On Sep 11, 2013, at 18:48, E Frank Ball III fra...@efball.com wrote:
Last fall there was a debian 64-bit / nginx rootkit going around,
now I've been hit with what sounds similar but on 32-bit wheezy.
Here's a link to info on the previous 64-bit rootkit:
://www.cfengine.org/docs/cfengine-Reference.html
2. http://www.cfengine.org/docs/cfengine-Reference.html#packages
--
)(-
Luis Mondesi
Maestro Debiano
- START ENCRYPTED BLOCK (Triple-ROT13) --
Gur Hohagh [Yvahk] qvfgevohgvba oevatf gur fcvevg bs Hohagh gb gur
fbsgjner jbeyq.
- END
,
--
)(-
Luis Mondesi
Maestro Debiano
- START ENCRYPTED BLOCK (Triple-ROT13) --
Gur Hohagh [Yvahk] qvfgevohgvba oevatf gur fcvevg bs Hohagh gb gur
fbsgjner jbeyq.
- END ENCRYPTED BLOCK (Triple-ROT13) --
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe
that doesn't run is a *very* secure script.
That depends on the error handling.
Good one! LOL
spilling ugly db*connect() errors to the world to see is not very
secure indeed. or how about: foo() could not open /etc/my-secret-users
file
--
)(-
Luis Mondesi
Maestro Debiano
- START
me any other time with the same
stupid attack vector, shame on me.
Good that you took time to report this.
--
)(-
Luis Mondesi
Maestro Debiano
- START ENCRYPTED BLOCK (Triple-ROT13) --
Gur Hohagh [Yvahk] qvfgevohgvba oevatf gur fcvevg bs Hohagh gb gur
fbsgjner jbeyq.
- END
://wiki.debian.org/SELinux/Setup
http://wiki.debian.org/Hardening|Hardening
I know that you already had SELinux enabled (after the fact?). So, you
might already have enough information to build a better box.
--
)(-
Luis Mondesi
Maestro Debiano
- START ENCRYPTED BLOCK (Triple-ROT13
6 matches
Mail list logo
