PureBytes Links
Trading Reference Links
|
From: Code 2 <Code2@xxxxxxx>
I checked my firewall configuration and eSignal's firewall configuration
recommendations ( http://www.esignalcentral.com/support/esignal/firewall.asp )
and local port 80 needn't be open to incoming traffic. In fact, you
need only permit outbound traffic and permit it to remote ports
2189-2196.
Just for good measure, I added a rule to block incoming TCP and
UDP traffic to local port 80, but I think that's redundant.
Am I misunderstanding the vulnerability?
Alas, lacking an Esignal feed, I cannot really answer. I have been
reading Bugtraq for years and have never seen trading software
mentioned before. Since most omega list readers don't read Bugtraq, I
thought it would be prudent to pass it along.
I believe that there are different types of Esignal software products
available. Some of the simpler ones may run on port 80 datafeeds and
the warning may be directed towards those. The CMEs websheet product
does run on a web interface, but it uses a different port eventually.
Without fully understanding your network setup, I am somewhat hesitant
to make a recommendation, but it would seem that limiting network
traffic on ports 2189-2196 to esignals server ips would be a safe move.
That is what I used for CMEs websheet.
|