
>>> Digital Services Analyst
>>> Print Time Inc.
>>> [hidden email]
>>> 913.345.8900
>>>
>>
>>
>
>
> --
> Brian Cook
> Digital Services Analyst
> Print Time Inc.
> [hidden email]
> 913.345.8900
>

Reply | Threaded
Open this post in threaded view
|

Re: Security

Kieran Maclean
I believe that the J2SE is the Java runtime, which runs the
applications, the J2EE is a framework for developing Enterprise
Applications, and the JDK contains the java compiler and (from sun
anyway) a copy of the source of the standard public api.

Also think that NetBeans uses open ports to detect if another instance
of NetBeans is running at the same time, it may also be running it's
internal tomcat server, (though I don't know if this is always run).

I could be wrong but I believe this is the case. So it would appear that
NetBeans is acting as a server though it should not receive any Internet
traffic.

It shouldn't be a problem running the IDE "disallowed", but it may
affect the internal tomcat, though that may depend on your security
software.

Hope that helps.

Kieran Maclean

On Fri, 2005-08-12 at 15:57 -0700, Bill Slack wrote:

> I understand that; however, my original message didn't say SDK, it said
> "Java(TM)2 Platform Standard Edition binary", which I take to be J2SE.  Please
> enlighten me if they are not the same things.
>
> Bill
>
> ----- Original Message -----
> From: "Brian Cook" <[hidden email]>
> To: <[hidden email]>
> Sent: Friday, August 12, 2005 3:33 PM
> Subject: Re: [nbusers] Security
>
>
> >
> > That would be J2SE not the JDK.  And in point of fact you can build web
> > apps on just J2SE.  It is just a lot easier to build them on J2EE when
> > they are complicated.  And these days most are.
> >
> > Either way that is a mute point since I said JDK not J2SE.  J2SE and
> > J2EE are just APIs.  The JDK is what builds and runs them.  And it has
> > to be able to do things like running Tomcat which requires it to be able
> > to act as a server.
> >
> >
> > Bill Slack wrote:
> >> Really, I thought the primary application was desktop applications and
> >> J2EE was for web apps and web services.
> >>
> >> ----- Original Message ----- From: "Brian Cook" <[hidden email]>
> >> To: <[hidden email]>
> >> Sent: Friday, August 12, 2005 2:54 PM
> >> Subject: Re: [nbusers] Security
> >>
> >>
> >>>
> >>> Ummm... Ya.  That would be normal.  The primary application the JDK is
> >>> used for after all is to run web apps and web services.  So it is not
> >>> really that surprising that it acts as a server.
> >>>
> >>>
> >>>
> >>>
> >>> Bill Slack wrote:
> >>>
> >>>> I'm changing my security software and when I load Nbs I'm alerted to
> >>>> "Java(TM}2 Platform Standard Edition binary" trying to act as a internet
> >>>> sever set to "inbound".
> >>>>
> >>>> Is anyone familiar with this?  I can only assume that it is for updates,
> >>>> or something along those lines!  The IDE works, so far, when set to
> >>>> "disallowed".
> >>>>
> >>>> Regards,
> >>>> Bill
> >>>>
> >>>
> >>>
> >>> --
> >>> Brian Cook
> >>> Digital Services Analyst
> >>> Print Time Inc.
> >>> [hidden email]
> >>> 913.345.8900
> >>>
> >>
> >>
> >
> >
> > --
> > Brian Cook
> > Digital Services Analyst
> > Print Time Inc.
> > [hidden email]
> > 913.345.8900
> >
>
>

Reply | Threaded
Open this post in threaded view
|

Re: Security

Bill Slack
Thanks Kieran.
That seems like a reasonable explanation.
I confess I'm still a little puzzled.  I'm new to all this stuff, but it seems
to me that the port that it opens to receive could be exploited.  Would this be
right?
Regards,
Bill
----- Original Message -----
From: "Kieran Maclean" <[hidden email]>
To: <[hidden email]>
Sent: Saturday, August 13, 2005 1:56 AM
Subject: Re: [nbusers] Security


