Results 1 to 3 of 3

Thread: defaults and security

  1. #1
    Join Date
    Nov 2006
    Posts
    2
    Rep Power
    9

    Default defaults and security

    Hi, recently installed the open source version of Zimbra on CentOS and like the interface. Performance hasn't been a problem, but we haven't done perf testing as of yet to see where it strains.

    On another note, I noticed a couple of things that seem odd.

    -Postfix is configured to give out it's default smtp banner.
    -Any mistyping in the url will show you an error page that tells you Apache Tomcat/5.5.15 is running instead of a page-not-found or page missing message.
    -A head request on the url tells you that Apache-Coyote/1.1 is running.
    -Requests to pop3/110 let's us know that the Zimbra POP3 server is ready.
    etc..

    Will be doing some digging to evaluate the security of the application/s before we decide to purchase. Just curious what measures have been taken to secure the install?

    Thanks.

  2. #2
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    Perhaps you could elaborate on what type of security you're talking about?
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    Join Date
    Nov 2006
    Posts
    2
    Rep Power
    9

    Default

    Literally the security of the application, Zimbra.

    Additionally, what other measures are in place to ensure the underlying applications are configured in a secure manner?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •