[FX.php List] [OFF] Filemaker Web Security?

Leo R. Lundgren leo at finalresort.org
Thu Sep 4 01:15:38 MDT 2008 

I would interpret that question as if they are asking if there is any  
service where you can be sure to either find or automatically recieve  
from, security notifications about vulnerabilities in Filemaker, when  
they are discovered and disclosed. Many vendors have this, for  
example freebsd.org has a mailing list that sends out notifications  
of vulnerabilities, what products they affect, impacts, possible  
workarounds, and solutions/patches. There are also other  
vulnerability sites which publish vulnerabilities for various products.

I do not know if Filemaker has anything like this, I'm sure someone  
else does though. My impression is that it's quite quiet regarding  
vulnerabilities for Filemaker.

In any case, in your scenario, as you say, the PHP frontend (your  
code) and the Windows Server itself are probably the primary targets.


3 sep 2008 kl. 21.19 skrev Joel Shapiro:

> Hi all
>
> I just received the following question from the IT person at a  
> client of mine and I'm not sure what they're asking for.  Can  
> anybody offer me a clue on how to best respond?
>
> They wrote:
> "Given the number of web site compromises that have occurred, I am  
> wondering about Filemaker server security. Is there a security  
> notification service for Filemaker about vulnerabilities? I worry  
> about possible compromises to the web based FileMaker site on our  
> server."
>
> They are running FMSA9 & FX.php on Windows Server 2003 (one-machine  
> config).  The site has a valid SSL cert., the machine is behind a  
> firewall (such that you need VPN access to open the DB remotely), &  
> FMS has Secure Connections (SSL) enabled between FMS & the WPE.
>
> They've been up and running for over two years.  I upgraded them to  
> FMS9 over the summer, and they made sure their OS was fully up-to- 
> date beforehand.
>
> What kind of " security notification service" might they be looking  
> for?
>
> TIA,
> -Joel
>
>
> _______________________________________________
> FX.php_List mailing list
> FX.php_List at mail.iviking.org
> http://www.iviking.org/mailman/listinfo/fx.php_list


-|

More information about the FX.php_List mailing list