>I believe that the J2SE is the Java runtime, which runs the
> applications, the J2EE is a framework for developing Enterprise
> Applications, and the JDK contains the java compiler and (from sun
> anyway) a copy of the source of the standard public api.
>
> Also think that NetBeans uses open ports to detect if another instance
> of NetBeans is running at the same time, it may also be running it's
> internal tomcat server, (though I don't know if this is always run).
>
> I could be wrong but I believe this is the case. So it would appear that
> NetBeans is acting as a server though it should not receive any Internet
> traffic.
>
> It shouldn't be a problem running the IDE "disallowed", but it may
> affect the internal tomcat, though that may depend on your security
> software.
>
> Hope that helps.
>
> Kieran Maclean
>
> On Fri, 2005-08-12 at 15:57 -0700, Bill Slack wrote:
>> I understand that; however, my original message didn't say SDK, it said
>> "Java(TM)2 Platform Standard Edition binary", which I take to be J2SE.
>> Please
>> enlighten me if they are not the same things.
>>
>> Bill
>>
>> ----- Original Message -----
>> From: "Brian Cook" <[hidden email]>
>> To: <[hidden email]>
>> Sent: Friday, August 12, 2005 3:33 PM
>> Subject: Re: [nbusers] Security
>>
>>
>> >
>> > That would be J2SE not the JDK.  And in point of fact you can build web
>> > apps on just J2SE.  It is just a lot easier to build them on J2EE when
>> > they are complicated.  And these days most are.
>> >
>> > Either way that is a mute point since I said JDK not J2SE.  J2SE and
>> > J2EE are just APIs.  The JDK is what builds and runs them.  And it has
>> > to be able to do things like running Tomcat which requires it to be able
>> > to act as a server.
>> >
>> >
>> > Bill Slack wrote:
>> >> Really, I thought the primary application was desktop applications and
>> >> J2EE was for web apps and web services.
>> >>
>> >> ----- Original Message ----- From: "Brian Cook" <[hidden email]>
>> >> To: <[hidden email]>
>> >> Sent: Friday, August 12, 2005 2:54 PM
>> >> Subject: Re: [nbusers] Security
>> >>
>> >>
>> >>>
>> >>> Ummm... Ya.  That would be normal.  The primary application the JDK is
>> >>> used for after all is to run web apps and web services.  So it is not
>> >>> really that surprising that it acts as a server.
>> >>>
>> >>>
>> >>>
>> >>>
>> >>> Bill Slack wrote:
>> >>>
>> >>>> I'm changing my security software and when I load Nbs I'm alerted to
>> >>>> "Java(TM}2 Platform Standard Edition binary" trying to act as a internet
>> >>>> sever set to "inbound".
>> >>>>
>> >>>> Is anyone familiar with this?  I can only assume that it is for updates,
>> >>>> or something along those lines!  The IDE works, so far, when set to
>> >>>> "disallowed".
>> >>>>
>> >>>> Regards,
>> >>>> Bill
>> >>>>
>> >>>
>> >>>
>> >>> --
>> >>> Brian Cook
>> >>> Digital Services Analyst
>> >>> Print Time Inc.
>> >>> [hidden email]
>> >>> 913.345.8900
>> >>>
>> >>
>> >>
>> >
>> >
>> > --
>> > Brian Cook
>> > Digital Services Analyst
>> > Print Time Inc.
>> > [hidden email]
>> > 913.345.8900
>> >
>>
>>
>
>

Reply | Threaded
Open this post in threaded view
|

RE: Security

Richard Bremner-3
Any open port can be exploited.

