On Mon, 2011-08-29 at 15:57 -0600, Corey Henderson wrote:
> Or install a security module to do that for you. One that I've written
> that is nearing the end of its beta:
>
> https://github.com/cormander/tpe-lkm
>
> In some cases, you can even tell it to let apache not exec anything at
> all, if
On Mon, 2011-08-29 at 16:24 -0400, John Hinton wrote:
> If you can get a good list of what is requested, such as the one started
> above, and 'if' none of those pages exist, you can use modrewrite to
> redirect them to 127.0.0.1. :) Effectively sending the request back to
> themselves. That ir
If they are looking for Micro$loth specific pages, I redirect them to
Micro$loth's Web site. I figure if they want Micro$loth stuff, may as well
send them to the source. :-)
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/
> On Mon, Aug 29, 2011 at 4:57 PM, Corey Henderson
> wrote:
>>> You can avoid a lot of the problems by making sure
>>> that apache can't write anywhere that is mounted with execute
>>> capability.
>>>
>>
>> Or install a security module to do that for you. One that I've written
>> that is nearing
On Mon, Aug 29, 2011 at 4:57 PM, Corey Henderson wrote:
>> You can avoid a lot of the problems by making sure
>> that apache can't write anywhere that is mounted with execute
>> capability.
>>
>
> Or install a security module to do that for you. One that I've written
> that is nearing the end of
> You can avoid a lot of the problems by making sure
> that apache can't write anywhere that is mounted with execute
> capability.
>
Or install a security module to do that for you. One that I've written
that is nearing the end of its beta:
https://github.com/cormander/tpe-lkm
In some cases, yo
On Mon, Aug 29, 2011 at 4:17 PM, Always Learning wrote:
>> That means he's not very good at it yet. The ones you need to worry
>> about will send quick exploit tests cycling through different
>> destinations, that if they succeed will post to a central receiver.
>> Then later, likely from a diffe
On Mon, 2011-08-29 at 15:52 -0500, Les Mikesell wrote:
> That means he's not very good at it yet. The ones you need to worry
> about will send quick exploit tests cycling through different
> destinations, that if they succeed will post to a central receiver.
> Then later, likely from a different
On Mon, Aug 29, 2011 at 3:14 PM, Always Learning wrote:
>
>> That probably means the intrusion is self-propagating. That is, if
>> the target is running some vulnerable php version or application, it
>> is able to install a copy of itself and start over.
>
> In this particular incident, I am reas
On 8/29/2011 3:25 PM, Always Learning wrote:
> On Mon, 2011-08-29 at 13:35 -0500, Les Mikesell wrote:
>
>> For light use you could drop in VMware server or player or virtualbox
>> without much effect on the current system. It shouldn't be necessary,
>> though, unless you'd like to install otherwis
On Mon, 2011-08-29 at 14:49 -0500, Les Mikesell wrote:
> Ummm, 30,000 isn't a particularly big number of hits to an apache
> server, especially if all it has to do is respond with a 'file not
> found'. But you are probably wise to be defensive.
If it was the usually 50 to 100 phpmyadmin attempt
Always Learning wrote:
>
> On Mon, 2011-08-29 at 15:31 -0400, m.r...@5-cent.us wrote:
>
>> Sorry, not a lunatic. Your website's name has been harvested, and added
>> to
>> some black-market commercial or script kiddie toolkit, and it's on
>> infected servers around the world. Take it from me... (I'
On 08/29/11 11:19 AM, Always Learning wrote:
>>
> I never ever give a virtual host declaration an IP address. If moving
> the virtual host to another server, I don't have to change anything
> expect the DNS. Also virtual hosts are web sites with different domain
> names, so I,,,
Always Talking
On Mon, 2011-08-29 at 15:31 -0400, m.r...@5-cent.us wrote:
> Sorry, not a lunatic. Your website's name has been harvested, and added to
> some black-market commercial or script kiddie toolkit, and it's on
> infected servers around the world. Take it from me... (I'm a contractor
> for a US Federal
On Mon, Aug 29, 2011 at 2:25 PM, Always Learning wrote:
>
>> For light use you could drop in VMware server or player or virtualbox
>> without much effect on the current system. It shouldn't be necessary,
>> though, unless you'd like to install otherwise conflicting rpm
>> packages or give root ac
Always Learning wrote:
>
> On Mon, 2011-08-29 at 13:35 -0500, Les Mikesell wrote:
>> So why can't you do that for your new virtualhost instead of running
>> on a different IP?
>
> A mentally deranged lunatic has sent 30,000+ wrong URLs to a tiny web
> site. Its started about 5 August but significa
On Mon, 2011-08-29 at 13:35 -0500, Les Mikesell wrote:
> For light use you could drop in VMware server or player or virtualbox
> without much effect on the current system. It shouldn't be necessary,
> though, unless you'd like to install otherwise conflicting rpm
> packages or give root access t
On Mon, Aug 29, 2011 at 1:19 PM, Always Learning wrote:
>
>> I was thinking virtualization (Xen or an OpenVZ style might be
>> appropriate).
>
> Perhaps when I start using Centos 6.1. KVM or XEN ?
For light use you could drop in VMware server or player or virtualbox
without much effect on the cur
On Mon, 2011-08-29 at 09:26 -0700, Ray Van Dolson wrote:
> I was thinking virtualization (Xen or an OpenVZ style might be
> appropriate).
Perhaps when I start using Centos 6.1. KVM or XEN ?
> Listen should be used in the global configuration. So, for example
> your 2.2 configuration file liste
On Mon, Aug 29, 2011 at 05:23:24PM +0100, Always Learning wrote:
>
> On Mon, 2011-08-29 at 09:13 -0700, Ray Van Dolson wrote:
>
> > First, this sounds like a messy way to do it... spinning up another
> > OS instance with the appropriate version of Apache you are after sounds
> > cleaner...
>
> I
On Mon, 2011-08-29 at 09:13 -0700, Ray Van Dolson wrote:
> First, this sounds like a messy way to do it... spinning up another
> OS instance with the appropriate version of Apache you are after sounds
> cleaner...
I have a spare server but I want to use an under-utilised one.
> As long as you k
On Mon, Aug 29, 2011 at 05:01:13PM +0100, Always Learning wrote:
>
> Just wondering how to run 2 versions of Apache on the same server,
> listening on different IPs and both on port 80.
>
> Does one give them, the httpd, different names and effectively duplicate
> most of the Apache set-up ?
>
Just wondering how to run 2 versions of Apache on the same server,
listening on different IPs and both on port 80.
Does one give them, the httpd, different names and effectively duplicate
most of the Apache set-up ?
I use Apache;s virtual hosts facility for normal purposes but this is
for a dif
23 matches
Mail list logo