I assume Netbeans also uses ports to connect to CVS, the Update Center,
Collaboration Server, probably more... let it be

Richard

-----Original Message-----
From: Bill Slack [mailto:[hidden email]]
Sent: 13 August 2005 17:23
To: [hidden email]
Subject: Re: [nbusers] Security

Thanks Kieran.
That seems like a reasonable explanation.
I confess I'm still a little puzzled.  I'm new to all this stuff, but it
seems
to me that the port that it opens to receive could be exploited.  Would this
be
right?
Regards,
Bill
----- Original Message -----
From: "Kieran Maclean" <[hidden email]>
To: <[hidden email]>
Sent: Saturday, August 13, 2005 1:56 AM
Subject: Re: [nbusers] Security


>I believe that the J2SE is the Java runtime, which runs the
> applications, the J2EE is a framework for developing Enterprise
> Applications, and the JDK contains the java compiler and (from sun
> anyway) a copy of the source of the standard public api.
>
> Also think that NetBeans uses open ports to detect if another instance
> of NetBeans is running at the same time, it may also be running it's
> internal tomcat server, (though I don't know if this is always run).
>
> I could be wrong but I believe this is the case. So it would appear that
> NetBeans is acting as a server though it should not receive any Internet
> traffic.
>
> It shouldn't be a problem running the IDE "disallowed", but it may
> affect the internal tomcat, though that may depend on your security
> software.
>
> Hope that helps.
>
> Kieran Maclean
>
> On Fri, 2005-08-12 at 15:57 -0700, Bill Slack wrote:
>> I understand that; however, my original message didn't say SDK, it said
>> "Java(TM)2 Platform Standard Edition binary", which I take to be J2SE.
>> Please
>> enlighten me if they are not the same things.
>>
>> Bill
>>
>> ----- Original Message -----
>> From: "Brian Cook" <[hidden email]>
>> To: <[hidden email]>
>> Sent: Friday, August 12, 2005 3:33 PM
>> Subject: Re: [nbusers] Security
>>
>>
>> >
>> > That would be J2SE not the JDK.  And in point of fact you can build web
>> > apps on just J2SE.  It is just a lot easier to build them on J2EE when
>> > they are complicated.  And these days most are.
>> >
>> > Either way that is a mute point since I said JDK not J2SE.  J2SE and
>> > J2EE are just APIs.  The JDK is what builds and runs them.  And it has
>> > to be able to do things like running Tomcat which requires it to be
able

>> > to act as a server.
>> >
>> >
>> > Bill Slack wrote:
>> >> Really, I thought the primary application was desktop applications and
>> >> J2EE was for web apps and web services.
>> >>
>> >> ----- Original Message ----- From: "Brian Cook" <[hidden email]>
>> >> To: <[hidden email]>
>> >> Sent: Friday, August 12, 2005 2:54 PM
>> >> Subject: Re: [nbusers] Security
>> >>
>> >>
>> >>>
>> >>> Ummm... Ya.  That would be normal.  The primary application the JDK
is

>> >>> used for after all is to run web apps and web services.  So it is not
>> >>> really that surprising that it acts as a server.
>> >>>
>> >>>
>> >>>
>> >>>
>> >>> Bill Slack wrote:
>> >>>
>> >>>> I'm changing my security software and when I load Nbs I'm alerted to
>> >>>> "Java(TM}2 Platform Standard Edition binary" trying to act as a
internet
>> >>>> sever set to "inbound".
>> >>>>
>> >>>> Is anyone familiar with this?  I can only assume that it is for
updates,

>> >>>> or something along those lines!  The IDE works, so far, when set to
>> >>>> "disallowed".
>> >>>>
>> >>>> Regards,
>> >>>> Bill
>> >>>>
>> >>>
>> >>>
>> >>> --
>> >>> Brian Cook
>> >>> Digital Services Analyst
>> >>> Print Time Inc.
>> >>> [hidden email]
>> >>> 913.345.8900
>> >>>
>> >>
>> >>
>> >
>> >
>> > --
>> > Brian Cook
>> > Digital Services Analyst
>> > Print Time Inc.
>> > [hidden email]
>> > 913.345.8900
>> >
>>
>>
>
>


Reply | Threaded
Open this post in threaded view
|

RE: Security

Kieran Maclean
It's quite difficult to exploit an outgoing port, such as the CVS or the
Update Center because an exploit would be required to in effect replace
the destination host, (some kind of man-in-the-middle attack).

The internal tomcat server is accessible when running so that could be
exploited but for non-web apps it appears to be stopped and so should
not cause a problem.

The NetBeans port, I'm not sure about, I don't know how it is used.
I suppose a DOS attack or similar could cause a problem.
However I don't think blocking access to the port should cause any
problems. If your security software allows it it might me an idea to
allow access to the ports from localhost(127.0.0.1), though this might
work anyway.

It's probably nothing to worry about as Richard said.

Kieran Maclean

On Sat, 2005-08-13 at 18:00 +0100, Richard Bremner wrote:

> Any open port can be exploited.
>
> I assume Netbeans also uses ports to connect to CVS, the Update Center,
> Collaboration Server, probably more... let it be
>
> Richard
>
> -----Original Message-----
> From: Bill Slack [mailto:[hidden email]]
> Sent: 13 August 2005 17:23
> To: [hidden email]
> Subject: Re: [nbusers] Security
>
> Thanks Kieran.
> That seems like a reasonable explanation.
> I confess I'm still a little puzzled.  I'm new to all this stuff, but it
> seems
> to me that the port that it opens to receive could be exploited.  Would this
> be
> right?
> Regards,
> Bill
> ----- Original Message -----
> From: "Kieran Maclean" <[hidden email]>
> To: <[hidden email]>
> Sent: Saturday, August 13, 2005 1:56 AM
> Subject: Re: [nbusers] Security
>
>
> >I believe that the J2SE is the Java runtime, which runs the
> > applications, the J2EE is a framework for developing Enterprise
> > Applications, and the JDK contains the java compiler and (from sun
> > anyway) a copy of the source of the standard public api.
> >
> > Also think that NetBeans uses open ports to detect if another instance
> > of NetBeans is running at the same time, it may also be running it's
> > internal tomcat server, (though I don't know if this is always run).
> >
> > I could be wrong but I believe this is the case. So it would appear that
> > NetBeans is acting as a server though it should not receive any Internet
> > traffic.
> >
> > It shouldn't be a problem running the IDE "disallowed", but it may
> > affect the internal tomcat, though that may depend on your security
> > software.
> >
> > Hope that helps.
> >
> > Kieran Maclean
> >
> > On Fri, 2005-08-12 at 15:57 -0700, Bill Slack wrote:
> >> I understand that; however, my original message didn't say SDK, it said
> >> "Java(TM)2 Platform Standard Edition binary", which I take to be J2SE.
> >> Please
> >> enlighten me if they are not the same things.
> >>
> >> Bill
> >>
> >> ----- Original Message -----
> >> From: "Brian Cook" <[hidden email]>
> >> To: <[hidden email]>
> >> Sent: Friday, August 12, 2005 3:33 PM
> >> Subject: Re: [nbusers] Security
> >>
> >>
> >> >
> >> > That would be J2SE not the JDK.  And in point of fact you can build web
> >> > apps on just J2SE.  It is just a lot easier to build them on J2EE when
> >> > they are complicated.  And these days most are.
> >> >
> >> > Either way that is a mute point since I said JDK not J2SE.  J2SE and
> >> > J2EE are just APIs.  The JDK is what builds and runs them.  And it has
> >> > to be able to do things like running Tomcat which requires it to be
> able
> >> > to act as a server.
> >> >
> >> >
> >> > Bill Slack wrote:
> >> >> Really, I thought the primary application was desktop applications and
> >> >> J2EE was for web apps and web services.
> >> >>
> >> >> ----- Original Message ----- From: "Brian Cook" <[hidden email]>
> >> >> To: <[hidden email]>
> >> >> Sent: Friday, August 12, 2005 2:54 PM
> >> >> Subject: Re: [nbusers] Security
> >> >>
> >> >>
> >> >>>
> >> >>> Ummm... Ya.  That would be normal.  The primary application the JDK
> is
> >> >>> used for after all is to run web apps and web services.  So it is not
> >> >>> really that surprising that it acts as a server.
> >> >>>
> >> >>>
> >> >>>
> >> >>>
> >> >>> Bill Slack wrote:
> >> >>>
> >> >>>> I'm changing my security software and when I load Nbs I'm alerted to
> >> >>>> "Java(TM}2 Platform Standard Edition binary" trying to act as a
> internet
> >> >>>> sever set to "inbound".
> >> >>>>
> >> >>>> Is anyone familiar with this?  I can only assume that it is for
> updates,
> >> >>>> or something along those lines!  The IDE works, so far, when set to
> >> >>>> "disallowed".
> >> >>>>
> >> >>>> Regards,
> >> >>>> Bill
> >> >>>>
> >> >>>
> >> >>>
> >> >>> --
> >> >>> Brian Cook
> >> >>> Digital Services Analyst
> >> >>> Print Time Inc.
> >> >>> [hidden email]
> >> >>> 913.345.8900
> >> >>>
> >> >>
> >> >>
> >> >
> >> >
> >> > --
> >> > Brian Cook
> >> > Digital Services Analyst
> >> > Print Time Inc.
> >> > [hidden email]
> >> > 913.345.8900
> >> >
> >>
> >>
> >
> >
>
>
>

Reply | Threaded
Open this post in threaded view
|

Re: Security

Bill Slack
Thank you everyone for your help.
Have a good weekend.
Bill

----- Original Message -----
From: "Kieran Maclean" <[hidden email]>
To: <[hidden email]>
Sent: Saturday, August 13, 2005 10:30 AM
Subject: RE: [nbusers] Security


> It's quite difficult to exploit an outgoing port, such as the CVS or the
> Update Center because an exploit would be required to in effect replace
> the destination host, (some kind of man-in-the-middle attack).
>
> The internal tomcat server is accessible when running so that could be
> exploited but for non-web apps it appears to be stopped and so should
> not cause a problem.
>
> The NetBeans port, I'm not sure about, I don't know how it is used.
> I suppose a DOS attack or similar could cause a problem.
> However I don't think blocking access to the port should cause any
> problems. If your security software allows it it might me an idea to
> allow access to the ports from localhost(127.0.0.1), though this might
> work anyway.
>
> It's probably nothing to worry about as Richard said.
>
> Kieran Maclean
>
> On Sat, 2005-08-13 at 18:00 +0100, Richard Bremner wrote:
>> Any open port can be exploited.
>>
>> I assume Netbeans also uses ports to connect to CVS, the Update Center,
>> Collaboration Server, probably more... let it be
>>
>> Richard
>>
>> -----Original Message-----
>> From: Bill Slack [mailto:[hidden email]]
>> Sent: 13 August 2005 17:23
>> To: [hidden email]
>> Subject: Re: [nbusers] Security
>>
>> Thanks Kieran.
>> That seems like a reasonable explanation.
>> I confess I'm still a little puzzled.  I'm new to all this stuff, but it
>> seems
>> to me that the port that it opens to receive could be exploited.  Would this
>> be
>> right?
>> Regards,
>> Bill
>> ----- Original Message -----
>> From: "Kieran Maclean" <[hidden email]>
>> To: <[hidden email]>
>> Sent: Saturday, August 13, 2005 1:56 AM
>> Subject: Re: [nbusers] Security
>>
>>
>> >I believe that the J2SE is the Java runtime, which runs the
>> > applications, the J2EE is a framework for developing Enterprise
>> > Applications, and the JDK contains the java compiler and (from sun
>> > anyway) a copy of the source of the standard public api.
>> >
>> > Also think that NetBeans uses open ports to detect if another instance
>> > of NetBeans is running at the same time, it may also be running it's
>> > internal tomcat server, (though I don't know if this is always run).
>> >
>> > I could be wrong but I believe this is the case. So it would appear that
>> > NetBeans is acting as a server though it should not receive any Internet
>> > traffic.
>> >
>> > It shouldn't be a problem running the IDE "disallowed", but it may
>> > affect the internal tomcat, though that may depend on your security
>> > software.
>> >
>> > Hope that helps.
>> >
>> > Kieran Maclean
>> >
>> > On Fri, 2005-08-12 at 15:57 -0700, Bill Slack wrote:
>> >> I understand that; however, my original message didn't say SDK, it said
>> >> "Java(TM)2 Platform Standard Edition binary", which I take to be J2SE.
>> >> Please
>> >> enlighten me if they are not the same things.
>> >>
>> >> Bill
>> >>
>> >> ----- Original Message -----
>> >> From: "Brian Cook" <[hidden email]>
>> >> To: <[hidden email]>
>> >> Sent: Friday, August 12, 2005 3:33 PM
>> >> Subject: Re: [nbusers] Security
>> >>
>> >>
>> >> >
>> >> > That would be J2SE not the JDK.  And in point of fact you can build web
>> >> > apps on just J2SE.  It is just a lot easier to build them on J2EE when
>> >> > they are complicated.  And these days most are.
>> >> >
>> >> > Either way that is a mute point since I said JDK not J2SE.  J2SE and
>> >> > J2EE are just APIs.  The JDK is what builds and runs them.  And it has
>> >> > to be able to do things like running Tomcat which requires it to be
>> able
>> >> > to act as a server.
>> >> >
>> >> >
>> >> > Bill Slack wrote:
>> >> >> Really, I thought the primary application was desktop applications and
>> >> >> J2EE was for web apps and web services.
>> >> >>
>> >> >> ----- Original Message ----- From: "Brian Cook" <[hidden email]>
>> >> >> To: <[hidden email]>
>> >> >> Sent: Friday, August 12, 2005 2:54 PM
>> >> >> Subject: Re: [nbusers] Security
>> >> >>
>> >> >>
>> >> >>>
>> >> >>> Ummm... Ya.  That would be normal.  The primary application the JDK
>> is
>> >> >>> used for after all is to run web apps and web services.  So it is not
>> >> >>> really that surprising that it acts as a server.
>> >> >>>
>> >> >>>
>> >> >>>
>> >> >>>
>> >> >>> Bill Slack wrote:
>> >> >>>
>> >> >>>> I'm changing my security software and when I load Nbs I'm alerted to
>> >> >>>> "Java(TM}2 Platform Standard Edition binary" trying to act as a
>> internet
>> >> >>>> sever set to "inbound".
>> >> >>>>
>> >> >>>> Is anyone familiar with this?  I can only assume that it is for
>> updates,
>> >> >>>> or something along those lines!  The IDE works, so far, when set to
>> >> >>>> "disallowed".
>> >> >>>>
>> >> >>>> Regards,
>> >> >>>> Bill
>> >> >>>>
>> >> >>>
>> >> >>>
>> >> >>> --
>> >> >>> Brian Cook
>> >> >>> Digital Services Analyst
>> >> >>> Print Time Inc.
>> >> >>> [hidden email]
>> >> >>> 913.345.8900
>> >> >>>
>> >> >>
>> >> >>
>> >> >
>> >> >
>> >> > --
>> >> > Brian Cook
>> >> > Digital Services Analyst
>> >> > Print Time Inc.
>> >> > [hidden email]
>> >> > 913.345.8900
>> >> >
>> >>
>> >>
>> >
>> >
>>
>>
>>
>
>
Reply | Threaded
Open this post in threaded view
|

Re: Security

Dimitri Maziuk
In reply to this post by Kieran Maclean
On Saturday 13 August 2005 12:30 pm, Kieran Maclean wrote:

> It's quite difficult to exploit an outgoing port, such as the CVS or the
> Update Center because an exploit would be required to in effect replace
> the destination host, (some kind of man-in-the-middle attack).
>
> The internal tomcat server is accessible when running so that could be
> exploited but for non-web apps it appears to be stopped and so should
> not cause a problem.
>
> The NetBeans port, I'm not sure about, I don't know how it is used.
> I suppose a DOS attack or similar could cause a problem.
> However I don't think blocking access to the port should cause any
> problems. If your security software allows it it might me an idea to
> allow access to the ports from localhost(127.0.0.1), though this might
> work anyway.

On decent OSen all access from 127.0.0.1 should go to 127.0.0.1 -- through
loopback interface, bypassing the actual network interface card. Most people
routinely add "block all to 127/8 not from 127/8" to firewall rules anyway,
to prevent spoofing, so even if OS sends lopback traffic through the NIC,
open ports on localhost can only be exploited *from* localhost.

So, open ports on 127/8 are at risk only if you have users/malware on the
system who would try hacking in via loopback interface while you're running
the IDE.

Dima
--
Sufficiently advanced incompetence is indistinguishable from malice.